urlscan.io logo urlscan.io
SecurityTrails logo

www.gosecure.net Open in urlscan Pro
104.198.102.131  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Submission: On September 05 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 3 countries across 13 domains to perform 93 HTTP transactions. The main IP is 104.198.102.131, located in The Dalles, United States and belongs to GOOGLE, US. The main domain is www.gosecure.net.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 2nd 2023. Valid for: a year.
This is the only time www.gosecure.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 104.198.102.131 15169 (GOOGLE)
9 2606:4700:20:... 13335 (CLOUDFLAR...)
56 141.193.213.10 209242 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 34.251.226.240 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 23.210.118.178 16625 (AKAMAI-AS)
2 2a02:26f0:ce:... 20940 (AKAMAI-ASN1)
6 2a00:1450:400... 15169 (GOOGLE)
1 192.28.147.68 15224 (OMNITURE)
1 2600:9000:20e... 16509 (AMAZON-02)
4 4 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 52.208.235.220 16509 (AMAZON-02)
93 15
5    104.198.102.131 (The Dalles, United States)

ASN15169 (GOOGLE, US)
PTR: 131.102.198.104.bc.googleusercontent.com
www.gosecure.net
9    2606:4700:20::ac43:44d6 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-cookieyes.com
56    141.193.213.10 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
gosecure.wpenginepowered.com
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    34.251.226.240 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-226-240.eu-west-1.compute.amazonaws.com
log.cookieyes.com
4    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
img.youtube.com
2    23.210.118.178 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-118-178.deploy.static.akamaitechnologies.com
munchkin.marketo.net
2    2a02:26f0:ce::215:e439 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
6    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    192.28.147.68 (United States)

ASN15224 (OMNITURE, US)
483-djt-468.mktoresp.com
1    2600:9000:20eb:d200:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.linkedin.oribi.io
4    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
1    52.208.235.220 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-235-220.eu-west-1.compute.amazonaws.com
directory.cookieyes.com
Apex Domain
Subdomains		 Transfer
56 wpenginepowered.com
gosecure.wpenginepowered.com
1 MB
9 cdn-cookieyes.com
cdn-cookieyes.com — Cisco Umbrella Rank: 13383
82 KB
6 gstatic.com
fonts.gstatic.com
245 KB
5 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 365
www.linkedin.com — Cisco Umbrella Rank: 625
px4.ads.linkedin.com — Cisco Umbrella Rank: 6371
6 KB
5 gosecure.net
www.gosecure.net
48 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47
271 KB
3 cookieyes.com
log.cookieyes.com — Cisco Umbrella Rank: 14690
directory.cookieyes.com — Cisco Umbrella Rank: 16521
567 B
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 760
9 KB
2 marketo.net
munchkin.marketo.net — Cisco Umbrella Rank: 3330
6 KB
1 oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 881
375 B
1 mktoresp.com
483-djt-468.mktoresp.com
318 B
1 youtube.com
www.youtube.com Failed
img.youtube.com — Cisco Umbrella Rank: 3126
117 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 41
1 KB
93 13
Domain Requested by
56 gosecure.wpenginepowered.com www.gosecure.net
gosecure.wpenginepowered.com
9 cdn-cookieyes.com www.gosecure.net
cdn-cookieyes.com
6 fonts.gstatic.com www.gosecure.net
fonts.googleapis.com
5 www.gosecure.net www.gosecure.net
4 www.googletagmanager.com www.gosecure.net
3 px.ads.linkedin.com 3 redirects
2 snap.licdn.com www.gosecure.net
snap.licdn.com
2 munchkin.marketo.net www.gosecure.net
munchkin.marketo.net
2 log.cookieyes.com cdn-cookieyes.com
1 directory.cookieyes.com cdn-cookieyes.com
1 px4.ads.linkedin.com www.gosecure.net
1 www.linkedin.com 1 redirects
1 cdn.linkedin.oribi.io gosecure.wpenginepowered.com
1 483-djt-468.mktoresp.com munchkin.marketo.net
1 img.youtube.com www.gosecure.net
1 fonts.googleapis.com www.gosecure.net
0 www.youtube.com Failed www.gosecure.net
93 17
Subject Issuer Validity Valid
*.gosecure.net
Sectigo RSA Domain Validation Secure Server CA		 2023-06-02 -
2024-06-01		 a year crt.sh
cdn-cookieyes.com
GTS CA 1P5		 2023-08-06 -
2023-11-04		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-03-19 -
2024-03-18		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
log.cookieyes.com
Amazon RSA 2048 M02		 2023-04-25 -
2024-05-24		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.marketo.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-06 -
2024-02-05		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-02-01 -
2024-01-31		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.mktoresp.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-05 -
2023-11-05		 a year crt.sh
linkedin.oribi.io
Amazon RSA 2048 M01		 2023-06-08 -
2024-07-07		 a year crt.sh
directory.cookieyes.com
Amazon RSA 2048 M02		 2023-03-03 -
2024-04-01		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Frame ID: C65A60B66837AE0CFEE4E47A77F764A3
Requests: 92 HTTP requests in this frame

Frame: https://www.youtube.com/embed/81zbtlOMTzU?mute=1
Frame ID: 8F20D44B82DA9729C567782AE67FF5B6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Current MFA Fatigue Attack Campaign Targeting Microsoft Office 365 Users - GoSecure

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • jquery[.-]mobile(?:-([\d.]))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • prism\.js
Overall confidence: 100%
Detected patterns
  • snap\.svg(?:-min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

93
Requests

98 %
HTTPS

53 %
IPv6

13
Domains

17
Subdomains

15
IPs

3
Countries

2116 kB
Transfer

4131 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 74
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2514017&time=1693950082835&url=https%3A%2F%2Fwww.gosecure.net%2Fblog%2F2022%2F02%2F14%2Fcurrent-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users%2F HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2514017&time=1693950082835&url=https%3A%2F%2Fwww.gosecure.net%2Fblog%2F2022%2F02%2F14%2Fcurrent-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users%2F&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2514017%26time%3D1693950082835%26url%3Dhttps%253A%252F%252Fwww.gosecure.net%252Fblog%252F2022%252F02%252F14%252Fcurrent-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2514017&time=1693950082835&url=https%3A%2F%2Fwww.gosecure.net%2Fblog%2F2022%2F02%2F14%2Fcurrent-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users%2F&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2514017&time=1693950082835&url=https%3A%2F%2Fwww.gosecure.net%2Fblog%2F2022%2F02%2F14%2Fcurrent-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users%2F&cookiesTest=true&liSync=true&e_ipv6=AQJmWKXbD8AJWQAAAYpnSwMYRevtPo5am8Dy__zTN3rmo4ArPe-cZtG1VDCZ7uBSQg

93 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/ 		233 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.102.131 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
131.102.198.104.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
ead6948bfe0544b6fc3467cd20a27bf6ed695df9c89b35237cbab61e9f7d3cc5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=600, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 05 Sep 2023 21:41:22 GMT
last-modified
Wed, 16 Feb 2022 08:36:12 GMT
link
<https://www.gosecure.net/wp-json/>; rel="https://api.w.org/" <https://www.gosecure.net/wp-json/wp/v2/posts/3683>; rel="alternate"; type="application/json" <https://www.gosecure.net/?p=3683>; rel=shortlink
server
nginx
vary
Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
MISS
x-cache-enabled
False
x-cache-group
normal
x-cacheable
SHORT
x-powered-by
WP Engine
x-wpe-request-id
4613eac13510f599b29b17b2d3f4c4db
script.js
cdn-cookieyes.com/client_data/b8b0a28b3bd290fb3677d2ac/ 		94 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-cookieyes.com/client_data/b8b0a28b3bd290fb3677d2ac/script.js
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:44d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a856a8d9fe8d35058be88f023a2afb47b27dd5c23c6768f2c870a2bb6c2b5711

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 21 Aug 2023 19:46:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
42713
etag
W/"178df-603742304e70d-gzip"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=27x5GYD6FjB%2Bu2sY9ABVSfpLnEVdMQFpAs9TbV8j8EcsewEZ9calb4kIz7591VKsFCBLc%2BMtY5vcPWWbgvvOAtvgKMAEXR9y2%2BXf2C4hlBFDsE740O6ItIjcwVkoBuvagIdZ%2BBqc1ZpYQZKlZtGd"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray
8021a2ce2ed93642-FRA
style.min.css
gosecure.wpenginepowered.com/wp-includes/css/dist/block-library/ 		102 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gosecure.wpenginepowered.com/wp-includes/css/dist/block-library/style.min.css?ver=6.3
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1108857
x-wpe-request-id
8519a6ecdc8c41fca508187f1e5e01f2
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 19 Jul 2023 11:13:55 GMT
server
cloudflare
etag
W/"64b7c573-19824"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=08ebW9y44nAheiELlIavV6rAWGfhi4pQpapEUg4eg7ewWXkx%2FwtX9gN0uUQddtGJZSWk%2B03oWxexDdWleWNmfqyuHmISXwXTIeP%2F%2FDInT%2F2%2BzQfCEuUPxjeHTjpR5anwW2ihCnH486upFQ8n6WE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8021a2ce3d1b2bec-FRA
pagenavi-css.css
gosecure.wpenginepowered.com/wp-content/plugins/wp-pagenavi/ 		374 B
730 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gosecure.wpenginepowered.com/wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2711e9edc60964dcb5aada1bfa59c2d68d3d9dc1baf4a5ee058b4c1bd32c3eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 12 Jul 2021 17:51:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4785344
etag
W/"60ec8121-176"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6mPabRy0ag%2BZDZDunXjNRUNFP4GLmDcV%2FOiElNryWw%2B67BeBfUAOihsnNWuqpE59LjFe4t%2FNn3D5AZfHkO2kAhTrhjPZp0ZmD%2BjDyfEqobksFrW%2BC5p%2Fat2HYvcRJxdxcNlhxjTOeeLWovGjoEM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8021a2ce3d1c2bec-FRA
alt-svc
h3=":443"; ma=86400
style.css
gosecure.wpenginepowered.com/wp-content/plugins/monarch/css/ 		113 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gosecure.wpenginepowered.com/wp-content/plugins/monarch/css/style.css?ver=1.4.14
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f820d93daf383e178bda2912f5bee00e90e56390597820622643fa8e5e487143

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 12 Jul 2021 17:51:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4785344
etag
W/"60ec8121-1c56d"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d307d9xmhA3LKHAetu6y9drDjouShBH7BvcCTsa7nJdZvA4lSlKobVBcB%2FJY22PL1RH%2B7Q2iJR0GB3QfW23RTp%2Fr9UEeWWCKjojoZRyd61W7ljmYXb%2B%2FU4ubaAIqSOSq0RAkAhRu%2BgBOnB8aARE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8021a2ce3d1d2bec-FRA
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
67eb879fb1645c73ccbaac598e815fd3901eb5114228021d686b8b5e470edbbd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 05 Sep 2023 21:41:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 05 Sep 2023 20:45:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 05 Sep 2023 21:41:22 GMT
log
log.cookieyes.com/api/v1/ 		2 B
153 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://log.cookieyes.com/api/v1/log
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/b8b0a28b3bd290fb3677d2ac/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.226.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-226-240.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.gosecure.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryqBYruO3zBzRQVxdk

Response headers

access-control-allow-origin
*
date
Tue, 05 Sep 2023 21:41:22 GMT
x-powered-by
Express
content-length
2
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type
text/plain; charset=utf-8
banner.js
cdn-cookieyes.com/client_data/b8b0a28b3bd290fb3677d2ac/ 		96 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-cookieyes.com/client_data/b8b0a28b3bd290fb3677d2ac/banner.js
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/b8b0a28b3bd290fb3677d2ac/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:44d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8fd577fcd5d95af970e755158bc19f8762e576cef68734c55eb9ef3426d3aa1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 21 Aug 2023 19:46:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
42712
etag
W/"17fa6-603742304e70d-gzip"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xg81f9tH%2FSOToRAv1KDyD9s4eVAFO8%2BoBDVTUssz7QB6AHvimmxDOV7Ndh5l%2BSFO6K9KkncrNMPUHlNGCigh9OWmNqq%2FJchLHR97JlFlVDEJZ5rm8%2F6S04GEvp3b9zELIXQ%2BHPSywNIimzfZMocG"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray
8021a2ce6f1c3642-FRA
style.css
gosecure.wpenginepowered.com/wp-content/themes/Divi-child/ 		455 B
598 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gosecure.wpenginepowered.com/wp-content/themes/Divi-child/style.css?ver=1.0.0
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2497f7794b8eadd25a67d5fd060865507d73c193222806e0e489adaf5e39fe38

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 12 Jul 2021 17:51:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4785344
etag
W/"60ec8120-1c7"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2bOqA6qgIpeXRs6X8TVbtWKm6zTw1SEcjysSWPEdEM7ar6SHyII3vbIDVbABpNhaFNlxy%2FCU4dnQhUtr6BibWIuIf8jdAmxlkPP%2BZ3CFm2IqLJqAE5QMmX1GT%2BwfEUT%2F0w03ZiPJlg749ixnSb8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8021a2cebdb22bec-FRA
alt-svc
h3=":443"; ma=86400
formreset.min.css
gosecure.wpenginepowered.com/wp-content/plugins/gravityforms/legacy/css/ 		4 KB
674 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gosecure.wpenginepowered.com/wp-content/plugins/gravityforms/legacy/css/formreset.min.css?ver=2.7.3
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
678dcb871057c9c23fbf3657ffa7ce50368492e621034fa0a8d701e7d78ee9e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 30 Mar 2023 01:23:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2303389
etag
W/"6424e494-f14"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yXtPBDhWbEB24Nm4ROjp1JyuRa78rBJCRc4QE6y0Sue0RIkHS2F2lRsBLsrb3NGoSPE1tBWFP%2B5ToQVUn%2Bq7swCEy%2F9tDnwTxj%2FY3j87FlcAQYRitvldE7z7hhIJ7ouxKkshfBnBHQ0ZWTsF%2Bzo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8021a2cebdb72bec-FRA
alt-svc
h3=":443"; ma=86400
formsmain.min.css
gosecure.wpenginepowered.com/wp-content/plugins/gravityforms/legacy/css/ 		78 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gosecure.wpenginepowered.com/wp-content/plugins/gravityforms/legacy/css/formsmain.min.css?ver=2.7.3
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0d7697b93bb46aaa27569e89afa772f42f9e10099b6304fa3ca3b79f065f356

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
46196
x-wpe-request-id
4f260e5515e0a17d97ca689149acae50
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 30 Mar 2023 01:23:32 GMT
server
cloudflare
etag
W/"6424e494-139cf"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qj%2FYnSUFRivaEf4nKRtYRExpGk79oHAEiCzKyI0LrUip6kC1dN4ViYMbnZXIsxQjRP7BVQvwUyrbsB7Bz3TAxjjT5t1UARzDC1QYDtfHLfbDG%2FyxduUJKyTZUwbK7E%2FKbNseDkHpvo6LRZsWGJE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8021a2cebdb82bec-FRA
readyclass.min.css
gosecure.wpenginepowered.com/wp-content/plugins/gravityforms/legacy/css/ 		29 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gosecure.wpenginepowered.com/wp-content/plugins/gravityforms/legacy/css/readyclass.min.css?ver=2.7.3
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6c948a73ea3f054f417a3a60d18db48711bb86a0e12cea24fc5f858d2a42c4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1690372
x-wpe-request-id
621b674f20c970cf31d2c6af5766bc77
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 30 Mar 2023 01:23:32 GMT
server
cloudflare
etag
W/"6424e494-726e"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UHXVFQN5ZPgfQ87Nh%2Ft98qWFcvPj%2BKLuvjpVpXt5RKuAySErT1BAa%2B0ZMpsgF5J0eEb5qxDQw2ecU5qgXUmefQKFocD4CHoWph5qvBYj%2Bv7uQwB2Yrg7wsS2CvMZlxHMsQt4GWCQQnEtPSNHylo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8021a2cebdba2bec-FRA
browsers.min.css
gosecure.wpenginepowered.com/wp-content/plugins/gravityforms/legacy/css/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gosecure.wpenginepowered.com/wp-content/plugins/gravityforms/legacy/css/browsers.min.css?ver=2.7.3
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
00248c12820088fc97a123ac8bf5140334781d5af8addbd3a6f8fa4ae909efb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 30 Mar 2023 01:23:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2303389
etag
W/"6424e494-2015"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IUhqQo6b7BX%2FzbJsj4ky8o6JmtK3yoruZA0fXU49nqxzRqPorEd6rXM6%2B83b9xM%2BAiiYCyKBzHUJaiNbmC48AQeNfzxr8H86u06WAnNQ3o6cbgyqVh6fP7MC2%2Fbiey74LOysFNF59MsFhqDmnDo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8021a2cebdbb2bec-FRA
alt-svc
h3=":443"; ma=86400
main.css
gosecure.wpenginepowered.com/wp-content/plugins/divi-bars/assets/css/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gosecure.wpenginepowered.com/wp-content/plugins/divi-bars/assets/css/main.css?ver=6.3
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0345fa64565916e491d5d12c4902189eb44a5b0668c79106fe0dbe9fb63cda7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1108857
x-wpe-request-id
6ef15ca44f45bbc7f25bae2e142199e9
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 17 Sep 2021 20:24:35 GMT
server
cloudflare
etag
W/"6144f983-297d"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rebAKJnKA%2Bs3Vvku5DSKt2opkRqmuvYGmc7%2BDMb6YAXtPeHDilEEYIVnVo9t29b5kNkdHoddN2SbLdy78hvdZFEx8BG1LDgEVhXlBRNcNFkLcLcmwqLCbkiDOzuoVlAVhsw2nPNvIMR97%2FBMwMM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8021a2cebdbc2bec-FRA
main.css
gosecure.wpenginepowered.com/wp-content/plugins/divi-mega-pro/assets/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gosecure.wpenginepowered.com/wp-content/plugins/divi-mega-pro/assets/css/main.css?ver=6.3
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0f739ada3c3f10ded38699bf6c8c2fc506ae0edb1bab59cf3e8a61b8d4e921

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1108857
x-wpe-request-id
7196a4e4c331d6f7b2fc7e614960b637
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 28 Jun 2022 16:16:41 GMT
server
cloudflare
etag
W/"62bb2969-1e6a"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mDJNmMiDmnJ8eIWhuW5VhnoYasMomDMb6nM5FbeC4lq2f%2FFs0vpPdVYWC4e2VEpmEmfauDF8D9s%2BDcb5YAGU9cRbKqHJv%2FlzBaIWK9xGybZUqDnuO2TbJ%2F2FIs0mKuHTNCmkbj1RPDd9a2qIot8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8021a2cebdbd2bec-FRA
main-media-query.css
gosecure.wpenginepowered.com/wp-content/plugins/divi-mega-pro/assets/css/ 		2 KB
769 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gosecure.wpenginepowered.com/wp-content/plugins/divi-mega-pro/assets/css/main-media-query.css?ver=6.3
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
79f9bdb472155b894adf0013bd95a6f0c3517b1edea6f6aa44d80bc4240b3960

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
46196
x-wpe-request-id
68182c71b676cc68c2c5eb6128fdef37
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 28 Jun 2022 16:16:41 GMT
server
cloudflare
etag
W/"62bb2969-97a"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=55GRZhuAjj%2F3CJur0FAQp4E5SUCZQt2BreYZe4EWQx51MWvumWNup%2BD9HBUdMyNbhL2aBIeGz8ycamms7HhvQImbldI%2BN9ze7NfBEBpyPw7H3jLy8%2Bx6UB5bX3Y19fnL6maNxEU6D%2Fo5XP6tgQc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8021a2cecdbe2bec-FRA
animations.css
gosecure.wpenginepowered.com/wp-content/plugins/divi-mega-pro/assets/libraries/tippy/css/ 		3 KB
712 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gosecure.wpenginepowered.com/wp-content/plugins/divi-mega-pro/assets/libraries/tippy/css/animations.css?ver=6.3
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
58cbc42e1cebba29c112d9959d88a600fbd16cae6b9c847001c140241dac519e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1108857
x-wpe-request-id
1a442f18a41d8fe1b69b3ca374faa2ae
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 28 Jun 2022 16:16:41 GMT
server
cloudflare
etag
W/"62bb2969-b6c"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xbADAU7cVXZfXb%2B2mYiuFTE8MzQ2Uu9cxMarpsyZq9%2FAXZcHvV70oNES421auqnZ8WVllFCJhLu4OL93pXNp0ebeLtQcVbVRyjM6iU%2B5h%2FVYuFJkjAvOZSNoW1aCu0iJt98YdfqutlXjbrMFHX8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8021a2cecdbf2bec-FRA
jquery.min.js
gosecure.wpenginepowered.com/wp-includes/js/jquery/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gosecure.wpenginepowered.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1108857
x-wpe-request-id
18ad8e37a4a7af3ad6bed383ad0e3ea0
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 26 May 2023 11:33:35 GMT
server
cloudflare
etag
W/"6470990f-155ba"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v6xdtMdIypKqxrNAbLZLyKYE5uN9cHGBEluwP7azBwDaw5m9s5g%2FBlylMFxOK5yKn6pVB8pmX%2FJ8VjwHYguh%2F0C3PxIusnO2p7vq1HG2MXieF89%2BuqkNyJ8OP8Xtvu24j%2BmU2pOy1gAPlHC9ElI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8021a2cecdc02bec-FRA
jquery-migrate.min.js
gosecure.wpenginepowered.com/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gosecure.wpenginepowered.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1108857
x-wpe-request-id
767b404d3ac084858fa5f085f080521d
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 09 Jun 2023 05:49:24 GMT
server
cloudflare
etag
W/"6482bd64-3509"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SHTzKdgcmfpxCk9zBR2d3kiu8BiroWNNS1Q7V5IEQA%2BzYR77b0bj2gk8YajmwoNbJbnUZ8%2F9v8H642Qp9d7V%2FyIATntkO5EfomUArCPTFlV9AZXVj78M9NgrqOTRARkPNCNLvi6iGeWjOgshJy4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8021a2cecdc52bec-FRA
snap.svg-min.js
gosecure.wpenginepowered.com/wp-content/plugins/divi-bars/assets/js/ 		65 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gosecure.wpenginepowered.com/wp-content/plugins/divi-bars/assets/js/snap.svg-min.js?ver=6.3
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3febd731867ee3bf9bd30b0b6ecca16e30179de101329318385cd7dd9a692ad9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
46196
x-wpe-request-id
0e2a1cd9292712a1f5724998bf7392ab
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 17 Sep 2021 20:24:35 GMT
server
cloudflare
etag
W/"6144f983-105b2"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tbark4SkuRepab1P6Vz1uAOKupeLmxmakYacIrJJ4Ob7%2Fpp%2BZKzncCm1m%2BYM0TiqNNLGmD5UOjxiWYozmucAjzhavozpOVVvX%2ByG7HkslHJoFKtjfSoLT5iQDF%2BGA0F5%2Fsq5cbFa5JTcGdThYD4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8021a2cecdc72bec-FRA
modernizr.custom.js
gosecure.wpenginepowered.com/wp-content/plugins/divi-bars/assets/js/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gosecure.wpenginepowered.com/wp-content/plugins/divi-bars/assets/js/modernizr.custom.js?ver=6.3
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4271407807f1e49734ce4895663f3496efc37e546f30a960bffc5a23462b2139

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
46196
x-wpe-request-id
1977ae1b303a0ea6fca0bea3b99a3ddb
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 17 Sep 2021 20:24:35 GMT
server
cloudflare
etag
W/"6144f983-20b3"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j9QdAjDkfBjFA00LzQvfu5FLU5bjEvllW48iTsr21UTkABfUlsfE6VymU6a0k4UvS1B82%2BQZLUjGfax3z1Ew6Lw%2BUFRtwmpjW6Nsme8f%2FdV0xog%2B34X2ozST3jOTTfWNw6M0HIaeU1BmgYmx8fw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8021a2cecdc82bec-FRA
jquery.transit.min.js
gosecure.wpenginepowered.com/wp-content/plugins/divi-bars/assets/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gosecure.wpenginepowered.com/wp-content/plugins/divi-bars/assets/js/jquery.transit.min.js?ver=6.3
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b87a00a3e5e259e48c3c73e45c02ce241a9ec58e727f2e3adcd858f899b177b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1108857
x-wpe-request-id
b23d865dd337d92ffbd44a796433b501
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 17 Sep 2021 20:24:35 GMT
server
cloudflare
etag
W/"6144f983-1f61"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cHt%2BHzowc%2B4Zx%2FSr4n4e6QRKqvvwC5ZnmRQy9xlyadBHITs5oxzH6RM30%2F%2FmIE3jWHAuSHMnYO83zKoqEODyVIxAqnjWD8JjgWL0zr4lHGdZ1ilgQxM%2FLvYM%2BRqTqkBuYvQIY%2FeOMvTMa7Roc9A%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8021a2cecdc92bec-FRA
actual.min.js
gosecure.wpenginepowered.com/wp-content/plugins/divi-bars/assets/js/ 		936 B
869 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gosecure.wpenginepowered.com/wp-content/plugins/divi-bars/assets/js/actual.min.js?ver=6.3
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9fbb3259383f2388c95bb3256cecd0c1c00b7c0dfe1c67f7779dbe9f06a0065

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1108857
x-wpe-request-id
b44c7210b98b2c08218c32609303abf2
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 17 Sep 2021 20:21:34 GMT
server
cloudflare
etag
W/"6144f8ce-3a8"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mJBrb5H2IY035M1FqNWy22p5gQy1%2BJAC3t1u0ZtQjvRoH3ho5S7qN%2FYC6oE%2Brujb3EphEEyNW12ut0%2BBixmCk%2FvQcdih%2BkCpCueDoHKv1klS%2BQfRRob7eDw89REqgBH740FaTf0WtOutoPYamJk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8021a2cecdca2bec-FRA
popper-1.16.1.min.js
gosecure.wpenginepowered.com/wp-content/plugins/divi-mega-pro/assets/js/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gosecure.wpenginepowered.com/wp-content/plugins/divi-mega-pro/assets/js/popper-1.16.1.min.js?ver=1.9.7
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e07ef9f5dc003b0b5f49ab292caa264d8beba77285185625e2ee297b3d8818ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
46196
x-wpe-request-id
917020ed348b8f37935c40d3b19f0238
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 28 Jun 2022 16:16:41 GMT
server
cloudflare
etag
W/"62bb2969-52cd"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lrtqjhRibn2ig5oUM9Lr7qAp%2F1rUS4nILYiu7A7ubAHmJOTi%2Bwh%2FNo6dHnXLuKbCNOg0E%2Bsj3M5Ir6Sj5wPbwLgVQESqYkEcHxplvEGUSsdMpYOPaf9xLBMoh4onVOtY%2Bbz7DRBBoOmZSfFELNk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8021a2cecdcb2bec-FRA
tippy-5.2.1.min.js
gosecure.wpenginepowered.com/wp-content/plugins/divi-mega-pro/assets/js/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gosecure.wpenginepowered.com/wp-content/plugins/divi-mega-pro/assets/js/tippy-5.2.1.min.js?ver=1.9.7
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3af8067816393fb9aa595e3cb474614c0f21fec6afa2e75a801d3be9c28ea421

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 28 Jun 2022 16:16:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4785344
etag
W/"62bb2969-59a8"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aj2vupHtcbrERtWhCWdvtHmY9uRskR8ozU3mCos4bFTHB1umPAQcjflP%2BD%2BVJBt4884y%2BNFQM5YxWlko%2F4t7fyV5SzT4aXHGXMo25v5Tk4gKLLJJYs7G61CgQTo%2FC9Ydmp6x6fgwPQOxjm0f0Ek%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8021a2cecdcc2bec-FRA
alt-svc
h3=":443"; ma=86400
magnific_popup.css
gosecure.wpenginepowered.com/wp-content/themes/Divi-child/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gosecure.wpenginepowered.com/wp-content/themes/Divi-child/magnific_popup.css
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
65bcb8525bbbd33a618cdbfa015bd5e5b4f4510a8090f927a9fbb069beb12f78

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 19 Dec 2022 22:56:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2303389
etag
W/"63a0ec06-19a5"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LEhG%2FX%2BFS0v5s08iBIJZf4gHuzaXcXkltwsXrIoMGUFow90YWLnp0GIyxKUJDUZmr9Fz7tx6YWLF9VdCIRj51yoSTG6lJNnBf%2BVtkigvLxoCei4cRWVcHyzaROXooZdJOmIRypE1%2FFvjNsJ2GJQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8021a2cecdc42bec-FRA
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		128 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-153352998-1
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9ee6ddd14fdba9dd6059ca861be2ab7ca285e68ba520b81ba6648354877e74f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
50127
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 05 Sep 2023 21:41:22 GMT
js
www.googletagmanager.com/gtag/ 		261 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VGSJZ14GQC
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
50998eebe0e6cd911a7ee7bb5af0fa56d8f105ecefea126bfe5f6bb996cd7159
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89229
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 05 Sep 2023 21:41:22 GMT
js
www.googletagmanager.com/gtag/ 		128 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-153352998-7
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e2a35aa40c36505c0ca9c29332078410a2477dceffe3bb65e0382fdeadd85a92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
50103
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 05 Sep 2023 21:41:22 GMT
js
www.googletagmanager.com/gtag/ 		253 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-J3RXF0LKJL
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
470424b6b430d0f7e308bed018538e3b255af882a153cb2b03d9f8455db02272
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87365
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 05 Sep 2023 21:41:22 GMT
et-divi-customizer-global.min.css
www.gosecure.net/wp-content/et-cache/global/ 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gosecure.net/wp-content/et-cache/global/et-divi-customizer-global.min.css?ver=1693950081
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.102.131 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
131.102.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
9ed2aa3dbd3187a0076ac2c1de45c695e6f3767c2ff6fc64b1d0db35c3eef4a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
content-encoding
br
last-modified
Tue, 05 Sep 2023 21:41:21 GMT
server
nginx
etag
W/"64f7a081-3e14"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-wpe-request-id
4af748f44f47d39140c73f98e3aa735f
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
fr-ca.png
gosecure.wpenginepowered.com/wp-content/uploads/ 		358 B
935 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gosecure.wpenginepowered.com/wp-content/uploads/fr-ca.png
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9079402a04ecb1b8f96a2c4fddbad4d1a195c06406fcd4e592c30c72373c61b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
796232
cf-polished
origFmt=png, origSize=570
x-wpe-request-id
855b037bc74e389914df26d7ca12944f
content-disposition
inline; filename="fr-ca.webp"
alt-svc
h3=":443"; ma=86400
content-length
358
cf-bgj
imgq:100,h2pri
last-modified
Mon, 12 Jul 2021 17:51:27 GMT
server
cloudflare
etag
"60ec811f-23a"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R0gx6X8eFR3CfaksZLk2eRHZvuMxLybyR%2Btm%2FyKFBKJBIPjNgYtG%2F0T8XcxdqzgZ6uIA3iLybQ8GMo%2Fr3rlO%2BcRAq9x90kD%2B%2FXflChbXV0JS%2BvThHb6UHPdzy4SE7K12eX1acqbjXav1H%2Bt5fOI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8021a2cf2f451959-FRA
GoSecure-logo-web-150x.png
gosecure.wpenginepowered.com/wp-content/uploads/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gosecure.wpenginepowered.com/wp-content/uploads/GoSecure-logo-web-150x.png
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d213f9e03ed01a6b27e1a8d4566ee5d51b2d7bcabd37fac5cf7651941dcac110

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
42474
cf-polished
origFmt=png, origSize=2830
x-wpe-request-id
6db4d314018724c09fb23d16def87b58
content-disposition
inline; filename="GoSecure-logo-web-150x.webp"
alt-svc
h3=":443"; ma=86400
content-length
1036
cf-bgj
imgq:100,h2pri
last-modified
Mon, 12 Jul 2021 17:51:26 GMT
server
cloudflare
etag
"60ec811e-b0e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K46dKc%2FdcpEZftPCHn9RjFUZ5r5bxDWeCgIg6%2FqJQApjTsM6R421P8izaK3n3Zx6zklFvk%2B0NHitTLhtvr%2FS0%2F8FIHKiBhb%2BAoCqUDAp46HzkX6KNNrsLbEx36fYqObOIt5Rxdkuv%2BsQslE2Frk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8021a2cf2f471959-FRA
prism.css
gosecure.wpenginepowered.com/wp-content/uploads/prism/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gosecure.wpenginepowered.com/wp-content/uploads/prism/prism.css
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7aeb6a117b7678dca80f0624357dc137b68a13b25d3725256f9decde6699b118

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 19 Oct 2021 00:03:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2329322
etag
W/"616e0b6e-c66"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ck1S%2Bak7yuYhmA%2B0Nj2KyFiY9I26HGzdaJK%2BiVXkuSApA9FCw94Tat11iPqTjsZfnuvVvYRF%2Be60gfoWDkfk2iDBvRo7JzohHI8UeNH8oOv9%2BN2uCdqfbc04yXIMO80FBvIWlH7NBEbV5jRL42A%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8021a2cf1f0e1959-FRA
alt-svc
h3=":443"; ma=86400
prism.js
gosecure.wpenginepowered.com/wp-content/uploads/prism/ 		63 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gosecure.wpenginepowered.com/wp-content/uploads/prism/prism.js
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
56f5468a54d4cdd054959fa59d8593d89e30f976d88b6eb6a65e08257781853b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 19 Oct 2021 00:03:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3947818
etag
W/"616e0b6f-fa42"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VsiRlEsQjzNg9oTq6FQFoEL8iLnQ6j%2FRKwWsoInM0I6Fc70hXzMMF5xABLZ%2FZe5zw2INLP3xvyRd0WQ9Ljkk%2FEbpPgkMIo0O3Ji2ex5lV7oDWMcOY%2FF3coeRsLegEI%2BEKtBk5L4yvBBuFV22jd4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8021a2cf2f231959-FRA
alt-svc
h3=":443"; ma=86400
mfa-1024x682-1.jpg
gosecure.wpenginepowered.com/wp-content/uploads/ 		99 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gosecure.wpenginepowered.com/wp-content/uploads/mfa-1024x682-1.jpg
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c567d2fbfe82e5f1f5844c99a9ad70f498734c99575828a00f92eafa7db53906

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-wpe-request-id
068b97f0b298d242a5791d08faad7d54
alt-svc
h3=":443"; ma=86400
content-length
101052
last-modified
Mon, 14 Feb 2022 17:38:34 GMT
server
cloudflare
etag
"620a939a-18abc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kiaUGn%2BIjKGy5Rovo8rImGR3BLqxC0ZhDA6q7J9A88%2BZy%2FuaOAmqg6BHulTUVBcPlQcP6%2FNrZzO%2B40HeSqDSHmoJqf%2BvH1zeIXyJj5yCTmz6fPpP4rshk7FVDrhafV8MAs49kRny3FzB7JJ%2FcH8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8021a2cecdcd2bec-FRA
sing-in-logs-1024x256-1.png
gosecure.wpenginepowered.com/wp-content/uploads/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gosecure.wpenginepowered.com/wp-content/uploads/sing-in-logs-1024x256-1.png
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3e6afc105537ee504389a720c2aa9fb2a56cfc97596f9875a011b0a2b327350

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-wpe-request-id
22147604fed0972fd8b55ec1af5f6feb
alt-svc
h3=":443"; ma=86400
content-length
72274
last-modified
Mon, 14 Feb 2022 17:38:39 GMT
server
cloudflare
etag
"620a939f-11a52"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GtuugufOqMVS8eLNn7DppO1s4i%2FAlQvulYuZ4M3h3Fs5bX4YujTqzvTPpPZf0sML0m85b%2Bag0ecuJN9b3pkAGRWr1aq7YtX0JNYlNhUgeNhguD%2B0zeHhgbBbYwrkeKrgOfkpnakECRXbX5E56AU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8021a2cf2f481959-FRA
GS-Titan_Logo_1000x.png
gosecure.wpenginepowered.com/wp-content/uploads/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gosecure.wpenginepowered.com/wp-content/uploads/GS-Titan_Logo_1000x.png
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a03a229659e7d68865de9949d9f89bfcd33526d476103a6581241ca1ac8595c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
794040
cf-polished
origFmt=png, origSize=19525
x-wpe-request-id
3870b470646bdf7b295f59fe652a8174
content-disposition
inline; filename="GS-Titan_Logo_1000x.webp"
alt-svc
h3=":443"; ma=86400
content-length
6580
cf-bgj
imgq:100,h2pri
last-modified
Thu, 28 Oct 2021 20:37:33 GMT
server
cloudflare
etag
"617b0a0d-4c45"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ThZfovVUKiS9SVogBgjFaoiG6uv08UID7qbm0S%2FGcXNeFwJUaYUni3NNFbIRcA6EStPycYW7N9%2F5T3CEgP314OE219D8SmdCqIi%2BmNFPsLU9KUPOlK9TWGvlU3z2bs9QarVf9HpaXL1i9A2Q%2BP8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8021a2cf2f491959-FRA
et-custom-divimegapro-2913-3683-169395008202.min.css
www.gosecure.net/wp-content/et-cache/2913-3683/ 		13 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gosecure.net/wp-content/et-cache/2913-3683/et-custom-divimegapro-2913-3683-169395008202.min.css?ver=1.9.7
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.102.131 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
131.102.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
deef6ad3f435af96138c9478b13d70eaf39df7d90fe877e7d7a9f10baf079f58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
content-encoding
br
last-modified
Tue, 05 Sep 2023 21:41:22 GMT
server
nginx
etag
W/"64f7a082-33f9"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-wpe-request-id
9d894b386749ae8a1be40a8044f06f79
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
idle-timer.min.js
gosecure.wpenginepowered.com/wp-content/plugins/monarch/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gosecure.wpenginepowered.com/wp-content/plugins/monarch/js/idle-timer.min.js?ver=1.4.14
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
80fa756dda143f69fb3ce750e905cc8188150dc4c6b7539bf3627fe26530b405

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 12 Jul 2021 17:51:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
11346187
etag
W/"60ec8121-a4b"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DjK8CfwUARWeFOT1MkKWHa3MLc%2Bfc7qGvP4Mlk%2BayQBi7MFWdr7a5JADNbc9zJ961%2FoIHzpVBsV6rIuUBEZZE1xcC92RMOhYO9SbZ1BUH1WQynB%2FSu%2FlYFRd%2BuKvnslCg%2Btk4Gj%2B%2FWYtSBWlkWE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8021a2cf2f251959-FRA
alt-svc
h3=":443"; ma=86400
custom.js
gosecure.wpenginepowered.com/wp-content/plugins/monarch/js/ 		26 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gosecure.wpenginepowered.com/wp-content/plugins/monarch/js/custom.js?ver=1.4.14
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
43b5c9ad80f0a5d1c63568583e9cf6cd5ca8454a680f4ee80d5d63d00b15a360

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 12 Jul 2021 17:51:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
18352301
etag
W/"60ec8121-6855"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u27zL0lzOHpmgkImMlb4tJvm%2FsCtt%2FkSojeF0UtUOBDmNuocQ6936SKSnr3vZjLAClz1R1aJ8gtqrLiu9MbtX3WBEOLYcsLy7Blnshd8r2LgIsQ4kJA3XcliZ2D3EMBRS76jqIexA7cLa%2Ffnz%2F0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8021a2cf2f271959-FRA
alt-svc
h3=":443"; ma=86400
scripts.min.js
gosecure.wpenginepowered.com/wp-content/themes/Divi/js/ 		268 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gosecure.wpenginepowered.com/wp-content/themes/Divi/js/scripts.min.js?ver=4.20.2
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
97490bd354a26885acf09c0ba5b4c3c76d12bb55193f13456d3aa2ded6eda6fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Mar 2023 21:25:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
11346187
etag
W/"641237b3-42f5a"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3VsFIy6sJurRPu0Sty7it%2Fh4ihcVPoryXXoLetX4l0T3JI3BNZoJtZbA7npW1O6KHszNc0H%2FfefD0y7dm%2BQN4PTxHMyNsZO16O96PZwdFJsmPUGlLwaxHWlqBnCjexwdCU3v%2Bb6Fhe4RXMHVUmo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8021a2cf2f2b1959-FRA
alt-svc
h3=":443"; ma=86400
jquery.fitvids.js
gosecure.wpenginepowered.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gosecure.wpenginepowered.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=6.3
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
462747422c6af30aa81a0373fa1cfd736455cef52bdbb816f67be9531d84eace

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1111404
x-wpe-request-id
465ab61ea5b4ffe87c106df374116100
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 15 Mar 2023 21:25:07 GMT
server
cloudflare
etag
W/"641237b3-d15"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fjYdqLPtBAkXfp7x4KHwsKs6PwHdL18lNr%2F30aNLtxFGgXABziVVaCKEgzAg4easZedftQQ6ZTN7WqxaI73h83Az%2FJzHOgADwXXIZSHArB02F%2FKp5Z7zxcU2qeIUdLMPnWp6Ga9Z5wgdaTgnNvI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8021a2cf2f2c1959-FRA
comment-reply.min.js
gosecure.wpenginepowered.com/wp-includes/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gosecure.wpenginepowered.com/wp-includes/js/comment-reply.min.js?ver=6.3
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1108029
x-wpe-request-id
60382e55ee71d6015c21016016809655
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 08 Apr 2022 20:07:18 GMT
server
cloudflare
etag
W/"625095f6-ba5"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8LsNDHVfROWDEY1n4An0Sm27OwDFvVoefDXtOfyVRVafxyCYahNcblcB3sXxsn7CBKjB8zjY9mzzBn0YCUZcyykU7iH%2BFyYxwiGJRIPDlyQLLU4xnbWPOygieCnejJO6NL3NkHcwWXG6ruhz1VQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8021a2cf2f2e1959-FRA
jquery.mobile.js
gosecure.wpenginepowered.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gosecure.wpenginepowered.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.mobile.js?ver=6.3
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
55a084b5f4c439a2786141108b266370e0e4accc4e72629b2177dc6aa658d6c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1111404
x-wpe-request-id
07740313329d6b03f424cb8ebff2a265
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 15 Mar 2023 21:25:07 GMT
server
cloudflare
etag
W/"641237b3-1f18"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1TwDAGVUWvkwQmIYyLvO8LZQEeixT%2BwvRkm9g0NpvEknLxJw0c3LU2x0s9mfnOgUxlQsAJzaKCppBMc2e1lT%2BZ%2BvVMl8wmOHMyCwpavRHHpKeZjGYocB8Rrl6b0Uv2OSZ23bSGMsTD2IWNbmhnE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8021a2cf2f2f1959-FRA
magnific-popup.js
gosecure.wpenginepowered.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gosecure.wpenginepowered.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/magnific-popup.js?ver=6.3
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a47c6e6f24e634cb79f886e70bbfd65e1e85b0d2aa4fc133488fd1bc1910e3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1111404
x-wpe-request-id
4b951c0fcf594cd4fbc36cdd83341750
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 15 Mar 2023 21:25:07 GMT
server
cloudflare
etag
W/"641237b3-5902"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R7g41QZVvs348UKClTyDNLxjUobiQGtpX%2BMhvBVSQvTgWOy4eBX5JLtTNpqJHunCs%2F4dWGpzSTrLaiY37Lg%2FtFa7%2BoSwAPAtD2lGBSkTr%2BAzXkjp5BviBkBxoOhDyFfL454pMXoS1K9oYsJotUE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8021a2cf2f311959-FRA
easypiechart.js
gosecure.wpenginepowered.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gosecure.wpenginepowered.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/easypiechart.js?ver=6.3
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aa24e4ab926693e29ffb0d0ca1557141defd3ca61b3b4e7caebaa2fcd5bf327

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1108029
x-wpe-request-id
efd1a3269300610c9060c2010e174cbe
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 15 Mar 2023 21:25:07 GMT
server
cloudflare
etag
W/"641237b3-2466"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=spi9LwGyijPKAyw%2FbWZwUqwnzdvFsIkcmQ6dBrhYncUpcwIcs2nNzf4RGbsr3TH%2FvCaZsIHS8w3c%2F%2FO2kTzgTidecbL%2BYIXVoJHyh93KgHm%2BxIalIKh5ety1TAXkpUjHpfDySd8UX6mNcHzt91s%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8021a2cf2f321959-FRA
salvattore.js
gosecure.wpenginepowered.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gosecure.wpenginepowered.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/salvattore.js?ver=6.3
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6205029e1016596807b655c8f57818736a787e32ceb1407effa152ac3bb9380

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1111404
x-wpe-request-id
ff68758f8ea14057ee9379fbfcc6b906
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 15 Mar 2023 21:25:07 GMT
server
cloudflare
etag
W/"641237b3-217e"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o96ktSLatYF7Sel4urkSgUYic1ILJoAhJ7QTs98XwPPHvS98ET8CsiCMyj7wHR0ds107i3mSQdlu8hWw%2F71hdo56WTk%2F%2B%2FGbqIvU%2BRccgHonX1gYNchvRdOLVmFXUMRCqnZbIelfz73HUggCn7g%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8021a2cf2f341959-FRA
main.js
gosecure.wpenginepowered.com/wp-content/plugins/divi-bars/assets/js/ 		52 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gosecure.wpenginepowered.com/wp-content/plugins/divi-bars/assets/js/main.js?ver=1.8.6.1
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c528e0059505b4d7f962bdd061568368692b80658b91bf09275689e4993f964b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 17 Sep 2021 20:24:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
18704728
etag
W/"6144f983-cf6e"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oS8fl6%2F1YVTOMmJD5qHIpSjY%2BNWLuBG2fdKRCQCBj4XtJcZFJItm6Ee83FhiIYnlZQ17t7IG%2BtUFl%2FlxfkBAG62ogemZCkYXxoUZUBuzcM1tgKtkizWDeGPIzZoatYbeGeuBugn%2F25M%2BXddy8nY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8021a2cf2f351959-FRA
alt-svc
h3=":443"; ma=86400
main.helper.js
gosecure.wpenginepowered.com/wp-content/plugins/divi-bars/assets/js/ 		0
445 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gosecure.wpenginepowered.com/wp-content/plugins/divi-bars/assets/js/main.helper.js?ver=1.8.6.1
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18704728
alt-svc
h3=":443"; ma=86400
content-length
0
last-modified
Fri, 17 Sep 2021 20:21:34 GMT
server
cloudflare
etag
"6144f8ce-0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u0Bw53WK3NJBCgjjTMf%2FwdL0G6JV2IHv2nekMDJLntODSGYAypy%2BSI2Zb2kduTB3P0h2J7GYd07CzI0jl9ebkfV2lEc8%2Fn9JoqF1ZgMWyuTVYBJmDendhJaqgyW22xuV5p9QIBWpTTu7s7RpCVo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8021a2cf2f371959-FRA
main.js
gosecure.wpenginepowered.com/wp-content/plugins/divi-mega-pro/assets/js/ 		82 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gosecure.wpenginepowered.com/wp-content/plugins/divi-mega-pro/assets/js/main.js?ver=1.9.7
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
004cecb74418be85d5eaee9fd2ea5f82bb6c323442ae6a0c7ef84e521d41bae7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 28 Jun 2022 16:16:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
12432476
etag
W/"62bb2969-147ef"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FKnmHFTAKkn4qxYk8xM4hMTh%2BhB9FJPPK4ndeuK9l4URjvzx4iejVrvsJODPfZ8G2SQTeXR5NYm1bViMW4HoX%2F%2F0A3eixjJs%2BopM9GKpG7oDKdz1zjYwtWWZ8syU6d5eZ0PFPokHlF3YCVJ7Rpw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8021a2cf2f381959-FRA
alt-svc
h3=":443"; ma=86400
main.helper.js
gosecure.wpenginepowered.com/wp-content/plugins/divi-mega-pro/assets/js/ 		0
445 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gosecure.wpenginepowered.com/wp-content/plugins/divi-mega-pro/assets/js/main.helper.js?ver=1.9.7
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11346776
alt-svc
h3=":443"; ma=86400
content-length
0
last-modified
Tue, 28 Jun 2022 16:16:41 GMT
server
cloudflare
etag
"62bb2969-0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F4Zsu704tedvvk9QTMCRiLRFPwFoYAc0S0LMCL2y8Qc1RX%2F2I1F2Yd8biBLkVOGZ0IrGPNHlMj86sZrIx%2BJAb4Tt3blcp98iF7PD9ONZBWGX4uJCfutctPjmoyK1VIw0oAOqiIRUGIZxbNrRmkk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8021a2cf2f391959-FRA
common.js
gosecure.wpenginepowered.com/wp-content/themes/Divi/core/admin/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gosecure.wpenginepowered.com/wp-content/themes/Divi/core/admin/js/common.js?ver=6.3
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1111404
x-wpe-request-id
ed40d09369dd36d1b565a245f6e113b0
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 15 Mar 2023 21:25:07 GMT
server
cloudflare
etag
W/"641237b3-53f"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wWoilel964VyLsMXFNka4DUlM8Uzu5Hf35%2BbencshkWVMQyIhtpVz0DlQz6ro859cdzn07CANies4fL1wNiJljzVT2x4a%2BNI5OoTGAp7ebPjlFXl5UpHCPYdlElKqd7BQrKKgrOSi4DzdJ2dqtk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8021a2cf2f3a1959-FRA
jquery.exitintent.js
gosecure.wpenginepowered.com/wp-content/plugins/divi-bars/assets/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gosecure.wpenginepowered.com/wp-content/plugins/divi-bars/assets/js/jquery.exitintent.js?ver=6.3
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f36fdb2619f7a8afd5460f8e5fda7b3549c9e27291fcb40f93daa0f80ef74af0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1111404
x-wpe-request-id
3d8b113ba149d5d8f3adc57a9582b6da
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 17 Sep 2021 20:24:35 GMT
server
cloudflare
etag
W/"6144f983-5e9"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZIwmnPPvzP2KBmz5EeUL847AfSbscxvyvDNkdkPr5CufDsXrOON5i7r9hLC3Y1bSn9hEhaWRk%2BQbQZVZD0bPxSnc3y%2FSAzRiu3HS6XZW3bYtk5DaQL6jq23WV5en3LW%2B1cP%2BKHT5ugnTUgorgm0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8021a2cf2f3b1959-FRA
motion-effects.js
gosecure.wpenginepowered.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/ 		154 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gosecure.wpenginepowered.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/motion-effects.js?ver=6.3
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e51e19db4305a39866527982780d253af76c071540c09f2b215cab4b08de2b10

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1111404
x-wpe-request-id
9bc64016f848c48bafc74a1b61c787c2
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 15 Mar 2023 21:25:07 GMT
server
cloudflare
etag
W/"641237b3-26901"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8XrNyqgVlmshx8UsSvhA4znvMip57mdz7edRZOzqNdtcMKtJfBsTJ5gvM44C1wPQpvVqf%2FPmBKXwfLBndFZmKW0joKPMzkCFuKlk3Roq8L66DqSiSO4Qs1NCL0C2fjAHrQfEYfwTm%2Bp%2FwwuxHHQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8021a2cf2f3f1959-FRA
sticky-elements.js
gosecure.wpenginepowered.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/ 		212 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gosecure.wpenginepowered.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/sticky-elements.js?ver=6.3
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f988466c42d1f2b5bb177b6221783d53b8ee21e9e3399c502ab3689f56fbc19e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
931695
x-wpe-request-id
84db76f84da6934fd39952a7e4ad2f31
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 15 Mar 2023 21:25:07 GMT
server
cloudflare
etag
W/"641237b3-34f33"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hjg0p%2FAs03%2FZjxnwK%2Bc2yF5E3F0ICpsdjuhMTCLDasj4IFpHBrdFW2%2Fqr1ylR5%2F2dh2QTYESNKVQXlw3SmHOY3we3lJLB0Jn8ouwZpYCTTi6uYzz2Oi1j%2Bfi3QGWUs0X24FTp1Sq3ArdDNSusok%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8021a2cf2f411959-FRA
et-custom-divibars-global-169395008204.min.css
www.gosecure.net/wp-content/et-cache/global/ 		0
226 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gosecure.net/wp-content/et-cache/global/et-custom-divibars-global-169395008204.min.css
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.102.131 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
131.102.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
last-modified
Tue, 05 Sep 2023 21:41:22 GMT
server
nginx
etag
"64f7a082-0"
vary
Accept-Encoding
x-wpe-request-id
1c2ca3693a69cdf707b9f6910e08278d
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
0
modules.woff
gosecure.wpenginepowered.com/wp-content/themes/Divi/core/admin/fonts/modules/all/ 		90 KB
91 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gosecure.wpenginepowered.com/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
88795f28bb66a45f9c32245dd21d6319ed5d26a45bf5afa31d91a0f83ee855f7

Request headers

Referer
https://www.gosecure.net/
Origin
https://www.gosecure.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
394759
x-wpe-request-id
f038b0ddb3d53c5a6b69e0999b62ee6f
alt-svc
h3=":443"; ma=86400
content-length
92476
last-modified
Wed, 15 Mar 2023 21:25:07 GMT
server
cloudflare
etag
"641237b3-1693c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ne1QbrSzFdhhGD5d2LDEO%2FEox2cgtNLkkDal%2F3syVPgv4dBOBzZbkg72T%2BJd%2FKTOmWv10Z8WlfBi5saG3kWIMUB8Pmc%2FumabTY9B9PV7BpIKRPDy0M0bzKC42ufycJrFh4auLJVXhAeZgC%2BBjAg%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8021a2d048329a35-FRA
81zbtlOMTzU
www.youtube.com/embed/ Frame 8F20 		0
0
maxresdefault.jpg
img.youtube.com/vi/81zbtlOMTzU/ 		117 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/81zbtlOMTzU/maxresdefault.jpg
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96e193652798c4981afd6e468a55931f230d941d86d85d98006df1a11dab912f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119582
x-xss-protection
0
server
sffe
etag
"0"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 05 Sep 2023 23:41:22 GMT
activity-details-logs-980x337-1.png
gosecure.wpenginepowered.com/wp-content/uploads/ 		112 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gosecure.wpenginepowered.com/wp-content/uploads/activity-details-logs-980x337-1.png
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
eff9614b2276fdd2b87a6597c2bfecbbc0288459eccdd6ba0e87a9a0817a25e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-wpe-request-id
9b0a70719ce0fce7f771914ed1de36bb
alt-svc
h3=":443"; ma=86400
content-length
114928
last-modified
Mon, 14 Feb 2022 17:38:31 GMT
server
cloudflare
etag
"620a9397-1c0f0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mubicx45%2ByrfzjM1ftN7Febq14LWxv5H4RGUgRvi2At5SUOdSp8%2B5wNU1PFE5P02TzyMkV4vxYC8h4tto6rbhKRR34mk24vX%2FowT3E37qfwePZ7aFJ%2BYED4Tyv8GlvjeUBNDHn6RVIpy83w12H8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8021a2d098a81959-FRA
et-divi-dynamic-3683-late.css
www.gosecure.net/wp-content/et-cache/3683/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gosecure.net/wp-content/et-cache/3683/et-divi-dynamic-3683-late.css
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.102.131 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
131.102.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
f61fcdc086aed1743148da91bba7bba3ff5336b6acad38e4425ddae1e1ceea12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
content-encoding
br
last-modified
Tue, 05 Sep 2023 21:41:22 GMT
server
nginx
etag
W/"64f7a082-3aa4"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-wpe-request-id
a41296674da2c634c7529d251e5df96e
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
munchkin.js
munchkin.marketo.net/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://munchkin.marketo.net/munchkin.js
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.210.118.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-118-178.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Tue, 05 Sep 2023 21:41:22 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Mar 2023 01:24:48 GMT
Server
AkamaiNetStorage
ETag
"cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
729
insight.min.js
snap.licdn.com/li.lms-analytics/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ce::215:e439 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 05 Sep 2023 13:41:52 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=57638
accept-ranges
bytes
content-length
3822
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtZ6Ew7.woff2
fonts.gstatic.com/s/montserrat/v25/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtZ6Ew7.woff2
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60a9cb6c3588b3674d7019bdd3ff5ce664f1ccc64c0abf722eb383976ff808d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gosecure.net/
Origin
https://www.gosecure.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 04:59:38 GMT
x-content-type-options
nosniff
age
319304
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40076
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:56:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Sep 2024 04:59:38 GMT
monarch.ttf
gosecure.wpenginepowered.com/wp-content/plugins/monarch/css/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gosecure.wpenginepowered.com/wp-content/plugins/monarch/css/fonts/monarch.ttf
Requested by
Host: gosecure.wpenginepowered.com
URL: https://gosecure.wpenginepowered.com/wp-content/plugins/monarch/css/style.css?ver=1.4.14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c102baea959329be23bb8a5d6bc268ce1668484995f0d23c2f88b46d7653c4f

Request headers

Referer
https://gosecure.wpenginepowered.com/wp-content/plugins/monarch/css/style.css?ver=1.4.14
Origin
https://www.gosecure.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
775411
x-wpe-request-id
0ff2276e5ee18163d56bd9f653bf9c48
alt-svc
h3=":443"; ma=86400
content-length
15096
last-modified
Mon, 12 Jul 2021 17:51:29 GMT
server
cloudflare
etag
"60ec8121-3af8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k5C8lDkCd9bP%2FEneqrzGbrpDg49Fg%2FG1%2FzvJ%2F%2BYQB11EO%2BY5aSelzHGVsm09NO0b%2FZVrJ%2BNyGPi2UEHA6qaD1gqgqj5OIWUSdniWWQUR26tE0lQc%2BFkOMQ%2BbhjPplrb96v8tyBULbslIPb2lElA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8021a2d0b8a69a35-FRA
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM70w7.woff2
fonts.gstatic.com/s/montserrat/v25/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM70w7.woff2
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
356e58889a7cf422acc2c715a26996890c929b9b3b8a0e124a9cf4a795734732
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gosecure.net/
Origin
https://www.gosecure.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 15:40:23 GMT
x-content-type-options
nosniff
age
367259
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40236
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 19:01:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 31 Aug 2024 15:40:23 GMT
JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jq5Z9aXo.woff2
fonts.gstatic.com/s/montserrat/v25/ 		40 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jq5Z9aXo.woff2
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c2a38f63e1b3b6ea1dc34b988466bcfbf3743a70f4f01e24b8df99847396cf2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gosecure.net/
Origin
https://www.gosecure.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 19:37:50 GMT
x-content-type-options
nosniff
age
353012
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40796
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 19:02:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 31 Aug 2024 19:37:50 GMT
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Ew7.woff2
fonts.gstatic.com/s/montserrat/v25/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Ew7.woff2
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0ab422e5b625fc05f96887b13d684026fce01130b3e4c01a928259f973b8b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gosecure.net/
Origin
https://www.gosecure.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 10:44:28 GMT
x-content-type-options
nosniff
age
39414
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39864
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:56:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Sep 2024 10:44:28 GMT
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu170w7.woff2
fonts.gstatic.com/s/montserrat/v25/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu170w7.woff2
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e58b260ced203e2ffce7aa502b51ebadb6ffee21b6d5cf72fc4c43b0e835d1bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gosecure.net/
Origin
https://www.gosecure.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 19:22:31 GMT
x-content-type-options
nosniff
age
353931
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39956
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:56:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 31 Aug 2024 19:22:31 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gosecure.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 09:02:59 GMT
x-content-type-options
nosniff
age
391103
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48412
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 31 Aug 2024 09:02:59 GMT
munchkin.js
munchkin.marketo.net/163/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://munchkin.marketo.net/163/munchkin.js
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.210.118.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-118-178.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Tue, 05 Sep 2023 21:41:22 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06 Jan 2023 02:26:40 GMT
Server
AkamaiNetStorage
ETag
"ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type
application/x-javascript
Cache-Control
max-age=8640000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4741
Expires
Thu, 14 Dec 2023 21:41:22 GMT
insight.old.min.js
snap.licdn.com/li.lms-analytics/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ce::215:e439 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 28 Aug 2023 12:14:15 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=61915
accept-ranges
bytes
content-length
4862
visitWebPage
483-djt-468.mktoresp.com/webevents/ 		2 B
318 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://483-djt-468.mktoresp.com/webevents/visitWebPage?_mchNc=1693950082812&_mchCn=&_mchId=483-DJT-468&_mchTk=_mch-gosecure.net-1693950082812-22311&_mchHo=www.gosecure.net&_mchPo=&_mchRu=%2Fblog%2F2022%2F02%2F14%2Fcurrent-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users%2F&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.28.147.68 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Tue, 05 Sep 2023 21:41:23 GMT
Content-Encoding
gzip
Server
nginx/1.20.1
Transfer-Encoding
chunked
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
X-Request-Id
4dd75334-aaa4-4b89-b4ec-af6ded487c93
token
cdn.linkedin.oribi.io/partner/2514017/domain/gosecure.net/ 		36 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/2514017/domain/gosecure.net/token
Requested by
Host: gosecure.wpenginepowered.com
URL: https://gosecure.wpenginepowered.com/wp-content/plugins/divi-mega-pro/assets/js/main.js?ver=1.9.7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:d200:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://www.gosecure.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 12:23:01 GMT
content-encoding
gzip
via
1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
33501
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=37643
x-amz-cf-id
98iTmdHoFlinnC2VYS2XIx-Xt2cgoQ8ssANJ3DNEUUgyAPaAHolukw==
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2514017&time=1693950082835&url=https%3A%2F%2Fwww.gosecure.net%2Fblog%2F2022%2F02%2F14%2Fcurrent-mfa-fatigue-attack-campaign-targeting-microsoft-of...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2514017&time=1693950082835&url=https%3A%2F%2Fwww.gosecure.net%2Fblog%2F2022%2F02%2F14%2Fcurrent-mfa-fatigue-attack-campaign-targeting-microsoft-of...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2514017%26time%3D1693950082835%26url%3Dhttps%253A%252F%252Fwww.gosecure.net%252Fb...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2514017&time=1693950082835&url=https%3A%2F%2Fwww.gosecure.net%2Fblog%2F2022%2F02%2F14%2Fcurrent-mfa-fatigue-attack-campaign-targeting-microsoft-of...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2514017&time=1693950082835&url=https%3A%2F%2Fwww.gosecure.net%2Fblog%2F2022%2F02%2F14%2Fcurrent-mfa-fatigue-attack-campaign-targeting-microsoft-o...
0
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2514017&time=1693950082835&url=https%3A%2F%2Fwww.gosecure.net%2Fblog%2F2022%2F02%2F14%2Fcurrent-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users%2F&cookiesTest=true&liSync=true&e_ipv6=AQJmWKXbD8AJWQAAAYpnSwMYRevtPo5am8Dy__zTN3rmo4ArPe-cZtG1VDCZ7uBSQg
Requested by
Host: www.gosecure.net
URL: https://www.gosecure.net/blog/2022/02/14/current-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:24 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: CE7DCAD3163C4BD095530E0BFF397B26 Ref B: DUS30EDGE0414 Ref C: 2023-09-05T21:41:23Z
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type
application/javascript
x-li-fabric
prod-ltx1
x-cache
CONFIG_NOCACHE
x-li-proto
http/2
content-length
0
x-li-uuid
AAYEo30G2g4snFOujAxROA==

Redirect headers

date
Tue, 05 Sep 2023 21:41:23 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: D072C435C6E14BA4AD712E38F4974B6A Ref B: FRAEDGE1414 Ref C: 2023-09-05T21:41:23Z
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2514017&time=1693950082835&url=https%3A%2F%2Fwww.gosecure.net%2Fblog%2F2022%2F02%2F14%2Fcurrent-mfa-fatigue-attack-campaign-targeting-microsoft-office-365-users%2F&cookiesTest=true&liSync=true&e_ipv6=AQJmWKXbD8AJWQAAAYpnSwMYRevtPo5am8Dy__zTN3rmo4ArPe-cZtG1VDCZ7uBSQg
x-cache
CONFIG_NOCACHE
x-li-proto
http/2
content-length
0
x-li-uuid
AAYEo30D+evoba32iMSXSg==
PEtayEho.json
cdn-cookieyes.com/client_data/b8b0a28b3bd290fb3677d2ac/ 		43 B
594 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-cookieyes.com/client_data/b8b0a28b3bd290fb3677d2ac/PEtayEho.json
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/b8b0a28b3bd290fb3677d2ac/banner.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:44d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca01e954d85d0c26dbd4678f615daa2d3707d205105574de2350ac96652b5147

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 21 Aug 2023 19:46:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
38009
etag
W/"2b-603742304d76d"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=687uas8Own3wGKUEM7zVQ4J12JBVwnOqFIGKHVcQlomThDPMrljNl1nkwUKJ0kie9xS2kr7Hc7%2BDwzZSt21J4IY2Z%2BXhHcDVbHhSzxR2U6y2dPW0cp4SNG3tlCDODTGGJ1Kc5ZeXnN3EqoaQxwFA"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray
8021a2d9f91c5c1a-FRA
phone-sign-in-1024x657-1.png
gosecure.wpenginepowered.com/wp-content/uploads/ 		531 KB
532 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gosecure.wpenginepowered.com/wp-content/uploads/phone-sign-in-1024x657-1.png
Requested by
Host: gosecure.wpenginepowered.com
URL: https://gosecure.wpenginepowered.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d15b8c63c2a4b40ffbae8c45eb21c8fab6736be5917181e36f155b772858543

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:24 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-wpe-request-id
dc2ab8efce3b5203b49fe0570b8a0664
alt-svc
h3=":443"; ma=86400
content-length
544103
last-modified
Mon, 14 Feb 2022 17:38:36 GMT
server
cloudflare
etag
"620a939c-84d67"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AMpzHJpjVx0L7oFH6gYuVrgWMK%2BZQ%2FcyCQ%2FuvxMD8mbGPJPHJfct99ZlHrIuAhmxvlxUiBbIJ1CvGFw1NcUmnPG%2FmoBYOhNXB6vWVh1zXr2XMl5gex98H%2FOWAaxg6SQ6spogDrBSXuThk80hwE4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8021a2d9da9a1959-FRA
verification-methods.png
gosecure.wpenginepowered.com/wp-content/uploads/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gosecure.wpenginepowered.com/wp-content/uploads/verification-methods.png
Requested by
Host: gosecure.wpenginepowered.com
URL: https://gosecure.wpenginepowered.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
19e1b46b0636f66cfff5f528f169d705adfea9a45dcd80f593c153099460cfc6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:24 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-wpe-request-id
6cad20fd2c1d739543ca7100d1d35939
alt-svc
h3=":443"; ma=86400
content-length
8768
last-modified
Mon, 14 Feb 2022 17:38:39 GMT
server
cloudflare
etag
"620a939f-2240"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=89kA%2BXpMAzqycuxxmfU4CpJYd1Fd5kFGt6FOS%2Fe83QCwPuff3g2858t5Ve%2BIxCJGeUgJrSjTjbXDGSkqdXELcVB6ofte3vr5TjMpaZdDhc1DsqZHMLcPRcXDXnSXSFa%2BWO7%2FO1yFiby%2FzbLFZ4U%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8021a2d9da9d1959-FRA
GoSecure-logo-web-150x.png
gosecure.wpenginepowered.com/wp-content/uploads/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gosecure.wpenginepowered.com/wp-content/uploads/GoSecure-logo-web-150x.png
Requested by
Host: gosecure.wpenginepowered.com
URL: https://gosecure.wpenginepowered.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d213f9e03ed01a6b27e1a8d4566ee5d51b2d7bcabd37fac5cf7651941dcac110

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
42476
cf-polished
origFmt=png, origSize=2830
x-wpe-request-id
6db4d314018724c09fb23d16def87b58
content-disposition
inline; filename="GoSecure-logo-web-150x.webp"
alt-svc
h3=":443"; ma=86400
content-length
1036
cf-bgj
imgq:100,h2pri
last-modified
Mon, 12 Jul 2021 17:51:26 GMT
server
cloudflare
etag
"60ec811e-b0e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2HZ7jCi6r8Xy7kaK6YWwJYIOJfI1n2iiD9mjisX%2Buw9vhew958CSHtAlsza1nGtHthmU5vqxKoLdAhx2YbhAX6Jr3l2v5rhhPB3r2JaAF2JtkkH%2FCsRb8RPKpbhGrJg4jXUtDd9JeKzyB7U%2B00Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8021a2d9eaa71959-FRA
fr-ca.png
gosecure.wpenginepowered.com/wp-content/uploads/ 		358 B
921 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gosecure.wpenginepowered.com/wp-content/uploads/fr-ca.png
Requested by
Host: gosecure.wpenginepowered.com
URL: https://gosecure.wpenginepowered.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9079402a04ecb1b8f96a2c4fddbad4d1a195c06406fcd4e592c30c72373c61b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
796234
cf-polished
origFmt=png, origSize=570
x-wpe-request-id
855b037bc74e389914df26d7ca12944f
content-disposition
inline; filename="fr-ca.webp"
alt-svc
h3=":443"; ma=86400
content-length
358
cf-bgj
imgq:100,h2pri
last-modified
Mon, 12 Jul 2021 17:51:27 GMT
server
cloudflare
etag
"60ec811f-23a"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C8raJ0qcvGlt6z2yS6b7TbnTSnlnbZGvCbJAzrsKk58wyaCSri6tOp2m1P2mCiG8roMe5bswnQqLaOCetG7U7gFtD3U6Uxou1E3FpDcXYKXk5DZC2Jb7I7hD8fX%2B98qGwBQ76ExoNjCeoGvhwgk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8021a2d9eaa81959-FRA
ip
directory.cookieyes.com/api/v1/ 		108 B
262 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://directory.cookieyes.com/api/v1/ip
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/b8b0a28b3bd290fb3677d2ac/banner.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.235.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-235-220.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
93f12ef9004ce4a2ce19a969e0d7632a21c0c915afe07d8199bb5fd61e0a3917

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 05 Sep 2023 21:41:24 GMT
x-powered-by
Express
content-length
108
etag
W/"6c-eDW5rIiFaa2ajJO7J+PqElRTjPY"
content-type
text/html; charset=utf-8
taD2JuOv.json
cdn-cookieyes.com/client_data/b8b0a28b3bd290fb3677d2ac/config/ 		32 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-cookieyes.com/client_data/b8b0a28b3bd290fb3677d2ac/config/taD2JuOv.json
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/b8b0a28b3bd290fb3677d2ac/banner.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:44d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88f66067dc07bb89dd4aada21404c3b09d651c4225c7d7c48adaa4516b0fdbf8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 21 Aug 2023 19:46:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
38009
etag
W/"7f3a-603742304e70d"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Skg5lF%2FlapP4Cxch1B%2FDBM9XO8RKbZ5pmh9hz2Sp54L8nAE1CoqUWx1xpBUZrOQRrqyK%2BQwDD3bdYaNPDlELTOB5MEP6AQsA8Bi3L7atU8QUzQJKwZC5G9BaviKUnVNOHLoKlWie%2F7V87E4j6kh"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray
8021a2dafabd5c1a-FRA
xNCJaQwa.json
cdn-cookieyes.com/client_data/b8b0a28b3bd290fb3677d2ac/translations/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-cookieyes.com/client_data/b8b0a28b3bd290fb3677d2ac/translations/xNCJaQwa.json
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/b8b0a28b3bd290fb3677d2ac/banner.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:44d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e01862fbadd7fe31bd4174e451247837cc7ea9152d7d13d087829e6da3870a93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 21 Aug 2023 19:46:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
38009
etag
W/"77c-603742304e70d"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lwqvxULsHOjxwB77ifGu0OGrN4s3UoRj4G3aatr%2FFxlUZSo4d9SZHCYEGoJRZvd1kzWEj8zNLA0DQ%2Bho5JI6I2PppWog%2BNZ8Z8fHQ6RR%2FIyQbzUL6OJeGVkQ5rKtCmePj5FfL2iRTw89Yeoxkoah"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray
8021a2db1ae55c1a-FRA
R457_AtR.json
cdn-cookieyes.com/client_data/b8b0a28b3bd290fb3677d2ac/audit-table/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-cookieyes.com/client_data/b8b0a28b3bd290fb3677d2ac/audit-table/R457_AtR.json
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/b8b0a28b3bd290fb3677d2ac/banner.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:44d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f0486ed725b3a4a5e1e913f5cd8b57429506dd591c919c18537e9d254c19848

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 21 Aug 2023 19:46:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
38008
etag
W/"15c1-603742304d76d"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0RUzHwhgDhOkvGhkaDWEEV8YKNpPviGUai1whx%2BrBFH0wGvTQkZDcVdpSA66QCCMIAXdRyMb%2F%2F4hvkoKx4Lt3kArx340t0xqSOhQNmvkKhXU4CwK4NJdVPCiPmtp5uMbMtdi3zttqXB70%2FMo5VxW"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray
8021a2db3b0f5c1a-FRA
revisit.svg
cdn-cookieyes.com/assets/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-cookieyes.com/assets/images/revisit.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:44d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed7c487f915432d9464e2af0a83002ee93596e86e076f3c917e439e5b844d08b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 15 Mar 2022 04:40:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
577407
etag
W/"923-5da3a668dacc0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pC3vyS1RbAqSHqtci7d08eirtPs5T%2FItX%2BR9zqkHZnWYZVQGZiKLu6jQJVnPvTpPpO6QTEMzuLR3BhDhLX%2FvI4o1%2B27tzVU%2BHue158ds5buN96JzxhvEOG7WCjulEGTYv7g1TKRF6gE4ANwMeSqP"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=0, s-maxage=604800, proxy-revalidate
cf-ray
8021a2db5c953642-FRA
close.svg
cdn-cookieyes.com/assets/images/ 		1 KB
995 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-cookieyes.com/assets/images/close.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:44d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a049e1abe441835a2bcf35258936072189a0a52d0000c4ed2094e59d2afd189b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 15 Mar 2022 04:40:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
437045
etag
W/"541-5da3a66c769d4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hJdSzL3%2Bj1JbbmNWAHVGVnDmviPqh%2Fj%2BP3UOghos5E%2F2UqE3y%2F0kYAIySpaQLHb%2Byt9viEGmXagJ3koe2TUiCAraF%2FrwNglQNmWDiThCPJ7KwVi7wCatDgJfDyM%2Ft57Ezh3LLsh0dPRNQo8R%2FIpi"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=0, s-maxage=604800, proxy-revalidate
cf-ray
8021a2db5c9a3642-FRA
poweredbtcky.svg
cdn-cookieyes.com/assets/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-cookieyes.com/assets/images/poweredbtcky.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:44d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
911f58b8d14bd6f73a83fd774e44bec97e896317c7093dc83e96921e64f1fbd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 15 Mar 2022 04:41:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
431578
etag
W/"eb2-5da3a68c50d09"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KsGSro2kAKBW0E0Dmvea54dEDyS1EvVLOp9xT8TgXQvMF%2BvNzcUMKDs3KBKYByHMOBh5VGIX2HjW9xFJRQBL%2B5piXP7PTnMv2aAqSBYX7V5JXTh2ZRyNWBceGRwV6QqxoEZbS3wsaAqjl5JhxJ7T"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=0, s-maxage=604800, proxy-revalidate
cf-ray
8021a2db5c9b3642-FRA
log
log.cookieyes.com/api/v1/ 		2 B
152 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://log.cookieyes.com/api/v1/log
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/b8b0a28b3bd290fb3677d2ac/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.226.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-226-240.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.gosecure.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryeFp56FpISFT9oWZA

Response headers

access-control-allow-origin
*
date
Tue, 05 Sep 2023 21:41:24 GMT
x-powered-by
Express
content-length
2
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type
text/plain; charset=utf-8
GoSecure-logo-web-150x.png
gosecure.wpenginepowered.com/wp-content/uploads/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gosecure.wpenginepowered.com/wp-content/uploads/GoSecure-logo-web-150x.png
Requested by
Host: gosecure.wpenginepowered.com
URL: https://gosecure.wpenginepowered.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d213f9e03ed01a6b27e1a8d4566ee5d51b2d7bcabd37fac5cf7651941dcac110

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
42476
cf-polished
origFmt=png, origSize=2830
x-wpe-request-id
6db4d314018724c09fb23d16def87b58
content-disposition
inline; filename="GoSecure-logo-web-150x.webp"
alt-svc
h3=":443"; ma=86400
content-length
1036
cf-bgj
imgq:100,h2pri
last-modified
Mon, 12 Jul 2021 17:51:26 GMT
server
cloudflare
etag
"60ec811e-b0e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ipmQIvdxtbFmfBY1RIR%2FbtuiVaR2yZ2nOxcE2IGjFbuRBwTTJ6u32tY3DCQy3N24kZ4gZQyZrU2aZTYnpQYDxpsKu7Q1KfNbOtj%2BDL3yVKTQaXfSxkrgKWAmVZd3%2BfBzjoOH5eVhDzESHhlrRqo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8021a2dbbcba1959-FRA
fr-ca.png
gosecure.wpenginepowered.com/wp-content/uploads/ 		358 B
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gosecure.wpenginepowered.com/wp-content/uploads/fr-ca.png
Requested by
Host: gosecure.wpenginepowered.com
URL: https://gosecure.wpenginepowered.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9079402a04ecb1b8f96a2c4fddbad4d1a195c06406fcd4e592c30c72373c61b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
796234
cf-polished
origFmt=png, origSize=570
x-wpe-request-id
855b037bc74e389914df26d7ca12944f
content-disposition
inline; filename="fr-ca.webp"
alt-svc
h3=":443"; ma=86400
content-length
358
cf-bgj
imgq:100,h2pri
last-modified
Mon, 12 Jul 2021 17:51:27 GMT
server
cloudflare
etag
"60ec811f-23a"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8KtP%2FhpwGcdrYPxKqzIwXmcFt%2BtLIdB%2FgpB5RK9KXz0zgUnKSG6m8hUr9flgvE8zIIod3Exhk5zqbIDlILEzzGBbUiAg7ExcSU5RKgkBw8fHf%2BFpOQrjLo7XRI%2FJjLXRNOUqUHIa2KEVtqharzs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8021a2dbbcbd1959-FRA
GoSecure-logo-web-150x.png
gosecure.wpenginepowered.com/wp-content/uploads/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gosecure.wpenginepowered.com/wp-content/uploads/GoSecure-logo-web-150x.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d213f9e03ed01a6b27e1a8d4566ee5d51b2d7bcabd37fac5cf7651941dcac110

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
42476
cf-polished
origFmt=png, origSize=2830
x-wpe-request-id
6db4d314018724c09fb23d16def87b58
content-disposition
inline; filename="GoSecure-logo-web-150x.webp"
alt-svc
h3=":443"; ma=86400
content-length
1036
cf-bgj
imgq:100,h2pri
last-modified
Mon, 12 Jul 2021 17:51:26 GMT
server
cloudflare
etag
"60ec811e-b0e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1dBHgi9lexrpbsdb1ecf3n7Xp7Hxw%2F6wslxoMUOcgicw61EJ%2FkkiBtKfRno2lVJsRMVZrBtLEXSLN3DqDhOgwOdEZfRLOe4Fx6WSzv1e1sFf7A3WG9sPx8uqh%2Bsrkhxh3IDgEHKHFVJfPoRKnHU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8021a2dc0d0d1959-FRA
fr-ca.png
gosecure.wpenginepowered.com/wp-content/uploads/ 		358 B
927 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gosecure.wpenginepowered.com/wp-content/uploads/fr-ca.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9079402a04ecb1b8f96a2c4fddbad4d1a195c06406fcd4e592c30c72373c61b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gosecure.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 21:41:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
796234
cf-polished
origFmt=png, origSize=570
x-wpe-request-id
855b037bc74e389914df26d7ca12944f
content-disposition
inline; filename="fr-ca.webp"
alt-svc
h3=":443"; ma=86400
content-length
358
cf-bgj
imgq:100,h2pri
last-modified
Mon, 12 Jul 2021 17:51:27 GMT
server
cloudflare
etag
"60ec811f-23a"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rnk36GZQFO54xOynRlRVLe2GssBiYvJPWMnJf9BPYyATTncwVo7LA6Ub7qK5Ity0n58FZGu81MbUdCNniS7jwHaU%2Bf6MbMfUPup3Ll4C3xXut%2BfwPR9Er4%2FuoDBfZUwfyH%2BVwoS6q41aBVPJSDU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8021a2dc0d0e1959-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.youtube.com
URL
https://www.youtube.com/embed/81zbtlOMTzU?mute=1

Verdicts & Comments Add Verdict or Comment

129 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| cookieyes function| jQuery function| $ object| divimegapro_singleton boolean| divimegapro_singleton_enabled object| regeneratorRuntime function| revisitCkyConsent function| performBannerAction function| eve function| mina function| Snap object| html5 object| Modernizr function| yepnope function| actual function| Popperv1 function| tippyv5 string| ajax_url function| dibTogglePlayableTags function| gtag object| dataLayer object| _self object| Prism object| divibars_settings object| divibars_with_automatic_trigger string| ajaxurl string| diviAjaxUrl object| overlays_with_css_trigger object| overlays_with_automatic_trigger string| diviLifeisMobileDevice string| diviLifeisTabletDevice object| et_link_options_data string| _linkedin_partner_id object| _linkedin_data_partner_ids object| monarchSettings object| DIVI object| et_builder_utils_params object| et_frontend_scripts object| et_pb_custom object| et_pb_box_shadow_elements function| Waypoint function| et_pb_debounce function| et_pb_smooth_scroll function| et_pb_form_placeholders_init function| et_duplicate_menu function| et_pb_remove_placeholder_text function| et_fix_fullscreen_section function| et_bar_counters_init function| et_fix_pricing_currency_position function| et_pb_set_responsive_grid function| et_pb_set_tabs_height function| et_pb_box_shadow_apply_overlay function| et_pb_init_nav_menu function| et_pb_toggle_nav_menu function| et_pb_apply_sticky_image_effect function| et_pb_menu_inject_inline_centered_logo function| et_pb_menu_inject_item function| et_pb_reposition_menu_module_dropdowns boolean| et_load_event_fired boolean| et_is_transparent_nav boolean| et_is_vertical_nav boolean| et_is_fixed_nav boolean| et_is_minified_js boolean| et_is_minified_css boolean| et_force_width_container_change function| et_pb_init_woo_star_rating function| et_pb_wrap_woo_attribute_fields_in_span function| et_calculate_fullscreen_section_size function| et_pb_init_modules function| etFixDividerSpacing function| etInitWooReviewsRatingStars boolean| et_calculating_scroll_position boolean| et_side_nav_links_initialized function| mktoMunchkinFunction object| Munchkin function| mktoMunchkin object| process object| addComment object| salvattore object| dmpSingletonInstance object| et_pb_motion_elements object| et_pb_sticky_elements object| ET_Builder object| ET_FE object| ET_FB function| et_calculate_header_values function| et_change_primary_nav_position function| et_fix_page_container_position function| et_pb_window_side_nav_scroll_init function| et_pb_side_nav_page_init object| MunchkinTracker function| et_pb_slider_init function| et_countdown_timer function| et_countdown_timer_labels function| et_pb_tabs_init function| et_pb_circle_counter_update function| et_apply_parallax function| et_parallax_set_height function| et_apply_builder_css_parallax function| et_pb_play_overlayed_video function| et_pb_resize_section_video_bg function| et_pb_center_video function| et_pb_adjust_video_margin function| et_fix_slider_height function| et_pb_submit_newsletter function| et_fix_testimonial_inner_width function| et_pb_video_background_init function| et_animate_element function| et_process_animation_data function| et_has_animation_data function| et_get_animation_classes function| et_remove_animation function| et_remove_animation_data function| et_reinit_waypoint_modules function| et_calc_fullscreen_section function| debounced_et_apply_builder_css_parallax function| et_pb_parallax_init function| et_pb_fullwidth_header_scroll function| et_pb_search_init function| et_pb_search_percentage_custom_margin_fix function| et_pb_comments_init function| et_pb_shop_add_hover_class string| iconFINAL function| lintrk boolean| _already_called_lintrk string| et_location_hash function| et_pb_init_woo_custom_button_icon string| waypointContextKey

9 Cookies

Domain/Path Name / Value
www.gosecure.net/ Name: ln_or
Value: eyIyNTE0MDE3IjoiZCJ9
.linkedin.com/ Name: li_sugr
Value: ce381408-8d30-426e-b450-0de3d7b89382
.linkedin.com/ Name: bcookie
Value: "v=2&b7a0cc83-16bf-481e-8b6d-2155d652f46d"
.linkedin.com/ Name: lidc
Value: "b=TGST09:s=T:r=T:a=T:p=T:g=2582:u=1:x=1:i=1693950083:t=1694036483:v=2:sig=AQEnbGpk70PnMDIeGBXl-JLwZ30Sdm-8"
.linkedin.com/ Name: UserMatchHistory
Value: AQJvCrdktZReWAAAAYpnSwBA6d8GNw-eAXWRCUsxY1UPzMGpSAGGH_cb85obwYLLXB_PCu3A-Nt1hg
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQI9yYaZp0au_QAAAYpnSwBBLthfPS4YdI1CRHWcc1TOfYtQgfbWzlNDdHSp9z9zVr7pHP_wAJ9mj64wvrsnlA
.www.linkedin.com/ Name: bscookie
Value: "v=1&20230905214123a537894a-62f4-4a8f-87a6-72e4f47145cfAQERjVnIYZGxarPhWLgcFfDzxPAkWMQA"
.linkedin.com/ Name: li_gc
Value: MTswOzE2OTM5NTAwODM7MjswMjF+YuU4NqiTwjsqSKj36yvJw9V5fvg1MQG0kESO3CTqWQ==
www.gosecure.net/ Name: cookieyes-consent
Value: consentid:b25ITFRGbGZzdFhTeWhpVGhIWnc1S05BWVJIc1hBR28,consent:no,action:,necessary:yes,functional:no,analytics:no,performance:no,advertisement:no,other:no

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

483-djt-468.mktoresp.com
cdn-cookieyes.com
cdn.linkedin.oribi.io
directory.cookieyes.com
fonts.googleapis.com
fonts.gstatic.com
gosecure.wpenginepowered.com
img.youtube.com
log.cookieyes.com
munchkin.marketo.net
px.ads.linkedin.com
px4.ads.linkedin.com
snap.licdn.com
www.googletagmanager.com
www.gosecure.net
www.linkedin.com
www.youtube.com
www.youtube.com
104.198.102.131
13.107.42.14
141.193.213.10
192.28.147.68
23.210.118.178
2600:9000:20eb:d200:2:53b2:240:93a1
2606:4700:20::ac43:44d6
2620:1ec:21::14
2a00:1450:4001:812::2003
2a00:1450:4001:813::200a
2a00:1450:4001:813::200e
2a00:1450:4001:829::2008
2a02:26f0:ce::215:e439
34.251.226.240
52.208.235.220
00248c12820088fc97a123ac8bf5140334781d5af8addbd3a6f8fa4ae909efb4
004cecb74418be85d5eaee9fd2ea5f82bb6c323442ae6a0c7ef84e521d41bae7
0a47c6e6f24e634cb79f886e70bbfd65e1e85b0d2aa4fc133488fd1bc1910e3e
19e1b46b0636f66cfff5f528f169d705adfea9a45dcd80f593c153099460cfc6
1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea
2497f7794b8eadd25a67d5fd060865507d73c193222806e0e489adaf5e39fe38
28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd
2c0f739ada3c3f10ded38699bf6c8c2fc506ae0edb1bab59cf3e8a61b8d4e921
356e58889a7cf422acc2c715a26996890c929b9b3b8a0e124a9cf4a795734732
3af8067816393fb9aa595e3cb474614c0f21fec6afa2e75a801d3be9c28ea421
3b87a00a3e5e259e48c3c73e45c02ce241a9ec58e727f2e3adcd858f899b177b
3febd731867ee3bf9bd30b0b6ecca16e30179de101329318385cd7dd9a692ad9
4271407807f1e49734ce4895663f3496efc37e546f30a960bffc5a23462b2139
43b5c9ad80f0a5d1c63568583e9cf6cd5ca8454a680f4ee80d5d63d00b15a360
462747422c6af30aa81a0373fa1cfd736455cef52bdbb816f67be9531d84eace
470424b6b430d0f7e308bed018538e3b255af882a153cb2b03d9f8455db02272
50998eebe0e6cd911a7ee7bb5af0fa56d8f105ecefea126bfe5f6bb996cd7159
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
55a084b5f4c439a2786141108b266370e0e4accc4e72629b2177dc6aa658d6c8
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56f5468a54d4cdd054959fa59d8593d89e30f976d88b6eb6a65e08257781853b
58cbc42e1cebba29c112d9959d88a600fbd16cae6b9c847001c140241dac519e
5aa24e4ab926693e29ffb0d0ca1557141defd3ca61b3b4e7caebaa2fcd5bf327
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5d15b8c63c2a4b40ffbae8c45eb21c8fab6736be5917181e36f155b772858543
5f0486ed725b3a4a5e1e913f5cd8b57429506dd591c919c18537e9d254c19848
60a9cb6c3588b3674d7019bdd3ff5ce664f1ccc64c0abf722eb383976ff808d1
65bcb8525bbbd33a618cdbfa015bd5e5b4f4510a8090f927a9fbb069beb12f78
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
678dcb871057c9c23fbf3657ffa7ce50368492e621034fa0a8d701e7d78ee9e6
67eb879fb1645c73ccbaac598e815fd3901eb5114228021d686b8b5e470edbbd
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
6c2a38f63e1b3b6ea1dc34b988466bcfbf3743a70f4f01e24b8df99847396cf2
79f9bdb472155b894adf0013bd95a6f0c3517b1edea6f6aa44d80bc4240b3960
7aeb6a117b7678dca80f0624357dc137b68a13b25d3725256f9decde6699b118
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
80fa756dda143f69fb3ce750e905cc8188150dc4c6b7539bf3627fe26530b405
88795f28bb66a45f9c32245dd21d6319ed5d26a45bf5afa31d91a0f83ee855f7
88f66067dc07bb89dd4aada21404c3b09d651c4225c7d7c48adaa4516b0fdbf8
8c102baea959329be23bb8a5d6bc268ce1668484995f0d23c2f88b46d7653c4f
911f58b8d14bd6f73a83fd774e44bec97e896317c7093dc83e96921e64f1fbd5
93f12ef9004ce4a2ce19a969e0d7632a21c0c915afe07d8199bb5fd61e0a3917
96e193652798c4981afd6e468a55931f230d941d86d85d98006df1a11dab912f
97490bd354a26885acf09c0ba5b4c3c76d12bb55193f13456d3aa2ded6eda6fd
9ed2aa3dbd3187a0076ac2c1de45c695e6f3767c2ff6fc64b1d0db35c3eef4a6
9ee6ddd14fdba9dd6059ca861be2ab7ca285e68ba520b81ba6648354877e74f3
a03a229659e7d68865de9949d9f89bfcd33526d476103a6581241ca1ac8595c4
a049e1abe441835a2bcf35258936072189a0a52d0000c4ed2094e59d2afd189b
a856a8d9fe8d35058be88f023a2afb47b27dd5c23c6768f2c870a2bb6c2b5711
a8fd577fcd5d95af970e755158bc19f8762e576cef68734c55eb9ef3426d3aa1
b6205029e1016596807b655c8f57818736a787e32ceb1407effa152ac3bb9380
c0345fa64565916e491d5d12c4902189eb44a5b0668c79106fe0dbe9fb63cda7
c0d7697b93bb46aaa27569e89afa772f42f9e10099b6304fa3ca3b79f065f356
c2711e9edc60964dcb5aada1bfa59c2d68d3d9dc1baf4a5ee058b4c1bd32c3eb
c3e6afc105537ee504389a720c2aa9fb2a56cfc97596f9875a011b0a2b327350
c528e0059505b4d7f962bdd061568368692b80658b91bf09275689e4993f964b
c567d2fbfe82e5f1f5844c99a9ad70f498734c99575828a00f92eafa7db53906
ca01e954d85d0c26dbd4678f615daa2d3707d205105574de2350ac96652b5147
d213f9e03ed01a6b27e1a8d4566ee5d51b2d7bcabd37fac5cf7651941dcac110
deef6ad3f435af96138c9478b13d70eaf39df7d90fe877e7d7a9f10baf079f58
e01862fbadd7fe31bd4174e451247837cc7ea9152d7d13d087829e6da3870a93
e07ef9f5dc003b0b5f49ab292caa264d8beba77285185625e2ee297b3d8818ee
e0ab422e5b625fc05f96887b13d684026fce01130b3e4c01a928259f973b8b14
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e2a35aa40c36505c0ca9c29332078410a2477dceffe3bb65e0382fdeadd85a92
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51e19db4305a39866527982780d253af76c071540c09f2b215cab4b08de2b10
e58b260ced203e2ffce7aa502b51ebadb6ffee21b6d5cf72fc4c43b0e835d1bf
e6c948a73ea3f054f417a3a60d18db48711bb86a0e12cea24fc5f858d2a42c4e
e9fbb3259383f2388c95bb3256cecd0c1c00b7c0dfe1c67f7779dbe9f06a0065
ead6948bfe0544b6fc3467cd20a27bf6ed695df9c89b35237cbab61e9f7d3cc5
ed7c487f915432d9464e2af0a83002ee93596e86e076f3c917e439e5b844d08b
eff9614b2276fdd2b87a6597c2bfecbbc0288459eccdd6ba0e87a9a0817a25e7
f36fdb2619f7a8afd5460f8e5fda7b3549c9e27291fcb40f93daa0f80ef74af0
f61fcdc086aed1743148da91bba7bba3ff5336b6acad38e4425ddae1e1ceea12
f820d93daf383e178bda2912f5bee00e90e56390597820622643fa8e5e487143
f9079402a04ecb1b8f96a2c4fddbad4d1a195c06406fcd4e592c30c72373c61b
f988466c42d1f2b5bb177b6221783d53b8ee21e9e3399c502ab3689f56fbc19e
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25