URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Submission: On October 14 via api from CH

Summary

This website contacted 26 IPs in 5 countries across 24 domains to perform 126 HTTP transactions.
The main IP is 35.188.168.180, located in United States and belongs to GOOGLE - Google LLC, US. The main domain is cofense.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on August 19th 2019. Valid for: 3 months.
This is the first time this domain was scanned on urlscan.io!

Verdict: Unknown

Domain & IP information

IP Address AS Autonomous System
1 82 35.188.168.180 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:215... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
4 151.139.128.10 20446 (HIGHWINDS3)
1 34.229.155.226 14618 (AMAZON-AES)
1 172.217.22.34 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 147.75.84.181 54825 (PACKET)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 34.192.123.20 14618 (AMAZON-AES)
1 23.111.11.83 33438 (HIGHWINDS2)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 50.17.52.222 14618 (AMAZON-AES)
1 147.75.84.117 54825 (PACKET)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 52.200.178.232 14618 (AMAZON-AES)
1 147.75.85.25 54825 (PACKET)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 52.21.56.60 14618 (AMAZON-AES)
2 35.174.78.146 14618 (AMAZON-AES)
126 26
Domain
Subdomains
Transfer
82 cofense.com
2 MB
6 fonts.googleapis.com
4 KB
5 gstatic.com
59 KB
4 stackpathcdn.com
102 KB
3 cloudflare.com
74 KB
3 hotjar.com
75 KB
2 pardot.com
3 KB
2 leadlander.com
644 B
2 google.de
590 B
2 google.com
683 B
2 doubleclick.net
2 KB
2 bing.com
8 KB
2 google-analytics.com
18 KB
2 googletagmanager.com
61 KB
1 ajax.googleapis.com
7 KB
1 shareaholic.com
partner.shareaholic.com Failed
503 B
1 opmnstr.com
12 KB
1 optnmstr.com
58 KB
1 sf14g.com
37 KB
1 bizographics.com
2 KB
1 googleadservices.com
10 KB
1 shareaholic.net
2 KB
1 dsms0mj1bbhn4.cloudfront.net
3 KB
0 linkedin.com Failed
www.linkedin.com Failed
0 B
126 24
Domain Requested by
82 cofense.com 1 redirects cofense.com
6 fonts.googleapis.com cofense.com
5 fonts.gstatic.com cofense.com
4 k4z6w9b5.stackpathcdn.com dsms0mj1bbhn4.cloudfront.net
k4z6w9b5.stackpathcdn.com
cofense.com
3 cdnjs.cloudflare.com k4z6w9b5.stackpathcdn.com
2 pi.pardot.com cofense.com
pi.pardot.com
2 tracking.leadlander.com 1 redirects cofense.com
2 www.google.de cofense.com
2 www.google.com 1 redirects cofense.com
2 bat.bing.com www.googletagmanager.com
cofense.com
2 www.google-analytics.com www.googletagmanager.com
cofense.com
2 www.googletagmanager.com cofense.com
1 ajax.googleapis.com a.optnmstr.com
1 vars.hotjar.com static.hotjar.com
1 analytics.shareaholic.com k4z6w9b5.stackpathcdn.com
1 script.hotjar.com static.hotjar.com
1 api.opmnstr.com a.optnmstr.com
1 stats.g.doubleclick.net 1 redirects
1 googleads.g.doubleclick.net www.googleadservices.com
1 a.optnmstr.com cofense.com
1 t.sf14g.com cofense.com
1 sjs.bizographics.com www.googletagmanager.com
1 static.hotjar.com www.googletagmanager.com
1 www.googleadservices.com www.googletagmanager.com
1 www.shareaholic.net dsms0mj1bbhn4.cloudfront.net
1 dsms0mj1bbhn4.cloudfront.net cofense.com
0 partner.shareaholic.com Failed k4z6w9b5.stackpathcdn.com
0 www.linkedin.com Failed cofense.com
126 28
Subject / Issuer Validity Valid
cofense.com
Let's Encrypt Authority X3
2019-08-19 -
2019-11-17
3 months
*.googleapis.com
GTS CA 1O1
2019-10-03 -
2019-12-26
3 months
*.cloudfront.net
DigiCert Global CA G2
2019-07-17 -
2020-07-05
a year
*.google-analytics.com
GTS CA 1O1
2019-09-17 -
2019-12-10
3 months
*.google.com
GTS CA 1O1
2019-09-17 -
2019-12-10
3 months
*.stackpathcdn.com
Go Daddy Secure Certificate Authority - G2
2019-06-27 -
2021-06-27
2 years
*.shareaholic.net
Let's Encrypt Authority X3
2019-10-10 -
2020-01-08
3 months
www.googleadservices.com
GTS CA 1O1
2019-09-17 -
2019-12-10
3 months
static.hotjar.com
Let's Encrypt Authority X3
2019-10-06 -
2020-01-04
3 months
www.bing.com
Microsoft IT TLS CA 2
2019-04-30 -
2021-04-30
2 years
js.bizographics.com
DigiCert SHA2 Secure Server CA
2018-04-13 -
2020-04-17
2 years
t.sf14g.com
Go Daddy Secure Certificate Authority - G2
2019-07-09 -
2020-09-07
a year
*.optnmstr.com
Go Daddy Secure Certificate Authority - G2
2018-12-13 -
2020-12-13
2 years
*.g.doubleclick.net
GTS CA 1O1
2019-09-17 -
2019-12-10
3 months
www.google.de
GTS CA 1O1
2019-09-17 -
2019-12-10
3 months
*.opmnstr.com
Go Daddy Secure Certificate Authority - G2
2019-04-11 -
2021-04-11
2 years
script.hotjar.com
Let's Encrypt Authority X3
2019-10-06 -
2020-01-04
3 months
www.google.com
GTS CA 1O1
2019-09-17 -
2019-12-10
3 months
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-08-10 -
2020-02-16
6 months
shareaholic.com
Amazon
2019-07-31 -
2020-08-31
a year
vars.hotjar.com
Let's Encrypt Authority X3
2019-10-06 -
2020-01-04
3 months
*.leadlander.com
Go Daddy Secure Certificate Authority - G2
2019-07-09 -
2020-09-07
a year
*.pardot.com
DigiCert SHA2 Secure Server CA
2019-01-21 -
2020-01-22
a year

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i

Web
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i

Web
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i

Web
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Web
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Web
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Web
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Web
Overall confidence: 100%
Detected patterns
  • html /<!-- (?:End )?Google Tag Manager -->/i

Web
Overall confidence: 100%
Detected patterns
  • script /^\/\/static\.hotjar\.com\/c\/hotjar-/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

126 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways
Redirect Chain
  • https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways
  • https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
142 KB
24 KB
Document
General
Full URL
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
35d2fd5593ad97c37094cd763b1fb4e4faeaed50834352afed58a8d3ec4de524

Request headers

:method
GET
:authority
cofense.com
:scheme
https
:path
/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

status
200
server
nginx
date
Mon, 14 Oct 2019 16:38:49 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
link
<https://cofense.com/?p=17411>; rel=shortlink
x-cacheable
SHORT
cache-control
max-age=600, must-revalidate
x-cache
HIT: 1
x-pass-why
x-cache-group
normal
content-encoding
gzip

Redirect headers

status
301
server
nginx
date
Mon, 14 Oct 2019 16:38:49 GMT
content-type
text/html; charset=UTF-8
content-length
0
location
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
x-redirect-by
WordPress
x-cacheable
non200
cache-control
max-age=600, must-revalidate
x-cache
HIT: 2
x-pass-why
x-cache-group
normal
cache.skin.css?ver=5.2.3
/wp-content/plugins/mega_main_menu/src/css
213 B
413 B
Stylesheet
General
Full URL
https://cofense.com/wp-content/plugins/mega_main_menu/src/css/cache.skin.css?ver=5.2.3
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
fb192c1648b3f3f1d33c7cb0dc247f98d32e9995731598adb483fd34e25a5083

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:49 GMT
last-modified
Sat, 05 Oct 2019 12:23:05 GMT
server
nginx
status
200
etag
"5d988b29-d5"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
213
style.min.css?ver=5.2.3
/wp-includes/css/dist/block-library
29 KB
5 KB
Stylesheet
General
Full URL
https://cofense.com/wp-includes/css/dist/block-library/style.min.css?ver=5.2.3
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
4b8fe5c3d0e5ef7a6582185cbf5c535b5d369c8df1da98c03ed69833e55f474d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:49 GMT
content-encoding
gzip
last-modified
Sat, 05 Oct 2019 12:21:44 GMT
server
nginx
status
200
etag
W/"5d988ad8-726f"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
front.min.css?ver=5.2.3
/wp-content/plugins/cookie-notice/css
3 KB
1 KB
Stylesheet
General
Full URL
https://cofense.com/wp-content/plugins/cookie-notice/css/front.min.css?ver=5.2.3
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
db7e27157a918cd3ebf833e1544924cab8837dbcaebe9e00989020ad3e43283d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:49 GMT
content-encoding
gzip
last-modified
Sat, 05 Oct 2019 12:23:07 GMT
server
nginx
status
200
etag
W/"5d988b2b-c04"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
font-awesome.min.css?ver=5.1.1
/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css
28 KB
7 KB
Stylesheet
General
Full URL
https://cofense.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=5.1.1
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
5abe21f898d69ccc30a452d02b70a828d111204b7c898709c4e74d0620e79451

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:49 GMT
content-encoding
gzip
last-modified
Sat, 05 Oct 2019 12:23:06 GMT
server
nginx
status
200
etag
W/"5d988b2a-713a"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
bootstrap.css?ver=5.2.3
/wp-content/plugins/download-manager/assets/bootstrap/css
149 KB
20 KB
Stylesheet
General
Full URL
https://cofense.com/wp-content/plugins/download-manager/assets/bootstrap/css/bootstrap.css?ver=5.2.3
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
77565a00d3b86cbbd914224f423cdb01b2d5db3c3057c2b69209153cc769c8c1

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:49 GMT
content-encoding
gzip
last-modified
Sat, 05 Oct 2019 12:23:07 GMT
server
nginx
status
200
etag
W/"5d988b2b-255bc"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
front.css?ver=5.2.3
/wp-content/plugins/download-manager/assets/css
118 KB
34 KB
Stylesheet
General
Full URL
https://cofense.com/wp-content/plugins/download-manager/assets/css/front.css?ver=5.2.3
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
ff09631078dd4af25f0cd2647d53311bbab55dc2c0a5045f8a38baf1a9506b41

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:49 GMT
content-encoding
gzip
last-modified
Sat, 05 Oct 2019 12:23:07 GMT
server
nginx
status
200
etag
W/"5d988b2b-1d8e5"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
ihover.css?ver=5.2.3
/wp-content/plugins/mega-addons-for-visual-composer/css
428 KB
76 KB
Stylesheet
General
Full URL
https://cofense.com/wp-content/plugins/mega-addons-for-visual-composer/css/ihover.css?ver=5.2.3
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e89fa95988dcf7bf63bc92866b4ebd12c7ededfda65f8040105b51cb41f0414e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:49 GMT
content-encoding
gzip
last-modified
Sat, 05 Oct 2019 12:23:06 GMT
server
nginx
status
200
etag
W/"5d988b2a-6ae1e"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.css?ver=5.2.3
/wp-content/plugins/mega-addons-for-visual-composer/css
1 KB
813 B
Stylesheet
General
Full URL
https://cofense.com/wp-content/plugins/mega-addons-for-visual-composer/css/style.css?ver=5.2.3
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
c95b879561e19ae45fa002f19fab5a8d1b0ca8c9f975409eb3abd829cf83031d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:49 GMT
content-encoding
gzip
last-modified
Sat, 05 Oct 2019 12:23:06 GMT
server
nginx
status
200
etag
W/"5d988b2a-568"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
font-awesome.css?ver=5.2.3
/wp-content/plugins/mega-addons-for-visual-composer/css/font-awesome/css
37 KB
8 KB
Stylesheet
General
Full URL
https://cofense.com/wp-content/plugins/mega-addons-for-visual-composer/css/font-awesome/css/font-awesome.css?ver=5.2.3
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:49 GMT
content-encoding
gzip
last-modified
Sat, 05 Oct 2019 12:23:05 GMT
server
nginx
status
200
etag
W/"5d988b29-9226"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
page-list.css?ver=5.1
/wp-content/plugins/page-list/css
2 KB
778 B
Stylesheet
General
Full URL
https://cofense.com/wp-content/plugins/page-list/css/page-list.css?ver=5.1
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
b3fd2bd251945091f3e856b2d244d662e7980d715b6d7f1722fde67e6dd321ef

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:49 GMT
content-encoding
gzip
last-modified
Sat, 05 Oct 2019 12:23:05 GMT
server
nginx
status
200
etag
W/"5d988b29-60c"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
buttons.css?ver=5.2.3
/wp-content/plugins/wpdm-button-templates
20 KB
7 KB
Stylesheet
General
Full URL
https://cofense.com/wp-content/plugins/wpdm-button-templates/buttons.css?ver=5.2.3
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
1febea0d811318da1ca5f4b52b9e406df837c27e79bf633315f5acf33fb54c9c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:49 GMT
content-encoding
gzip
last-modified
Sat, 05 Oct 2019 12:23:02 GMT
server
nginx
status
200
etag
W/"5d988b26-4e77"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
pagenavi-css.css?ver=2.70
/wp-content/plugins/wp-pagenavi
374 B
468 B
Stylesheet
General
Full URL
https://cofense.com/wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
c2711e9edc60964dcb5aada1bfa59c2d68d3d9dc1baf4a5ee058b4c1bd32c3eb

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:49 GMT
content-encoding
gzip
last-modified
Sat, 05 Oct 2019 12:23:02 GMT
server
nginx
status
200
etag
W/"5d988b26-176"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
chosen.min.css?ver=1.4.3
/wp-content/plugins/search-filter-pro/public/assets/css
10 KB
2 KB
Stylesheet
General
Full URL
https://cofense.com/wp-content/plugins/search-filter-pro/public/assets/css/chosen.min.css?ver=1.4.3
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
df531f4d859b68297e2b1d3d0b989147f90b31a30559d137a2e634514da7e961

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:49 GMT
content-encoding
gzip
last-modified
Sat, 05 Oct 2019 12:23:04 GMT
server
nginx
status
200
etag
W/"5d988b28-29ff"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
search-filter.min.css?ver=1.4.3
/wp-content/plugins/search-filter-pro/public/assets/css
24 KB
5 KB
Stylesheet
General
Full URL
https://cofense.com/wp-content/plugins/search-filter-pro/public/assets/css/search-filter.min.css?ver=1.4.3
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
60fc31875f78865acddb5c715176e982b12e8532097184b38a59f793f1691b43

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:49 GMT
content-encoding
gzip
last-modified
Sat, 05 Oct 2019 12:23:04 GMT
server
nginx
status
200
etag
W/"5d988b28-61cc"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
magnific-popup.min.css?ver=0.9.9
/wp-content/plugins/elite-addons-vc/assets/libs/magnific-popup
6 KB
2 KB
Stylesheet
General
Full URL
https://cofense.com/wp-content/plugins/elite-addons-vc/assets/libs/magnific-popup/magnific-popup.min.css?ver=0.9.9
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
347cd2766d64da2e2d3ba740c9b07659352d583fd5e42a3d6b794acd43748129

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:49 GMT
content-encoding
gzip
last-modified
Sat, 05 Oct 2019 12:23:06 GMT
server
nginx
status
200
etag
W/"5d988b2a-1802"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
animate.css?ver=5.2.3
/wp-content/plugins/elite-addons-vc/assets
67 KB
4 KB
Stylesheet
General
Full URL
https://cofense.com/wp-content/plugins/elite-addons-vc/assets/animate.css?ver=5.2.3
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
0f3ffa7f0b928b893a75953b1b233b2bf8dc84f94851a6d24225a59d862c270b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:49 GMT
content-encoding
gzip
last-modified
Sat, 05 Oct 2019 12:23:07 GMT
server
nginx
status
200
etag
W/"5d988b2b-10cbc"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
css?family=Open+Sans%3A400%2C600%2C300%2C700&ver=1
fonts.googleapis.com
9 KB
748 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C300%2C700&ver=1
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
373a0505368dab061278aa0b7243dc58fc165a25f8b0286d57f8835d06ab6e27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 14 Oct 2019 16:38:49 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Mon, 14 Oct 2019 16:38:49 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 14 Oct 2019 16:38:49 GMT
css?family=Montserrat%3A400%2C700&ver=1
fonts.googleapis.com
4 KB
902 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat%3A400%2C700&ver=1
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
4c940a58b40018214ca32665ff4cf755522b32a027b309cccb950ccd22e27637
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 14 Oct 2019 16:38:49 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Mon, 14 Oct 2019 16:38:49 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 14 Oct 2019 16:38:49 GMT
css?family=Raleway%3A300%2C400%2C700&ver=1
fonts.googleapis.com
2 KB
467 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Raleway%3A300%2C400%2C700&ver=1
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
16ad30dc7c52842f580962e62e29bd0474f9d3d99c93c81b8d384bdb52553719
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 14 Oct 2019 16:38:49 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Mon, 14 Oct 2019 16:38:49 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 14 Oct 2019 16:38:49 GMT
css?family=Lato%3A300%2C400%2C700&ver=1
fonts.googleapis.com
2 KB
458 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700&ver=1
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
f7d6b1c8e88874fb2696fc3128ea91fc6f47915466ea9f566ab2c39fcebffbd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 14 Oct 2019 16:38:49 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Mon, 14 Oct 2019 16:38:49 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 14 Oct 2019 16:38:49 GMT
font-awesome.min.css?ver=4.1.0
/wp-content/themes/copro/css/libs/font-awesome-css
21 KB
5 KB
Stylesheet
General
Full URL
https://cofense.com/wp-content/themes/copro/css/libs/font-awesome-css/font-awesome.min.css?ver=4.1.0
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:49 GMT
content-encoding
gzip
last-modified
Sat, 05 Oct 2019 12:23:01 GMT
server
nginx
status
200
etag
W/"5d988b25-55e0"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
elegant-icons.min.css?ver=1.0
/wp-content/themes/copro/css/libs/elegant-icons
4 KB
1 KB
Stylesheet
General
Full URL
https://cofense.com/wp-content/themes/copro/css/libs/elegant-icons/elegant-icons.min.css?ver=1.0
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
4dc068edecd14f25d56b1f3093a42c9162e0f66a937827f0f1392359094e1208

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:49 GMT
content-encoding
gzip
last-modified
Sat, 05 Oct 2019 12:23:01 GMT
server
nginx
status
200
etag
W/"5d988b25-103d"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
owl.carousel.css?ver=5.2.3
/wp-content/themes/copro/css/libs/owl-carousel
22 KB
3 KB
Stylesheet
General
Full URL
https://cofense.com/wp-content/themes/copro/css/libs/owl-carousel/owl.carousel.css?ver=5.2.3
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
83f6604f4c4ca11246131304ec9a76d75e3b2db2ece8a477c4f0bf580b26a093

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:49 GMT
content-encoding
gzip
last-modified
Sat, 05 Oct 2019 12:23:01 GMT
server
nginx
status
200
etag
W/"5d988b25-577a"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
theme-styles.css?ver=1
/wp-content/themes/copro/css
608 KB
72 KB
Stylesheet
General
Full URL
https://cofense.com/wp-content/themes/copro/css/theme-styles.css?ver=1
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e066e27304a41a9bd1eba18c512de3e7bc743488f4002fe21b97b222a822a9c4

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:49 GMT
content-encoding
gzip
last-modified
Sat, 05 Oct 2019 12:23:04 GMT
server
nginx
status
200
etag
W/"5d988b28-980d1"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
theme-shortcodes.css?ver=1
/wp-content/themes/copro/css
28 KB
5 KB
Stylesheet
General
Full URL
https://cofense.com/wp-content/themes/copro/css/theme-shortcodes.css?ver=1
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
d2caf4e20c60ec1b01fb2b59d947b111d50d667850f9ef13af194183f0574bed

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:49 GMT
content-encoding
gzip
last-modified
Sat, 05 Oct 2019 12:23:01 GMT
server
nginx
status
200
etag
W/"5d988b25-6f98"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
custom-styles.css?ver=1570278182
/wp-content/themes/copro/css
109 KB
18 KB
Stylesheet
General
Full URL
https://cofense.com/wp-content/themes/copro/css/custom-styles.css?ver=1570278182
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
02b5728af616b0e28cc34dec506dc3ed5c94c4963cfd27056a5bebcdea0a8487

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:49 GMT
content-encoding
gzip
last-modified
Sat, 05 Oct 2019 12:23:02 GMT
server
nginx
status
200
etag
W/"5d988b26-1b235"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
wmx-styles.css?ver=1570278181
/wp-content/themes/copro/css
5 KB
1 KB
Stylesheet
General
Full URL
https://cofense.com/wp-content/themes/copro/css/wmx-styles.css?ver=1570278181
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
c4af296b65d25387b38e738018ce430397082b09449a7ce8da08baaa53c4c77d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:49 GMT
content-encoding
gzip
last-modified
Sat, 05 Oct 2019 12:23:01 GMT
server
nginx
status
200
etag
W/"5d988b25-1572"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
responsive.css?ver=1
/wp-content/themes/copro/css
102 KB
12 KB
Stylesheet
General
Full URL
https://cofense.com/wp-content/themes/copro/css/responsive.css?ver=1
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
643ced756fe32f82d14c178ac0002a181a12d128402bd63b9b74c3cbdd85e66a

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:49 GMT
content-encoding
gzip
last-modified
Sat, 05 Oct 2019 12:23:02 GMT
server
nginx
status
200
etag
W/"5d988b26-198c3"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
select2.min.css?ver=5.2.3
/wp-content/themes/copro/css/vendor
15 KB
2 KB
Stylesheet
General
Full URL
https://cofense.com/wp-content/themes/copro/css/vendor/select2.min.css?ver=5.2.3
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
c066d830135d79d0b9aa4500ec1ba098dc25e08f606bcd9505fa94cb420c616b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:49 GMT
content-encoding
gzip
last-modified
Sat, 05 Oct 2019 12:23:01 GMT
server
nginx
status
200
etag
W/"5d988b25-3aed"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.css?ver=5.2.3
/wp-content/themes/copro
96 KB
16 KB
Stylesheet
General
Full URL
https://cofense.com/wp-content/themes/copro/style.css?ver=5.2.3
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
2348b89c8b4ad214b3588b7a5c0f898f7366ffd81e21de46ecc29d16a1722aa8

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:49 GMT
content-encoding
gzip
last-modified
Sat, 05 Oct 2019 12:23:01 GMT
server
nginx
status
200
etag
W/"5d988b25-17fee"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
fancybox.min.css?ver=5.2.3
/wp-content/themes/copro/css/vendor
12 KB
3 KB
Stylesheet
General
Full URL
https://cofense.com/wp-content/themes/copro/css/vendor/fancybox.min.css?ver=5.2.3
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:49 GMT
content-encoding
gzip
last-modified
Sat, 05 Oct 2019 12:23:01 GMT
server
nginx
status
200
etag
W/"5d988b25-31fb"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
css?family=Roboto%3A100%2C300%2C400%2C500%2C700%2C900%2C100italic%2C300italic%2C400italic%2C500italic%2C700italic%2C900italic&ver=5.2.3
fonts.googleapis.com
28 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A100%2C300%2C400%2C500%2C700%2C900%2C100italic%2C300italic%2C400italic%2C500italic%2C700italic%2C900italic&ver=5.2.3
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
4575a25af8345837dd1a37196f64353b7048950ec75026329aedcb3afd5c0775
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 14 Oct 2019 16:38:49 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Mon, 14 Oct 2019 16:38:49 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 14 Oct 2019 16:38:49 GMT
jquery.js?ver=1.12.4-wp
/wp-includes/js/jquery
95 KB
34 KB
Script
General
Full URL
https://cofense.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:49 GMT
content-encoding
gzip
last-modified
Sat, 05 Oct 2019 12:21:44 GMT
server
nginx
status
200
etag
W/"5d988ad8-17a69"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery-migrate.min.js?ver=1.4.1
/wp-includes/js/jquery
10 KB
4 KB
Script
General
Full URL
https://cofense.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:49 GMT
content-encoding
gzip
last-modified
Sat, 05 Oct 2019 12:21:44 GMT
server
nginx
status
200
etag
W/"5d988ad8-2748"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
front.min.js?ver=1.2.45
/wp-content/plugins/cookie-notice/js
5 KB
1 KB
Script
General
Full URL
https://cofense.com/wp-content/plugins/cookie-notice/js/front.min.js?ver=1.2.45
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
b82eefb6a4f332f80cf77897057def50d542447398557c6be322d86a3ebe613b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:49 GMT
content-encoding
gzip
last-modified
Sat, 05 Oct 2019 12:23:07 GMT
server
nginx
status
200
etag
W/"5d988b2b-14f0"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
bootstrap.min.js?ver=5.2.3
/wp-content/plugins/download-manager/assets/bootstrap/js
35 KB
10 KB
Script
General
Full URL
https://cofense.com/wp-content/plugins/download-manager/assets/bootstrap/js/bootstrap.min.js?ver=5.2.3
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
4b9329f540f2a0a583e6b0dff71f0f68d819ca3920c752fdb4e6bb1f88659cab

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:49 GMT
content-encoding
gzip
last-modified
Sat, 05 Oct 2019 12:23:07 GMT
server
nginx
status
200
etag
W/"5d988b2b-8c73"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
front.js?ver=5.2.3
/wp-content/plugins/download-manager/assets/js
9 KB
3 KB
Script
General
Full URL
https://cofense.com/wp-content/plugins/download-manager/assets/js/front.js?ver=5.2.3
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
0e72d4d7a1516d01d305645685a5c0d11b331e854283eb75fb44a45dfe50bdec

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:49 GMT
content-encoding
gzip
last-modified
Sat, 05 Oct 2019 12:23:07 GMT
server
nginx
status
200
etag
W/"5d988b2b-23c7"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
equal-height-columns-public.js?ver=1.1.0
/wp-content/plugins/equal-height-columns/public/js
7 KB
3 KB
Script
General
Full URL
https://cofense.com/wp-content/plugins/equal-height-columns/public/js/equal-height-columns-public.js?ver=1.1.0
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
40709d33f8087ff2d000f33d3be50a7241409eb411af7878dad1707f49cf1db5

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:49 GMT
content-encoding
gzip
last-modified
Sat, 05 Oct 2019 12:23:07 GMT
server
nginx
status
200
etag
W/"5d988b2b-1d33"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
core.min.js?ver=1.11.4
/wp-includes/js/jquery/ui
4 KB
2 KB
Script
General
Full URL
https://cofense.com/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
936567bc744e199e02bfc3c33fe2bc9c862999e0d479e2a694aa7485460a3960

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:49 GMT
content-encoding
gzip
last-modified
Sat, 05 Oct 2019 12:21:44 GMT
server
nginx
status
200
etag
W/"5d988ad8-fa0"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
script.js?ver=5.2.3
/wp-content/plugins/mega-addons-for-visual-composer/js
3 KB
1 KB
Script
General
Full URL
https://cofense.com/wp-content/plugins/mega-addons-for-visual-composer/js/script.js?ver=5.2.3
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
bfe8ebbb9a154092de88c4c438e3721fe9622818aaa98a8852bb02550cd8342f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:49 GMT
content-encoding
gzip
last-modified
Sat, 05 Oct 2019 12:23:05 GMT
server
nginx
status
200
etag
W/"5d988b29-c1c"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
modernizr.js?ver=1.1
/wp-content/plugins/elite-addons-vc/assets
10 KB
5 KB
Script
General
Full URL
https://cofense.com/wp-content/plugins/elite-addons-vc/assets/modernizr.js?ver=1.1
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
71209f63fc1592e55fcff12d74e9f6108505190c6e70df5cc7d5748af32b9365

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:49 GMT
content-encoding
gzip
last-modified
Sat, 05 Oct 2019 12:23:07 GMT
server
nginx
status
200
etag
W/"5d988b2b-283b"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
share-buttons.js?ver=1
/wp-content/themes/copro/js
3 KB
1 KB
Script
General
Full URL
https://cofense.com/wp-content/themes/copro/js/share-buttons.js?ver=1
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
faa4537366f405c58904225222e7f6f69af074f1e10a3a424cac9d78d6c4189f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:49 GMT
content-encoding
gzip
last-modified
Sat, 05 Oct 2019 12:23:01 GMT
server
nginx
status
200
etag
W/"5d988b25-a24"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
fancybox.min.js?ver=5.2.3
/wp-content/themes/copro/js/vendor
67 KB
22 KB
Script
General
Full URL
https://cofense.com/wp-content/themes/copro/js/vendor/fancybox.min.js?ver=5.2.3
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:49 GMT
content-encoding
gzip
last-modified
Sat, 05 Oct 2019 12:23:01 GMT
server
nginx
status
200
etag
W/"5d988b25-10a9d"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
shareaholic.js
dsms0mj1bbhn4.cloudfront.net/assets/pub
7 KB
3 KB
Script
General
Full URL
https://dsms0mj1bbhn4.cloudfront.net/assets/pub/shareaholic.js
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:5600:c:d51b:4400:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
818136856b98b088b1c74567150e2f9d46f56d51e174e0b7c477be97b4b2841c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:27:27 GMT
content-encoding
gzip
age
707
x-cache
Hit from cloudfront
status
200
x-hello-human
Join the fun! Apply at www.shareaholic.com/jobs
content-length
2990
access-control-allow-origin
*
last-modified
Fri, 04 Oct 2019 20:42:34 GMT
server
nginx
etag
"7c2aaa3717b67a04c0e1176c347616ec"
content-type
application/javascript
via
1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
cache-control
max-age=900, public
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
iHlWWOPzCUzi5ZDZbbwfQTVo5lDessOu4S9xwwEhQtn0zRsJmILJ-g==
js?id=AW-1061448384
www.googletagmanager.com/gtag
70 KB
27 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1061448384
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dc00ded0dff0709c81309cdd2f389a1bab65db52e0744247e02ba6448935b9ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:49 GMT
content-encoding
br
last-modified
Mon, 14 Oct 2019 15:00:00 GMT
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27315
x-xss-protection
0
expires
Mon, 14 Oct 2019 16:38:49 GMT
cofense-logo.svg
/wp-content/themes/copro/images
3 KB
1 KB
Image
General
Full URL
https://cofense.com/wp-content/themes/copro/images/cofense-logo.svg
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
ca57cc407c7eefa8e3901cc501b0988fdefbea8a5c2043cf9178dacbd4c197f9

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:49 GMT
content-encoding
gzip
last-modified
Sat, 05 Oct 2019 12:23:01 GMT
server
nginx
status
200
etag
W/"5d988b25-b20"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cofense-cbfree.png
/wp-content/uploads/2019/01
3 KB
3 KB
Image
General
Full URL
https://cofense.com/wp-content/uploads/2019/01/cofense-cbfree.png
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
2cf13ef8a0e548d45203297ecc6e21ad5f82fe24e759acbf9a9600996aa4528c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:49 GMT
last-modified
Sat, 05 Oct 2019 12:21:53 GMT
server
nginx
status
200
etag
"5d988ae1-c2a"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
3114
cofense-lms.png
/wp-content/uploads/2019/01
3 KB
3 KB
Image
General
Full URL
https://cofense.com/wp-content/uploads/2019/01/cofense-lms.png
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
102f598e077a43ea681594e0750b0e835960f288bada922fff4107785b3c7e31

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:50 GMT
last-modified
Sat, 05 Oct 2019 12:21:53 GMT
server
nginx
status
200
etag
"5d988ae1-cd3"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
3283
cofense-reporter.png
/wp-content/uploads/2019/01
3 KB
3 KB
Image
General
Full URL
https://cofense.com/wp-content/uploads/2019/01/cofense-reporter.png
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
f6fa548f3755570ef254a6b934091fcd2634717a57060511fd414a704e7dc95c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:50 GMT
last-modified
Sat, 05 Oct 2019 12:21:53 GMT
server
nginx
status
200
etag
"5d988ae1-b2e"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
2862
cofense-triage.png
/wp-content/uploads/2019/01
3 KB
3 KB
Image
General
Full URL
https://cofense.com/wp-content/uploads/2019/01/cofense-triage.png
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
12a5ec5674ef088f8c198091b7eb6d0478cf5aae6465c09634abae505332d149

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:50 GMT
last-modified
Sat, 05 Oct 2019 12:21:53 GMT
server
nginx
status
200
etag
"5d988ae1-c04"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
3076
cofense-vision.png
/wp-content/uploads/2019/01
3 KB
3 KB
Image
General
Full URL
https://cofense.com/wp-content/uploads/2019/01/cofense-vision.png
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
1a71c8fe9799162a1bbb1faf1f7e60c7db8e90eb15779a9b6b1bf4e0812890f3

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:50 GMT
last-modified
Sat, 05 Oct 2019 12:21:53 GMT
server
nginx
status
200
etag
"5d988ae1-ad5"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
2773
cofense-pds.png
/wp-content/uploads/2019/01
4 KB
4 KB
Image
General
Full URL
https://cofense.com/wp-content/uploads/2019/01/cofense-pds.png
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
f498997e7a39cb345fb129f9158745de59167f8aee78cc573554bd2f5dbc92c7

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:50 GMT
last-modified
Sat, 05 Oct 2019 12:21:53 GMT
server
nginx
status
200
etag
"5d988ae1-ff4"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
4084
cofense-intelligence.png
/wp-content/uploads/2019/01
3 KB
3 KB
Image
General
Full URL
https://cofense.com/wp-content/uploads/2019/01/cofense-intelligence.png
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
7fd52abcc46a46e1d1f39cf3677e2a581b4365872258b5fbc5e28eb183fb6410

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:50 GMT
last-modified
Sat, 05 Oct 2019 12:21:53 GMT
server
nginx
status
200
etag
"5d988ae1-c34"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
3124
cofense-anti_phishing.png
/wp-content/uploads/2019/01
3 KB
4 KB
Image
General
Full URL
https://cofense.com/wp-content/uploads/2019/01/cofense-anti_phishing.png
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
dcf0ed4637baad54fcb989e19d846af475b449504753f00ccc26e434aa4f69aa

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:50 GMT
last-modified
Sat, 05 Oct 2019 12:21:53 GMT
server
nginx
status
200
etag
"5d988ae1-dcb"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
3531
gtm.js?id=GTM-5RQ37KH
www.googletagmanager.com
100 KB
33 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5RQ37KH
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
07d83c24cb826159e77c32c4f55ac204183fc1ad6fe355cce0c16df8d294fb18
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:49 GMT
content-encoding
br
last-modified
Mon, 14 Oct 2019 15:00:00 GMT
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
34188
x-xss-protection
0
expires
Mon, 14 Oct 2019 16:38:49 GMT
wp-emoji-release.min.js?ver=5.2.3
/wp-includes/js
14 KB
5 KB
Script
General
Full URL
https://cofense.com/wp-includes/js/wp-emoji-release.min.js?ver=5.2.3
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
f4799ef2939b8377cf33f07b07b6d90a4a245adbf1c6eaf47ee3b0fcefcc07fe

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:50 GMT
content-encoding
gzip
last-modified
Sat, 05 Oct 2019 12:21:44 GMT
server
nginx
status
200
etag
W/"5d988ad8-3610"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cofense-tool_free.png
/wp-content/uploads/2019/01
4 KB
4 KB
Image
General
Full URL
https://cofense.com/wp-content/uploads/2019/01/cofense-tool_free.png
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
34e519f356cd6ba10f734b15be08823afa136212f51ce9784868ecf60ee38bac

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:50 GMT
last-modified
Sat, 05 Oct 2019 12:21:53 GMT
server
nginx
status
200
etag
"5d988ae1-f9b"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
3995
cofense-threat_education.png
/wp-content/uploads/2019/01
4 KB
4 KB
Image
General
Full URL
https://cofense.com/wp-content/uploads/2019/01/cofense-threat_education.png
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
dc83f496595b1d3b55fd6aeae76471a9d89284e1026849b5ab805bc3e8116739

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:50 GMT
last-modified
Sat, 05 Oct 2019 12:21:53 GMT
server
nginx
status
200
etag
"5d988ae1-e51"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
3665
cofense-livefeed.png
/wp-content/uploads/2019/01
5 KB
5 KB
Image
General
Full URL
https://cofense.com/wp-content/uploads/2019/01/cofense-livefeed.png
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
201ac106aa78dbaf7062e570803b878ae8d4e909608bc19dc77bdfdc39fe85d0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:50 GMT
last-modified
Sat, 05 Oct 2019 12:21:53 GMT
server
nginx
status
200
etag
"5d988ae1-12ad"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
4781
cofense-cloud_seeker.png
/wp-content/uploads/2019/01
4 KB
5 KB
Image
General
Full URL
https://cofense.com/wp-content/uploads/2019/01/cofense-cloud_seeker.png
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
fde4dd0ab5add3a76f91f880c510718310cdf21d8fed6e65b5bd0a624a02ea69

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:50 GMT
last-modified
Sat, 05 Oct 2019 12:21:53 GMT
server
nginx
status
200
etag
"5d988ae1-1166"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
4454
cofense-pdc.png
/wp-content/uploads/2019/01
5 KB
5 KB
Image
General
Full URL
https://cofense.com/wp-content/uploads/2019/01/cofense-pdc.png
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
7458155df05cb5b99e3546bb1dedb59ccd2fe6dc0a9d766c7e2f38f748d31654

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:50 GMT
last-modified
Sat, 05 Oct 2019 12:21:53 GMT
server
nginx
status
200
etag
"5d988ae1-14ac"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
5292
cofense-threat_alerts.png
/wp-content/uploads/2019/01
3 KB
3 KB
Image
General
Full URL
https://cofense.com/wp-content/uploads/2019/01/cofense-threat_alerts.png
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
2f646c0b23cd81ccb0a37a96186572b394b4e2dfd4974da05559d7381d5989a4

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:50 GMT
last-modified
Sat, 05 Oct 2019 12:21:53 GMT
server
nginx
status
200
etag
"5d988ae1-c7a"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
3194
Artboard-1box-480x198.png
/wp-content/uploads/2019/09
11 KB
11 KB
Image
General
Full URL
https://cofense.com/wp-content/uploads/2019/09/Artboard-1box-480x198.png
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
ec7d4327592dddc930893d33bfe1b7f8692a8b53152d0baeffce8a9c32e66c56

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:50 GMT
last-modified
Sat, 05 Oct 2019 12:21:47 GMT
server
nginx
status
200
etag
"5d988adb-2d05"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
11525
Figure-1-480x427.png
/wp-content/uploads/2019/09
59 KB
60 KB
Image
General
Full URL
https://cofense.com/wp-content/uploads/2019/09/Figure-1-480x427.png
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
1f16ad4e49e769ef5595e3553ae6675229ac64a728939fbd636aa976781f140a

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:50 GMT
last-modified
Sat, 05 Oct 2019 12:21:47 GMT
server
nginx
status
200
etag
"5d988adb-ede4"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
60900
figure-2-600x281.png
/wp-content/uploads/2019/09
41 KB
41 KB
Image
General
Full URL
https://cofense.com/wp-content/uploads/2019/09/figure-2-600x281.png
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
c683e1be7d5d90d3318701cd687dfbb25bf205c51ea27cffb603bf6d650c6806

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:50 GMT
last-modified
Sat, 05 Oct 2019 12:21:48 GMT
server
nginx
status
200
etag
"5d988adc-a3ad"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
41901
figure-3-480x427.png
/wp-content/uploads/2019/09
187 KB
187 KB
Image
General
Full URL
https://cofense.com/wp-content/uploads/2019/09/figure-3-480x427.png
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
eae84f06232b9490bf2b268bbf91eb70b7f0491219ec9abca0ca1421595dd709

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:50 GMT
last-modified
Sat, 05 Oct 2019 12:21:48 GMT
server
nginx
status
200
etag
"5d988adc-2eb9f"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
191391
jquery.form.min.js?ver=4.2.1
/wp-includes/js/jquery
16 KB
6 KB
Script
General
Full URL
https://cofense.com/wp-includes/js/jquery/jquery.form.min.js?ver=4.2.1
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
ee1a97f49961f87c6aa495dca24759a1ca097b3c8612401e45c09248fae2fffa

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:50 GMT
content-encoding
gzip
last-modified
Sat, 05 Oct 2019 12:21:44 GMT
server
nginx
status
200
etag
W/"5d988ad8-4028"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery.t-countdown.js?ver=2.4.0
/wp-content/plugins/jquery-t-countdown-widget/js
9 KB
3 KB
Script
General
Full URL
https://cofense.com/wp-content/plugins/jquery-t-countdown-widget/js/jquery.t-countdown.js?ver=2.4.0
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
a6dcb2582661566fdc1517014d9eea855588c2a8409067eca719b8bb1da475dc

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:50 GMT
content-encoding
gzip
last-modified
Sat, 05 Oct 2019 12:23:06 GMT
server
nginx
status
200
etag
W/"5d988b2a-23d2"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
wow.min.js
/wp-content/plugins/elite-addons-vc/assets
8 KB
3 KB
Script
General
Full URL
https://cofense.com/wp-content/plugins/elite-addons-vc/assets/wow.min.js
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
cfa1739ee346d63a3d3cfdff8c18cbe8fdedbcb32d4b0895028c193ce828e7a5

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:50 GMT
content-encoding
gzip
last-modified
Sat, 05 Oct 2019 12:23:07 GMT
server
nginx
status
200
etag
W/"5d988b2b-1ff6"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
modules.min.js?ver=1.1
/wp-content/plugins/elite-addons-vc/assets
121 KB
35 KB
Script
General
Full URL
https://cofense.com/wp-content/plugins/elite-addons-vc/assets/modules.min.js?ver=1.1
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
8b950c87c8fcca9e5a47bbe6143f7a2df9a783faf9a11b07559d35a7adddb504

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:50 GMT
content-encoding
gzip
last-modified
Sat, 05 Oct 2019 12:23:07 GMT
server
nginx
status
200
etag
W/"5d988b2b-1e4e2"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
owl.carousel.js?ver=1.0
/wp-content/themes/copro/css/libs/owl-carousel
38 KB
9 KB
Script
General
Full URL
https://cofense.com/wp-content/themes/copro/css/libs/owl-carousel/owl.carousel.js?ver=1.0
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e13c8733b82140ef6edef5f6ce96c0387419b93dd9b73fab8807a43a09d1fd73

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:50 GMT
content-encoding
gzip
last-modified
Sat, 05 Oct 2019 12:23:01 GMT
server
nginx
status
200
etag
W/"5d988b25-99c8"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery.sticky.js?ver=30
/wp-content/themes/copro/js
10 KB
3 KB
Script
General
Full URL
https://cofense.com/wp-content/themes/copro/js/jquery.sticky.js?ver=30
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
bcf6b9b28cec8958f9d3f3ee39070e85ffd46d670f1f0baa7cd21aa24c188a00

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:50 GMT
content-encoding
gzip
last-modified
Sat, 05 Oct 2019 12:23:01 GMT
server
nginx
status
200
etag
W/"5d988b25-2765"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
custom.js?ver=1570278181
/wp-content/themes/copro/js
14 KB
4 KB
Script
General
Full URL
https://cofense.com/wp-content/themes/copro/js/custom.js?ver=1570278181
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
988698cdde3292e370653b137f03fa593cc4cea173f94e99f2111ed168e87dde

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:50 GMT
content-encoding
gzip
last-modified
Sat, 05 Oct 2019 12:23:01 GMT
server
nginx
status
200
etag
W/"5d988b25-3851"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
theme-scripts.js?ver=1
/wp-content/themes/copro/js
139 KB
39 KB
Script
General
Full URL
https://cofense.com/wp-content/themes/copro/js/theme-scripts.js?ver=1
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
5c722519d5b20bb22f0453889d36e0ba6ce9bd967d93fbbe7a9682d31cf31be5

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:50 GMT
content-encoding
gzip
last-modified
Sat, 05 Oct 2019 12:23:02 GMT
server
nginx
status
200
etag
W/"5d988b26-22de9"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
select2.min.js
/wp-content/themes/copro/js/vendor
66 KB
19 KB
Script
General
Full URL
https://cofense.com/wp-content/themes/copro/js/vendor/select2.min.js
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
d7dd05bfc68901dbb2c883a7bd65698c29b3917d61f0e12d1966dca14d5056c0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:50 GMT
content-encoding
gzip
last-modified
Sat, 05 Oct 2019 12:23:01 GMT
server
nginx
status
200
etag
W/"5d988b25-10964"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery.waypoints.min.js?ver=3
/wp-content/themes/copro/js/vendor
9 KB
3 KB
Script
General
Full URL
https://cofense.com/wp-content/themes/copro/js/vendor/jquery.waypoints.min.js?ver=3
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
368daab67b1a5b2b2802edbbac79a2aa4ba992a2ebf9c67b98ad784d8004018c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:50 GMT
content-encoding
gzip
last-modified
Sat, 05 Oct 2019 12:23:01 GMT
server
nginx
status
200
etag
W/"5d988b25-2344"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
sticky.min.js?ver=3
/wp-content/themes/copro/js/vendor
1 KB
817 B
Script
General
Full URL
https://cofense.com/wp-content/themes/copro/js/vendor/sticky.min.js?ver=3
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
14c52b4f1daa1aa3a92d960a311d4518da07e80b7b1a443d3f1a55c0968c99a0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:50 GMT
content-encoding
gzip
last-modified
Sat, 05 Oct 2019 12:23:02 GMT
server
nginx
status
200
etag
W/"5d988b26-4db"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
comment-reply.min.js?ver=5.2.3
/wp-includes/js
2 KB
1 KB
Script
General
Full URL
https://cofense.com/wp-includes/js/comment-reply.min.js?ver=5.2.3
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
31cb76c05cbf5d71466f93078e8ba0f6e39cd92d0acc86d385b8cf2899963695

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:50 GMT
content-encoding
gzip
last-modified
Sat, 05 Oct 2019 12:21:44 GMT
server
nginx
status
200
etag
W/"5d988ad8-8ba"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
wp-embed.min.js?ver=5.2.3
/wp-includes/js
1 KB
992 B
Script
General
Full URL
https://cofense.com/wp-includes/js/wp-embed.min.js?ver=5.2.3
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:50 GMT
content-encoding
gzip
last-modified
Sat, 05 Oct 2019 12:21:44 GMT
server
nginx
status
200
etag
W/"5d988ad8-57b"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery.json.min.js?ver=2.4.3
/wp-content/plugins/gravityforms/js
2 KB
1 KB
Script
General
Full URL
https://cofense.com/wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.4.3
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
a9f6c03ce6f4d1654f29f2136651e883198d509cb2e26af1c24b1f87b6ccae13

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:50 GMT
content-encoding
gzip
last-modified
Sat, 05 Oct 2019 12:23:06 GMT
server
nginx
status
200
etag
W/"5d988b2a-738"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
gravityforms.min.js?ver=2.4.3
/wp-content/plugins/gravityforms/js
33 KB
10 KB
Script
General
Full URL
https://cofense.com/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.4.3
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
98984bbc9d46fc5e6ef61b1882e77303377713b957b6ef0f8475ceca54dc6c18

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:50 GMT
content-encoding
gzip
last-modified
Sat, 05 Oct 2019 12:23:06 GMT
server
nginx
status
200
etag
W/"5d988b2a-853b"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
css?family=Montserrat:300,400,700
fonts.googleapis.com
5 KB
615 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat:300,400,700
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
b1f883af57822077826c9ac07ee32dd79cc07ff96d3115508c12b3c355abf394
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 14 Oct 2019 16:38:49 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Mon, 14 Oct 2019 16:38:49 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 14 Oct 2019 16:38:49 GMT
1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
fonts.gstatic.com/s/raleway/v14
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/raleway/v14/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
Requested by
Host: cofense.com
URL: https://cofense.com/wp-content/plugins/elite-addons-vc/assets/modernizr.js?ver=1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
7e347b66fb1145f780600551e06778b33ecaca5c45897ac90eb96eb4b6afd082
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Raleway%3A300%2C400%2C700&ver=1
Origin
https://cofense.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 17:51:49 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:48:04 GMT
server
sffe
age
254820
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13428
x-xss-protection
0
expires
Sat, 10 Oct 2020 17:51:49 GMT
nav-arrow.png
/wp-content/themes/copro/images
3 KB
3 KB
Image
General
Full URL
https://cofense.com/wp-content/themes/copro/images/nav-arrow.png
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
a05ce29b1660d2755713106d272474ec04a2524269517b23603f325230d2d4c9

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/wp-content/themes/copro/css/custom-styles.css?ver=1570278182
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:50 GMT
last-modified
Sat, 05 Oct 2019 12:23:01 GMT
server
nginx
status
200
etag
"5d988b25-b8d"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
2957
icn-nav-search@2x.png
/wp-content/themes/copro/images
1 KB
1 KB
Image
General
Full URL
https://cofense.com/wp-content/themes/copro/images/icn-nav-search@2x.png
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
21110fa48987dc5804b08b84e1008e7c922f7b028c6291c64a6845fbb868014f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/wp-content/themes/copro/css/custom-styles.css?ver=1570278182
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:50 GMT
last-modified
Sat, 05 Oct 2019 12:23:01 GMT
server
nginx
status
200
etag
"5d988b25-514"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
1300
b-g.png
/wp-content/themes/copro/images
840 KB
841 KB
Image
General
Full URL
https://cofense.com/wp-content/themes/copro/images/b-g.png
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
8c3f327cab31c3d02e5bf8d08bac753e210f1f12588a1197226bccff955a0df9

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/wp-content/themes/copro/css/custom-styles.css?ver=1570278182
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:50 GMT
last-modified
Sat, 05 Oct 2019 12:23:04 GMT
server
nginx
status
200
etag
"5d988b28-d20af"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
860335
footer-graphic.png
/wp-content/uploads/2016/07
16 KB
16 KB
Image
General
Full URL
https://cofense.com/wp-content/uploads/2016/07/footer-graphic.png
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
1c80b6cd2eba57ae2b468a90b970f45790801cfd609a37bce090b8b65dc0a55f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/wp-content/themes/copro/style.css?ver=5.2.3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:50 GMT
last-modified
Sat, 05 Oct 2019 12:22:43 GMT
server
nginx
status
200
etag
"5d988b13-4105"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
16645
footer-graphic-b.png
/wp-content/uploads/2016/07
212 B
413 B
Image
General
Full URL
https://cofense.com/wp-content/uploads/2016/07/footer-graphic-b.png
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
88b758789019407fc4c2461c0d188aa776cb4b72d759e3c670b73d68fabf383a

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/wp-content/themes/copro/style.css?ver=5.2.3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:50 GMT
last-modified
Sat, 05 Oct 2019 12:22:43 GMT
server
nginx
status
200
etag
"5d988b13-d4"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
212
footer-graphic-a.png
/wp-content/uploads/2016/07
107 B
308 B
Image
General
Full URL
https://cofense.com/wp-content/uploads/2016/07/footer-graphic-a.png
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
0b0200866fae3fcc0c3f1acf6d8dc18fb93ce8b7a55cc7fbc31b231b01764ddb

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cofense.com/wp-content/themes/copro/style.css?ver=5.2.3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:50 GMT
last-modified
Sat, 05 Oct 2019 12:22:43 GMT
server
nginx
status
200
etag
"5d988b13-6b"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
107
fontawesome-webfont.woff?v=4.2.0
/wp-content/themes/copro/css/libs/fonts
64 KB
64 KB
Font
General
Full URL
https://cofense.com/wp-content/themes/copro/css/libs/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.168.180 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
180.168.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

Sec-Fetch-Mode
cors
Referer
https://cofense.com/wp-content/themes/copro/css/libs/font-awesome-css/font-awesome.min.css?ver=4.1.0
Origin
https://cofense.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:50 GMT
last-modified
Sat, 05 Oct 2019 12:23:02 GMT
server
nginx
status
200
etag
"5d988b26-ffac"
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
65452
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Roboto%3A100%2C300%2C400%2C500%2C700%2C900%2C100italic%2C300italic%2C400italic%2C500italic%2C700italic%2C900italic&ver=5.2.3
Origin
https://cofense.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 08 Oct 2019 20:54:21 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
503069
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
11056
x-xss-protection
0
expires
Wed, 07 Oct 2020 20:54:21 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Roboto%3A100%2C300%2C400%2C500%2C700%2C900%2C100italic%2C300italic%2C400italic%2C500italic%2C700italic%2C900italic&ver=5.2.3
Origin
https://cofense.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 11 Oct 2019 17:55:15 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
254615
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
11016
x-xss-protection
0
expires
Sat, 10 Oct 2020 17:55:15 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Roboto%3A100%2C300%2C400%2C500%2C700%2C900%2C100italic%2C300italic%2C400italic%2C500italic%2C700italic%2C900italic&ver=5.2.3
Origin
https://cofense.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 10 Oct 2019 08:23:20 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
375330
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
11020
x-xss-protection
0
expires
Fri, 09 Oct 2020 08:23:20 GMT
KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2
fonts.gstatic.com/s/roboto/v20
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2
Requested by
Host: cofense.com
URL: https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
3be0a916496d7936bb83ce60a4de9f10ef400f16c38e7dd7c65449c795e7739b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Roboto%3A100%2C300%2C400%2C500%2C700%2C900%2C100italic%2C300italic%2C400italic%2C500italic%2C700italic%2C900italic&ver=5.2.3
Origin
https://cofense.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 10 Oct 2019 11:51:35 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:19:00 GMT
server
sffe
age
362835
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
12680
x-xss-protection
0
expires
Fri, 09 Oct 2020 11:51:35 GMT
shrMain.min.js
k4z6w9b5.stackpathcdn.com/v2/0097d5d2
154 KB
47 KB
Script
General
Full URL
https://k4z6w9b5.stackpathcdn.com/v2/0097d5d2/shrMain.min.js
Requested by
Host: dsms0mj1bbhn4.cloudfront.net
URL: https://dsms0mj1bbhn4.cloudfront.net/assets/pub/shareaholic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
d18c32c54399f14b1be6aa4ebd58726c55088f38966c0a3bb234de0d16801a72

Request headers

Sec-Fetch-Mode
cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
Origin
https://cofense.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 14 Oct 2019 16:38:50 GMT
content-encoding
gzip
last-modified
Fri, 04 Oct 2019 20:42:11 GMT
server
nginx
x-amz-request-id
E08BFA5CBAEDAA5A
etag
"a47302ad07bc75cbf052ffee1c525289"
x-hw
1571071130.cds070.fr8.hn,1571071130.cds017.fr8.c
content-type
application/javascript
status
200
cache-control
max-age=31536000, public
x-hello-human
Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges
bytes
access-control-allow-origin
*
content-length
47965
x-amz-id-2
b7+pzggoqY8otiR9AVll1BF/o6I8oD6MUj8RjtkwJqR2EDdghAMWZE1S8AUKQHn7USwi/9d0TIQ=
62df9f201cc7c19a56912daae814efca.json
www.shareaholic.net/config
10 KB
2 KB
XHR
General
Full URL
https://www.shareaholic.net/config/62df9f201cc7c19a56912daae814efca.json
Requested by
Host: dsms0mj1bbhn4.cloudfront.net
URL: https://dsms0mj1bbhn4.cloudfront.net/assets/pub/shareaholic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.229.155.226 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-229-155-226.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6ac733ed8cd80f9b76f5ea150b75d34836cacfc7d4bf73821910d9f09d99c9b3

Request headers

Sec-Fetch-Mode
cors
Referer
https://cofense.com/threat-actors-use-percentage-based-url-encoding-bypass-email-gateways/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-client-geo-country
DE,Germany
date
Mon, 14 Oct 2019 14:43:40 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-origin
*
status
200
access-control-allow-methods
GET, HEAD
content-length
1601
server
nginx
x-client-geo-region
x-client-geo-metrocode
etag
W/"6ac733ed8cd80f9b76f5ea150b75d348"
access-control-max-age
2000
x-client-geo-city
x-varnish
86137478 409456889
via
1.1 varnish (Varnish/6.0)
access-control-expose-headers
Etag, Access-Control-Allow-Origin, x-client-geo-latlong, x-client-geo-country, x-client-geo-city, x-client-geo-zip, x-client-geo-region, x-client-geo-metrocode
cache-control
max-age=3, public, must-revalidate
x-client-geo-zip
accept-ranges
bytes
content-type
application/json
access-control-allow-headers
*
x-client-geo-latlong
51.299300,9.491000
shrMain.min.js
k4z6w9b5.stackpathcdn.com/v2/0097d5d2
154 KB
47 KB