www.area1security.com Open in urlscan Pro
2606:4700::6812:1a99 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://go.area1security.com/io6A0gT9g0P00I000sj2G0a
Effective URL:
https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_co...
Submission: On January 29 via manual (January 29th 2021, 8:09:13 pm UTC) from US

Summary HTTP 90 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 31 IPs in 7 countries across 27 domains to perform 90 HTTP transactions. The main IP is 2606:4700::6812:1a99, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.area1security.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 21st 2020. Valid for: a year.

This is the only time www.area1security.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
38	2606:4700::68... 2606:4700::6812:1a99	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:a823	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba0a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:285::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	54.175.121.11 54.175.121.11	14618 (AMAZON-AES) (AMAZON-AES)
2	151.101.14.109 151.101.14.109	54113 (FASTLY) (FASTLY)
1 2	2606:4700::68... 2606:4700::6810:7daf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:3::621 2a04:4e42:3::621	54113 (FASTLY) (FASTLY)
1	104.16.96.80 104.16.96.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2a03:b0c0:3:e... 2a03:b0c0:3:e0::26f:c001	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	68.232.35.12 68.232.35.12	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	216.239.34.21 216.239.34.21	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1 1	216.58.210.2 216.58.210.2	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
2	13.224.94.122 13.224.94.122	16509 (AMAZON-02) (AMAZON-02)
1	104.108.48.95 104.108.48.95	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6812:1bbe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	69.90.254.51 69.90.254.51	13768 (COGECO-PEER1) (COGECO-PEER1)
2	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
1 4	2.18.233.40 2.18.233.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	54.217.146.39 54.217.146.39	16509 (AMAZON-02) (AMAZON-02)
1	63.35.114.199 63.35.114.199	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
90	31

38 2606:4700::6812:1a99 (United States)

ASN13335 (CLOUDFLARENET, US)

go.area1security.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.area1security.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:a823 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba0a (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:285::19fd (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.175.121.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-121-11.compute-1.amazonaws.com

www.bugherd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

extend.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7daf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::621 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.96.80 (United States)

ASN13335 (CLOUDFLARENET, US)

app-ab22.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:b0c0:3:e0::26f:c001 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

plausible.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.232.35.12 (United States)

ASN15133 (EDGECAST, US)

cdn.bizible.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.bizibly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.34.21 (Los Gatos, United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2215.1e100.net

ipinfo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.210.2 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.94.122 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-94-122.zrh50.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.108.48.95 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-48-95.deploy.static.akamaitechnologies.com

origin.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1bbe (United States)

ASN13335 (CLOUDFLARENET, US)

tracking.g2crowd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.90.254.51 (Canada)

ASN13768 (COGECO-PEER1, CA)

e.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.233.40 (Ascension Island) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-40.deploy.static.akamaitechnologies.com

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.217.146.39 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

d.adroll.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.35.114.199 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	area1security.com go.area1security.com www.area1security.com	3 MB
6	googleapis.com fonts.googleapis.com maps.googleapis.com ajax.googleapis.com	153 KB
6	cloudflare.com ajax.cloudflare.com cdnjs.cloudflare.com	50 KB
5	adroll.com 1 redirects s.adroll.com d.adroll.com	15 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	62 KB
4	google-analytics.com www.google-analytics.com	19 KB
3	bizible.com cdn.bizible.com	34 KB
2	twitter.com platform.twitter.com	29 KB
2	acuityplatform.com origin.acuityplatform.com e.acuityplatform.com	2 KB
2	driftt.com js.driftt.com	45 KB
2	unpkg.com 1 redirects unpkg.com	35 KB
2	vimeocdn.com extend.vimeocdn.com	11 KB
2	googletagmanager.com www.googletagmanager.com	114 KB
2	typekit.net use.typekit.net p.typekit.net	1 KB
1	consensu.org 1 redirects d.adroll.mgr.consensu.org	138 B
1	bizibly.com cdn.bizibly.com	202 B
1	g2crowd.com tracking.g2crowd.com	1 KB
1	google.de www.google.de	107 B
1	google.com www.google.com	108 B
1	google.pl www.google.pl	569 B
1	googleadservices.com 1 redirects www.googleadservices.com	187 B
1	doubleclick.net stats.g.doubleclick.net	92 B
1	ipinfo.io ipinfo.io	413 B
1	plausible.io plausible.io	985 B
1	marketo.com app-ab22.marketo.com	69 KB
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	bugherd.com www.bugherd.com	748 B
90	27

	Domain	Requested by
37	www.area1security.com	go.area1security.com www.area1security.com ajax.cloudflare.com
4	s.adroll.com	1 redirects go.area1security.com s.adroll.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	cdnjs.cloudflare.com	ajax.cloudflare.com www.googletagmanager.com
4	maps.googleapis.com	ajax.cloudflare.com maps.googleapis.com
3	cdn.bizible.com	ajax.cloudflare.com cdn.bizible.com
3	fonts.gstatic.com	fonts.googleapis.com
2	platform.twitter.com	www.area1security.com platform.twitter.com
2	js.driftt.com	go.area1security.com js.driftt.com
2	www.gstatic.com	go.area1security.com www.gstatic.com
2	unpkg.com	1 redirects www.area1security.com
2	extend.vimeocdn.com	ajax.cloudflare.com
2	www.googletagmanager.com	www.area1security.com www.googletagmanager.com
2	ajax.cloudflare.com	go.area1security.com www.area1security.com
1	d.adroll.com
1	d.adroll.mgr.consensu.org	1 redirects
1	cdn.bizibly.com
1	e.acuityplatform.com	origin.acuityplatform.com
1	tracking.g2crowd.com	go.area1security.com
1	origin.acuityplatform.com	go.area1security.com
1	www.google.de	www.area1security.com
1	www.google.com	www.area1security.com
1	www.google.pl	www.area1security.com
1	www.googleadservices.com	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	ipinfo.io	www.googletagmanager.com
1	plausible.io	ajax.cloudflare.com
1	ajax.googleapis.com	ajax.cloudflare.com
1	app-ab22.marketo.com	ajax.cloudflare.com
1	cdn.jsdelivr.net	ajax.cloudflare.com
1	www.bugherd.com	ajax.cloudflare.com
1	p.typekit.net	use.typekit.net
1	fonts.googleapis.com	www.area1security.com
1	use.typekit.net	www.area1security.com
1	go.area1security.com
90	35

This site contains links to these domains. Also see Links.

Domain
www.g2.com
onlinexperiences.com
www.facebook.com
twitter.com
www.linkedin.com
www.computerweekly.com
blog.knowbe4.com
www.tripwire.com
go.area1security.com
www.youtube.com
www.instagram.com

Subject Issuer	Validity	Valid
go.area1security.com Cloudflare Inc ECC CA-3	`2020-07-04` - `2021-07-04`	a year	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-11-21` - `2021-11-20`	a year	crt.sh
use.typekit.net DigiCert SHA2 Secure Server CA	`2020-01-28` - `2022-02-01`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2019-12-06` - `2021-12-10`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
www.bugherd.com R3	`2021-01-16` - `2021-04-16`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-26` - `2021-04-17`	6 months	crt.sh
app-ab22.marketo.com Cloudflare Inc ECC CA-3	`2020-07-09` - `2021-07-09`	a year	crt.sh
plausible.io R3	`2021-01-17` - `2021-04-17`	3 months	crt.sh
io.bizible.com DigiCert SHA2 Secure Server CA	`2020-12-14` - `2021-11-15`	a year	crt.sh
ipinfo.io GTS CA 1D2	`2021-01-24` - `2021-04-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.google.pl GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
drift.com Amazon	`2020-09-21` - `2021-10-23`	a year	crt.sh
*.acuityplatform.com DigiCert Secure Site ECC CA-1	`2020-04-14` - `2021-07-14`	a year	crt.sh
*.g2crowd.com Sectigo ECC Domain Validation Secure Server CA	`2020-08-30` - `2021-09-28`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.adroll.com DigiCert SHA2 Secure Server CA	`2020-01-29` - `2021-04-29`	a year	crt.sh
adroll.mgr.consensu.org Amazon	`2020-10-08` - `2021-11-07`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
Frame ID: F2B1D721A90AE53D57640B02CE1AE833
Requests: 88 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html?origin=https%3A%2F%2Fwww.area1security.com
Frame ID: 45A4BEC19D10C9C894B3EEADDF163C1E
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/deploy/assets/index.html
Frame ID: 5F6AC42F33B8EB9857680D095A8CC842
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://go.area1security.com/io6A0gT9g0P00I000sj2G0a Page URL
https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newslette... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

90
Requests

100 %
HTTPS

64 %
IPv6

27
Domains

35
Subdomains

31
IPs

7
Countries

3235 kB
Transfer

6123 kB
Size

10
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.g2.com/products/area-1-security/reviews
Title: Customer Reviews

Search URL Search Domain Scan URL

URL: https://onlinexperiences.com/Launch/QReg/ShowUUID=118D4ED6-3B62-4CB4-AEDB-971733482D72&referrer=AREA1SECa
Title: Register Here

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=/blog/pfizer-vaccine-phishing-campaign/&t=Count%20Yourself%20in%20For%20a%20Vaccine%20Phish

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=/blog/pfizer-vaccine-phishing-campaign/&via=Count%20Yourself%20in%20For%20a%20Vaccine%20Phish
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/sharing/share-offsite?mini=true&url=/blog/pfizer-vaccine-phishing-campaign/&via=Count%20Yourself%20in%20For%20a%20Vaccine%20Phish
Title:

Search URL Search Domain Scan URL

URL: https://www.computerweekly.com/news/252493523/Surge-in-Covid-19-vaccine-phishing-scams-reported
Title: attacks

Search URL Search Domain Scan URL

URL: https://blog.knowbe4.com/theyre-here-covid-19-vaccine-phishes-finally-arrive
Title: number of similar campaigns

Search URL Search Domain Scan URL

URL: https://www.tripwire.com/state-of-security/security-data-protection/phishers-send-out-fake-cpanel-security-vulnerabilities-advisory/
Title: cPanel-themed phishing attacks

Search URL Search Domain Scan URL

URL: https://go.area1security.com/io6A0gT9g0P00I000sj2G0a
Title: < View Previous Page

Search URL Search Domain Scan URL

URL: https://twitter.com/area1security

Search URL Search Domain Scan URL

URL: https://www.facebook.com/A1S.Area1/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/area-1-security

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC4SryCvqE_xUiHsoNN-oqyA

Search URL Search Domain Scan URL

URL: https://www.instagram.com/area1security/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://go.area1security.com/io6A0gT9g0P00I000sj2G0a Page URL
https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://unpkg.com/swiper/swiper-bundle.min.js HTTP 302
https://unpkg.com/swiper@6.4.10/swiper-bundle.min.js

Request Chain 62

https://www.googleadservices.com/pagead/conversion/923313590/wcm?cc=ZZ&dn=6504919371&cl=00ozCIOi-IQBELbLorgD&ref=https%3A%2F%2Fgo.area1security.com%2Fio6A0gT9g0P00I000sj2G0a&ct_eid=2 HTTP 302
https://www.google.pl/pagead/attribution/wcm?cc=ZZ&dn=6504919371&cl=00ozCIOi-IQBELbLorgD

Request Chain 82

https://s.adroll.com/j/exp/5EGGX7PHUFEY7N5HSUGQQ4/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 84

https://d.adroll.mgr.consensu.org/consent/iabcheck/5EGGX7PHUFEY7N5HSUGQQ4?_s=495d3e481534d7b95b1d34f8ab86bdb9&_b=2 HTTP 302
https://d.adroll.com/consent/check/5EGGX7PHUFEY7N5HSUGQQ4/?_s=495d3e481534d7b95b1d34f8ab86bdb9&_b=2

90 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 io6A0gT9g0P00I000sj2G0a Show response
go.area1security.com/ 1 KB
1 KB 521ms
485ms Document
text/html 2606:4700::6812:1a99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.area1security.com/io6A0gT9g0P00I000sj2G0a

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:1a99 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81c534d64fc156ae44b3fa90016b1b09f3abb37013be4e1abf7f49d05d82e9fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: go.area1security.com
:scheme: https
:path: /io6A0gT9g0P00I000sj2G0a
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:56 GMT
content-type: text/html
set-cookie: __cfduid=d872bd032de7af6cd67c8ec8a089dc5df1611950936; expires=Sun, 28-Feb-21 20:08:56 GMT; path=/; domain=.area1security.com; HttpOnly; SameSite=Lax __cfduid=dd5c7ead07b11e689e96284ba4db644771611950936; expires=Sun, 28-Feb-21 20:08:56 GMT; path=/; domain=.go.area1security.com; HttpOnly; SameSite=Lax BIGipServerab_mailtracking_80=!udzqeEQjKK8Kas25yiPNdgcigIaMSVYdAg4PW1e06wR8MykoaXz9/8R3AcoNfi5jqad0toCNjUG9Aaw=; path=/; Httponly; Secure
cache-control: private, no-cache, no-store, max-age=0
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 07f15c68d80000c28bb2803000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 61959687bf0bc28b-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
5 KB 25ms
10ms Script
application/javascript 2606:4700::6810:a823
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: go.area1security.com
URL: https://go.area1security.com/io6A0gT9g0P00I000sj2G0a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://go.area1security.com/io6A0gT9g0P00I000sj2G0a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"max_age":604800,"report_to":"cf-nel"}
vary: Accept-Encoding
cf-request-id: 07f15c6acf00002be912375000000001
last-modified: Mon, 25 Jan 2021 17:22:41 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"600efe61-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=q%2B0JgEg4MWbtAfp3iBVd9oq9PB5eihq3NBqoqFak3LNyI2naJ4FOAmZCF65chdFd5FjMGBr9DH9VQKM0rcG8sZsguilc6JJsjMpjmPaYtEMDowDrYwm5RmZ%2FDyajROel"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 6195968ae9dd2be9-FRA
expires: Sun, 31 Jan 2021 20:08:56 GMT

GET
H2 200 Primary Request / Show response
www.area1security.com/blog/pfizer-vaccine-phishing-campaign/ 1007 KB
123 KB 479ms
452ms Document
text/html 2606:4700::6812:1a99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D

Requested by

Host: go.area1security.com
URL: https://go.area1security.com/io6A0gT9g0P00I000sj2G0a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a99 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

703982c4eb24c8b28b83f9e4c269525521afc3cecb9ed0ad9eaab9f0a88a7c7d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=1000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.area1security.com
:scheme: https
:path: /blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://go.area1security.com/io6A0gT9g0P00I000sj2G0a
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d872bd032de7af6cd67c8ec8a089dc5df1611950936
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://go.area1security.com/io6A0gT9g0P00I000sj2G0a

Response headers

date: Fri, 29 Jan 2021 20:08:57 GMT
content-type: text/html
cf-ray: 6195968b2e904ab0-FRA
cache-control: public, max-age=1200
expires: Fri, 29 Jan 2021 20:28:57 GMT
last-modified: Fri, 29 Jan 2021 18:06:09 GMT
strict-transport-security: max-age=1000
vary: Accept-Encoding
cf-cache-status: MISS
cf-request-id: 07f15c6afb00004ab0f402e000000001
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
permissions-policy: geolocation=()
referrer-policy: strict-origin-when-cross-origin
x-amz-id-2: 8ijBA7Xt5AtN9uvkpf2NC7uEndwPrlP1EhID/7k7iH9EN5hrdQeIEcsUQzZ20DEzzHNiLceEchM=
x-amz-meta-s3cmd-attrs: md5:c477fa7c05278b6872f4d346231cdab2
x-amz-request-id: C94572BB9EAFC127
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
server: cloudflare
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 ryb4zmr.css
use.typekit.net/ 3 KB
920 B 145ms
132ms Stylesheet
text/css 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/ryb4zmr.css

Requested by

Host: www.area1security.com
URL: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba0a , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

60e5af32bd2b6ff69bd3234cd747980889777348734198e77e21922fa2e490dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Fri, 29 Jan 2021 20:08:57 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
content-length: 721

GET
H2 200 css
fonts.googleapis.com/ 2 KB
533 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,600,700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b7b00c72ad83584446f9aa5f1c82e74a7306c1f6ac396b8da54043039bb66507

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 29 Jan 2021 20:08:57 GMT
server: ESF
date: Fri, 29 Jan 2021 20:08:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 29 Jan 2021 20:08:57 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
149 B 20ms
7ms Stylesheet
text/css 2a02:26f0:6c00:285::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=ryb4zmr&ht=tk&f=14580.14581.14582.14583&a=30126071&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ryb4zmr.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:285::19fd , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:57 GMT
last-modified: Tue, 01 Sep 2020 23:51:26 GMT
server: nginx
etag: "5f4ede7e-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5

GET
H2 200 brand-logo-mobile.svg
www.area1security.com/wp-content/themes/area1/assets/img/ 8 KB
2 KB 31ms
30ms Image
image/svg+xml 2606:4700::6812:1a99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.area1security.com/wp-content/themes/area1/assets/img/brand-logo-mobile.svg
Requested by: Host: www.area1security.com
URL: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7c57bbba53cf17f400ffd55936b86d5233b8d5a4c1908c350f3686db0345a10

Request headers

Referer: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 2609
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 1FF10FCC4DBE3767
x-amz-id-2: 1n+8nat9OI5qCdYZ4xwxMSZ4VrFzuHUMQQEqbJJ6h5G8D4bVy+Q1w3GlR1wTUE9SBPwqjqRhpYQ=
last-modified: Tue, 12 Jan 2021 01:31:03 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:97e3b9205ecbf20ab821ba1a11028a9e
etag: W/"97e3b9205ecbf20ab821ba1a11028a9e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1200
cf-request-id: 07f15c6e7900004ab0041b9000000001
cf-ray: 61959690ce824ab0-FRA
expires: Fri, 29 Jan 2021 20:28:57 GMT

GET
H2 200 close-mobile-icon.svg
www.area1security.com/wp-content/themes/area1/assets/img/ 967 B
639 B 42ms
39ms Image
image/svg+xml 2606:4700::6812:1a99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.area1security.com/wp-content/themes/area1/assets/img/close-mobile-icon.svg
Requested by: Host: www.area1security.com
URL: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 160d3073c32a64cf6178c0cd578fbb4c3b7ec3c7de23050569ddc09ffc8bfc62

Request headers

Referer: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 2609
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 4E5DE71909C18617
x-amz-id-2: 2FtcQO2uzVWqy8kGUMOLG24xcEQVU2gh/faQWKe1ja4Gnp0Qz9J3N9YqMCfHzdj5BhglD8gKfVo=
last-modified: Tue, 12 Jan 2021 01:31:05 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:24073c619aeb707988d619b98f062a88
etag: W/"24073c619aeb707988d619b98f062a88"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1200
cf-request-id: 07f15c6e8800004ab0018eb000000001
cf-ray: 61959690dedf4ab0-FRA
expires: Fri, 29 Jan 2021 20:28:57 GMT

GET
H2 200 search-icon.svg
www.area1security.com/wp-content/themes/area1/assets/img/ 1 KB
782 B 42ms
39ms Image
image/svg+xml 2606:4700::6812:1a99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.area1security.com/wp-content/themes/area1/assets/img/search-icon.svg
Requested by: Host: www.area1security.com
URL: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 902eeb8fc01d3fd4ac0f3f806cd580b3cc16c36a6480b8dfdeae6dad63043715

Request headers

Referer: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 2609
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 1XFV1NDS4W8H2KFJ
x-amz-id-2: jqPcF2scsouUiGMuPCOtSngFmiM7RZKYdRBxYC66ZttWuy+vaVOxz6EXKNTyLvPxLV3H44NOFWk=
last-modified: Tue, 12 Jan 2021 01:31:12 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:519180c15f1eb26428a833cb89c26bcb
etag: W/"519180c15f1eb26428a833cb89c26bcb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1200
cf-request-id: 07f15c6e8800004ab032bfd000000001
cf-ray: 61959690dee04ab0-FRA
expires: Fri, 29 Jan 2021 20:28:57 GMT

GET
H2 200 meganav-icon.svg
www.area1security.com/wp-content/uploads/2020/03/ 3 KB
1 KB 51ms
48ms Image
image/svg+xml 2606:4700::6812:1a99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.area1security.com/wp-content/uploads/2020/03/meganav-icon.svg
Requested by: Host: www.area1security.com
URL: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1d88346db141ccc4f154bf8fd2720c480d49c360c71187ad3c905d08c9d91e9

Request headers

Referer: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 2609
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 4036BCC06175FFB5
x-amz-id-2: Za8W0Z0Dq1fIgeu/YjDsHpHw6O7U4PCWqYMzUNCquI11dJB4YVJ+SzOoweiNNBtoJ5vplzATSuA=
last-modified: Tue, 12 Jan 2021 01:44:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:fe079c6030f87e93b5fc8c4a18ef319c
etag: W/"fe079c6030f87e93b5fc8c4a18ef319c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1200
cf-request-id: 07f15c6e8800004ab0f0966000000001
cf-ray: 61959690dee24ab0-FRA
expires: Fri, 29 Jan 2021 20:28:57 GMT

GET
H2 200 SocialBanner_Blog_CountYourselfinForaVaccinePhish_2500x1000_1.jpg
www.area1security.com/wp-content/uploads/2021/01/ 83 KB
84 KB 37ms
34ms Image
image/webp 2606:4700::6812:1a99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.area1security.com/wp-content/uploads/2021/01/SocialBanner_Blog_CountYourselfinForaVaccinePhish_2500x1000_1.jpg
Requested by: Host: www.area1security.com
URL: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fe96954452c06555e23bf3598ad124abc2b984b7c2c53db9cd2dffe2995b59c

Request headers

Referer: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:57 GMT
cf-cache-status: HIT
age: 2609
cf-polished: qual=85, origFmt=jpeg, origSize=308287
content-disposition: inline; filename="SocialBanner_Blog_CountYourselfinForaVaccinePhish_2500x1000_1.webp"
cf-bgj: imgq:85,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: BE05F0BAE962570A
x-amz-id-2: tsmyZIvx/EermH3CzqGPr+1LX2NiXm0Ch0XtqeyX2JXEqBfguvsE70zKNID74A8VAhMDk0WpP2k=
accept-ranges: bytes
last-modified: Wed, 27 Jan 2021 18:12:48 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:f19bc5aaa95e6354fd5f173911987249
etag: "f19bc5aaa95e6354fd5f173911987249"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=1200
cf-request-id: 07f15c6e8800004ab014868000000001
content-length: 84984
cf-ray: 61959690dee54ab0-FRA
expires: Fri, 29 Jan 2021 20:28:57 GMT

GET
H2 200 Prevent-Supply-Chain-Email-Attacks.png
www.area1security.com/wp-content/uploads/2021/01/ 192 KB
192 KB 60ms
58ms Image
image/webp 2606:4700::6812:1a99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.area1security.com/wp-content/uploads/2021/01/Prevent-Supply-Chain-Email-Attacks.png
Requested by: Host: www.area1security.com
URL: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bb5ef29fb54f147873b07060266a8e6641c27c912e85cbbc9a2cb03b6d6885c

Request headers

Referer: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:57 GMT
cf-cache-status: HIT
age: 2609
cf-polished: origFmt=png, origSize=306395
content-disposition: inline; filename="Prevent-Supply-Chain-Email-Attacks.webp"
cf-bgj: imgq:85,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 0DA749DA266D8594
x-amz-id-2: q0ufLyS/M7kxxng79xQkYTeHqFGKhmoGJzYtBpaf4WuyQuTrtUBEJmJ7ffCGC/SE0GAVtCe1k5E=
accept-ranges: bytes
last-modified: Fri, 29 Jan 2021 00:11:52 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:2c7f5ca9267228da6176aaaf35412877
etag: "2c7f5ca9267228da6176aaaf35412877"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=1200
cf-request-id: 07f15c6e8800004ab034bd5000000001
content-length: 196350
cf-ray: 61959690dee64ab0-FRA
expires: Fri, 29 Jan 2021 20:28:57 GMT

GET
H2 200 contact-us-icon.svg
www.area1security.com/wp-content/uploads/2020/03/ 4 KB
2 KB 39ms
36ms Image
image/svg+xml 2606:4700::6812:1a99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.area1security.com/wp-content/uploads/2020/03/contact-us-icon.svg
Requested by: Host: www.area1security.com
URL: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb5e7f43e997718971765eb7c33b0b602a52476bbf0c343658f21c8470a79e1

Request headers

Referer: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 2609
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: F211F6315ED0A6A8
x-amz-id-2: +WH4M/lxYGwXftcsrIl/+2R//cubfaEa7ZAbPAxyuyYUQAmbxtGEEj4KG1Eih7uTnYn7nW/xotg=
last-modified: Tue, 12 Jan 2021 01:44:52 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:bdffc7d86e99863a7ce711fa3858b4bc
etag: W/"bdffc7d86e99863a7ce711fa3858b4bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1200
cf-request-id: 07f15c6e8900004ab0512d9000000001
cf-ray: 61959690dee74ab0-FRA
expires: Fri, 29 Jan 2021 20:28:57 GMT

GET
H2 200 area-1-logo-dark.svg
www.area1security.com/wp-content/themes/area1/assets/img/ 6 KB
2 KB 39ms
36ms Image
image/svg+xml 2606:4700::6812:1a99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.area1security.com/wp-content/themes/area1/assets/img/area-1-logo-dark.svg
Requested by: Host: www.area1security.com
URL: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e66fe239f6b4f42c0afc170d9b871052bc18e8b6845a90c6102feedd2f6ca0c

Request headers

Referer: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 2609
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 781DD43C32625EB1
x-amz-id-2: mLFuJijtJ+/Yk/ymbGpoAHy/oaQGLAmDbBpdrgyOhuCOCYxMXKcSFf2v56Op2eYlv4GWjhjjNRg=
last-modified: Tue, 12 Jan 2021 01:31:02 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:1f1431792dbe22ceb94158b53cf1e5a3
etag: W/"1f1431792dbe22ceb94158b53cf1e5a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1200
cf-request-id: 07f15c6e8900004ab0e0351000000001
cf-ray: 61959690dee94ab0-FRA
expires: Fri, 29 Jan 2021 20:28:57 GMT

GET
H2 200 facebook-social-icon.svg
www.area1security.com/wp-content/themes/area1/assets/img/ 2 KB
1012 B 37ms
35ms Image
image/svg+xml 2606:4700::6812:1a99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.area1security.com/wp-content/themes/area1/assets/img/facebook-social-icon.svg
Requested by: Host: www.area1security.com
URL: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edb80de1f7a8a324a3fe4c0db17f7fbeba3af9753c35ed819544a78837e4e804

Request headers

Referer: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 2609
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 130544A3CB4554BB
x-amz-id-2: sAo88fSbmzNi2tDb4f9f+oyGAgKgwhbAN0evzxuLwtXWAA4i9QI8wS9k5IP8JuRdALGoz1Ge4VE=
last-modified: Tue, 12 Jan 2021 01:31:05 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:4a0af5b4cdd887f163d3262abbe07ed9
etag: W/"4a0af5b4cdd887f163d3262abbe07ed9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1200
cf-request-id: 07f15c6e8900004ab00e263000000001
cf-ray: 61959690deea4ab0-FRA
expires: Fri, 29 Jan 2021 20:28:57 GMT

GET
H2 200 twitter-social-icon.svg
www.area1security.com/wp-content/themes/area1/assets/img/ 2 KB
1 KB 32ms
30ms Image
image/svg+xml 2606:4700::6812:1a99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.area1security.com/wp-content/themes/area1/assets/img/twitter-social-icon.svg
Requested by: Host: www.area1security.com
URL: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06f0f999f55406270467fd935c746d8f0e2865acb2df6567a673cabfd244cfb5

Request headers

Referer: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 2609
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: B04555738E9708A2
x-amz-id-2: KsEiiQsvaZkApD+YxtrTKYqLVhdkgEi58m7UQHYzjq26Y825PrmG61W5rERGWl02B3vXhe/NPUQ=
last-modified: Tue, 12 Jan 2021 01:31:15 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:59be2298614d078f2453072911a87705
etag: W/"59be2298614d078f2453072911a87705"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1200
cf-request-id: 07f15c6e8900004ab010176000000001
cf-ray: 61959690deeb4ab0-FRA
expires: Fri, 29 Jan 2021 20:28:57 GMT

GET
H2 200 linkedin-social-icon.svg
www.area1security.com/wp-content/themes/area1/assets/img/ 2 KB
1009 B 38ms
35ms Image
image/svg+xml 2606:4700::6812:1a99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.area1security.com/wp-content/themes/area1/assets/img/linkedin-social-icon.svg
Requested by: Host: www.area1security.com
URL: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7ac5ac9022f66779b2df77751582d8543ecc442511969239797442a372ef989

Request headers

Referer: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 2609
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 36803C411FBC3EDF
x-amz-id-2: 8vwh3zZ0ZQl0ie5SAEPYeD7OabhA9qJIDNoFi9SUwCjAk3T1EEeIIgTfmByaxJK6VTswf7pu5rU=
last-modified: Tue, 12 Jan 2021 01:31:10 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:b058e74c5c83d68f803acd6dae6e2cf1
etag: W/"b058e74c5c83d68f803acd6dae6e2cf1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1200
cf-request-id: 07f15c6e8900004ab0daa1d000000001
cf-ray: 61959690deed4ab0-FRA
expires: Fri, 29 Jan 2021 20:28:57 GMT

GET
H2 200 email-social-icon.svg
www.area1security.com/wp-content/themes/area1/assets/img/ 1 KB
808 B 55ms
53ms Image
image/svg+xml 2606:4700::6812:1a99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.area1security.com/wp-content/themes/area1/assets/img/email-social-icon.svg
Requested by: Host: www.area1security.com
URL: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2107e5c8ed1195bd4435c730cfbe30733f0c39387ea34c48948fd16eb4fa2d2d

Request headers

Referer: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 2609
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 2P0NFZ4QCXEYESAT
x-amz-id-2: OHKq9q7kHVyhGWD2lArOBkVUh6Z7FKszrU5CqCF9ytzrxuf90wY0gGVF6ongEjjIZwqgM8hXlYI=
last-modified: Tue, 12 Jan 2021 01:31:05 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:f349e70a1ea1d4c41ea656e5abf02bd4
etag: W/"f349e70a1ea1d4c41ea656e5abf02bd4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1200
cf-request-id: 07f15c6e8b00004ab0f5a46000000001
cf-ray: 61959690deee4ab0-FRA
expires: Fri, 29 Jan 2021 20:28:57 GMT

GET
H2 200 email-decode.min.js Show response
www.area1security.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
837 B 11ms
10ms Script
application/javascript 2606:4700::6812:1a99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.area1security.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a99 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 25 Jan 2021 17:22:41 GMT
server: cloudflare
etag: W/"600efe61-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 61959690ceb54ab0-FRA
vary: Accept-Encoding
cf-request-id: 07f15c6e8100004ab0dbb16000000001
expires: Sun, 31 Jan 2021 20:08:57 GMT

GET
H2 200 footer-logo.svg
www.area1security.com/wp-content/uploads/2019/11/ 8 KB
2 KB 32ms
31ms Image
image/svg+xml 2606:4700::6812:1a99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.area1security.com/wp-content/uploads/2019/11/footer-logo.svg
Requested by: Host: www.area1security.com
URL: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc5d370924e2c28e8f2d6d607c5975c42fafe866baf92c798e6f4c087f439147

Request headers

Referer: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 2609
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: EM9JFNFS5S1G2J7W
x-amz-id-2: +6Y+ZNwmpG2AqXL2XR97bx1/LdKunoeFCBU9QiQfEEGovYy5Ht8CHkDyKOrlPqrAt0f9a0Xxo3M=
last-modified: Tue, 12 Jan 2021 01:43:16 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:4d4f173108fe99f2465eb44e7df79c9a
etag: W/"4d4f173108fe99f2465eb44e7df79c9a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1200
cf-request-id: 07f15c6e8b00004ab01d8ca000000001
cf-ray: 61959690def24ab0-FRA
expires: Fri, 29 Jan 2021 20:28:57 GMT

GET
H2 200 PartnerFooter-Updated2.svg
www.area1security.com/wp-content/uploads/2020/03/ 69 KB
26 KB 48ms
47ms Image
image/svg+xml 2606:4700::6812:1a99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.area1security.com/wp-content/uploads/2020/03/PartnerFooter-Updated2.svg
Requested by: Host: www.area1security.com
URL: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75d9700e1dc0a0c72a7815a64a7c0a737e92b492d65e7f16533f5fed1a09e1b5

Request headers

Referer: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 2609
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 1315DCD025EE9E70
x-amz-id-2: 1GHx0NiO7UUbHfHyBkP8quRMiJvivEkJQppPwE9gmcR9lDk9uTIMxsNsKZyAFBcE+cztI3GhKow=
last-modified: Tue, 12 Jan 2021 01:44:43 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:9dcfa9f35c289eaaf52c1f87e41fc025
etag: W/"9dcfa9f35c289eaaf52c1f87e41fc025"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1200
cf-request-id: 07f15c6e8b00004ab0f8903000000001
cf-ray: 61959690def44ab0-FRA
expires: Fri, 29 Jan 2021 20:28:57 GMT

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
4 KB 11ms
9ms Script
application/javascript 2606:4700::6810:a823
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"max_age":604800,"report_to":"cf-nel"}
vary: Accept-Encoding
cf-request-id: 07f15c6e8800002be955ad3000000001
last-modified: Mon, 25 Jan 2021 17:22:41 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"600efe61-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5ab2FVhrPa6CQ8ZhcNFMGWfAgTQ99lYfVYoXiceC06yX5ur%2Ft9XK7pjQhMShhmGnj9dcdXUq8gqRxXaMJpfmRU4FoaBWIoPeYTWml4nhChe2EFVlA%2BrW1SQgKQc0AOpH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 61959690da272be9-FRA
expires: Sun, 31 Jan 2021 20:08:57 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 188 KB
62 KB 43ms
41ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TZNPQBB

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

25564a36dfc078097b64abc68e1ca1c668d03370e9875c32038f0f6975f83400

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:57 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63398
x-xss-protection: 0
last-modified: Fri, 29 Jan 2021 19:05:25 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 29 Jan 2021 20:08:57 GMT

GET
H2 200 nav-search.svg
www.area1security.com/wp-content/themes/area1/assets/img/ 571 B
675 B 35ms
34ms Image
image/svg+xml 2606:4700::6812:1a99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.area1security.com/wp-content/themes/area1/assets/img/nav-search.svg
Requested by: Host: www.area1security.com
URL: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 377bf285812a1c784b42626aa90f76db9b9100f16513490e87a7c7e8c5c9ce78

Request headers

Referer: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 2609
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 4E764BE08C72EC43
x-amz-id-2: 7JWQEXPj+ugeQ7Xg5lEu50RDYf8lMMqowBNznVP0lBLWwkos0aPxN35i5sdqUFN4Nc/pgvo4GyU=
last-modified: Tue, 12 Jan 2021 01:31:10 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:d0bf8fcb2f7215b72d73001b74c40982
etag: W/"d0bf8fcb2f7215b72d73001b74c40982"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1200
cf-request-id: 07f15c6e9500004ab0f0968000000001
cf-ray: 61959690ef134ab0-FRA
expires: Fri, 29 Jan 2021 20:28:57 GMT

GET
H2 200 SocialBanner_Blog_PoTWInboxNearYou_2500x1000_1.png
www.area1security.com/wp-content/uploads/2020/12/ 792 KB
794 KB 47ms
45ms Image
image/webp 2606:4700::6812:1a99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.area1security.com/wp-content/uploads/2020/12/SocialBanner_Blog_PoTWInboxNearYou_2500x1000_1.png
Requested by: Host: www.area1security.com
URL: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e75f4ef83eb773c1878c0e1bb0736625e4b9390af4dfbc635347ae0eb12987bc

Request headers

Referer: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:57 GMT
cf-cache-status: HIT
age: 2609
cf-polished: origFmt=png, origSize=1921502
content-disposition: inline; filename="SocialBanner_Blog_PoTWInboxNearYou_2500x1000_1.webp"
cf-bgj: imgq:85,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 503AC2C5F1D36F96
x-amz-id-2: Tk2cbnIxmW4lOtjfOSuj1VCd19gXGrel1QrkS/WuNK1d8EB6ByhnKMux0Z+RMLBw/zHB9/hRZZc=
accept-ranges: bytes
last-modified: Tue, 12 Jan 2021 13:38:18 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:9a0359516c57565c4e10a15920995ffd
etag: "9a0359516c57565c4e10a15920995ffd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=1200
cf-request-id: 07f15c6e9800004ab0f8904000000001
content-length: 811396
cf-ray: 61959690ff1e4ab0-FRA
expires: Fri, 29 Jan 2021 20:28:57 GMT

GET
H2 200 SocialBanner_Blog_SecurityFrameworkCompromise_2500x1000.jpg
www.area1security.com/wp-content/uploads/2020/10/ 66 KB
66 KB 53ms
51ms Image
image/webp 2606:4700::6812:1a99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.area1security.com/wp-content/uploads/2020/10/SocialBanner_Blog_SecurityFrameworkCompromise_2500x1000.jpg
Requested by: Host: www.area1security.com
URL: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45a89bddb685d822581cb8eee836984e42fa5d0be26d75d99b46d9a949b02cd0

Request headers

Referer: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:57 GMT
cf-cache-status: HIT
age: 2609
cf-polished: qual=85, origFmt=jpeg, origSize=247318
content-disposition: inline; filename="SocialBanner_Blog_SecurityFrameworkCompromise_2500x1000.webp"
cf-bgj: imgq:85,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: AE413A902FF440BC
x-amz-id-2: 2FYaxPxVBKgodLbqMgH3If8X9hcUs84awjMVeLIePFJWEKEkRKByL6qYok+OFIYuND6FFv+2QL8=
accept-ranges: bytes
last-modified: Tue, 12 Jan 2021 13:37:48 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:ebfc9e4d0411451f8d57123671937d03
etag: "ebfc9e4d0411451f8d57123671937d03"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=1200
cf-request-id: 07f15c6e9b00004ab01486b000000001
content-length: 67090
cf-ray: 61959690ff274ab0-FRA
expires: Fri, 29 Jan 2021 20:28:57 GMT

GET
H2 200 SocialBanner_Blog1_StevePataky_2500x1000_1.png
www.area1security.com/wp-content/uploads/2020/09/ 680 KB
681 KB 40ms
39ms Image
image/webp 2606:4700::6812:1a99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.area1security.com/wp-content/uploads/2020/09/SocialBanner_Blog1_StevePataky_2500x1000_1.png
Requested by: Host: www.area1security.com
URL: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bea383a329cf8b8450c0f202f61dadc22a9227ae057dcdeaafa58e76b64e38b8

Request headers

Referer: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:57 GMT
cf-cache-status: HIT
age: 2609
cf-polished: origFmt=png, origSize=1609410
content-disposition: inline; filename="SocialBanner_Blog1_StevePataky_2500x1000_1.webp"
cf-bgj: imgq:85,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: F53CEEBFD678BEBB
x-amz-id-2: u01pxiOx/J+QJ29g1cvjWH2B+Hv89zfiFO8tQcOZS7KNYb8Fk1E5dJe63P83pvl2VzsPx2A3g3A=
accept-ranges: bytes
last-modified: Tue, 12 Jan 2021 13:37:22 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:d9f4069cf5949faf6a69d5401259163d
etag: "d9f4069cf5949faf6a69d5401259163d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=1200
cf-request-id: 07f15c6e9c00004ab0471e3000000001
content-length: 695846
cf-ray: 61959690ff324ab0-FRA
expires: Fri, 29 Jan 2021 20:28:57 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 7ms
5ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.area1security.com
Referer: https://fonts.googleapis.com/css?family=Lato:300,400,600,700&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 16:27:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:25 GMT
server: sffe
age: 358866
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14176
x-xss-protection: 0
expires: Tue, 25 Jan 2022 16:27:51 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.area1security.com
Referer: https://fonts.googleapis.com/css?family=Lato:300,400,600,700&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 16:27:49 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:14 GMT
server: sffe
age: 358868
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13912
x-xss-protection: 0
expires: Tue, 25 Jan 2022 16:27:49 GMT

GET
H2 200 Screenshot-at-Jan-25-18-40-40-1024x179.png
www.area1security.com/wp-content/uploads/2021/01/ 43 KB
44 KB 37ms
36ms Image
image/webp 2606:4700::6812:1a99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.area1security.com/wp-content/uploads/2021/01/Screenshot-at-Jan-25-18-40-40-1024x179.png
Requested by: Host: www.area1security.com
URL: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2189c210d31db92d71f92e1f6cdee0789c49c83ce1084a31184975e4a345f86b

Request headers

Referer: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:57 GMT
cf-cache-status: HIT
age: 2609
cf-polished: origFmt=png, origSize=81279
content-disposition: inline; filename="Screenshot-at-Jan-25-18-40-40-1024x179.webp"
cf-bgj: imgq:85,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: DE71135AECA31CBF
x-amz-id-2: U/9uchTKXds8q1sOKAIPS+nfrv/XkKhGzTVcQCJBkgjyVABd5K5pwOeMLoJ22gLzVOlVsYMOnJA=
accept-ranges: bytes
last-modified: Tue, 26 Jan 2021 02:03:11 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:355e71d178f0a1786b93fef953e395bf
etag: "355e71d178f0a1786b93fef953e395bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=1200
cf-request-id: 07f15c6ec800004ab0288ba000000001
content-length: 44528
cf-ray: 61959691480b4ab0-FRA
expires: Fri, 29 Jan 2021 20:28:57 GMT

GET
H2 200 cdc.png
www.area1security.com/wp-content/uploads/2021/01/ 25 KB
25 KB 35ms
34ms Image
image/webp 2606:4700::6812:1a99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.area1security.com/wp-content/uploads/2021/01/cdc.png
Requested by: Host: www.area1security.com
URL: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abbd9b12d7b53fc7cb2db6f32805590ecc29c08db54fd43666affb928f47bf17

Request headers

Referer: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:57 GMT
cf-cache-status: HIT
age: 2609
cf-polished: origFmt=png, origSize=47662
content-disposition: inline; filename="cdc.webp"
cf-bgj: imgq:85,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 12FFDBAE48E61520
x-amz-id-2: zeLgqpzux6JuZ4j/ZEO9DE9yMEOwNmv7fl/mrksUpu4sk3FSruLjqa4/c9aUE1odfJuKVzgI6fw=
accept-ranges: bytes
last-modified: Tue, 26 Jan 2021 02:03:12 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:846b34311747ddeeed16411cc356a04e
etag: "846b34311747ddeeed16411cc356a04e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=1200
cf-request-id: 07f15c6ec800004ab02e1ff000000001
content-length: 25668
cf-ray: 61959691480e4ab0-FRA
expires: Fri, 29 Jan 2021 20:28:57 GMT

GET
H2 200 cdc-contact-phishing.png
www.area1security.com/wp-content/uploads/2021/01/ 198 KB
198 KB 37ms
36ms Image
image/webp 2606:4700::6812:1a99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.area1security.com/wp-content/uploads/2021/01/cdc-contact-phishing.png
Requested by: Host: www.area1security.com
URL: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8de84e17f0f1f2fb7c940cc7b7487de94ac6a9024c760bee235e64a18ffa3eb7

Request headers

Referer: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:57 GMT
cf-cache-status: HIT
age: 2609
cf-polished: origFmt=png, origSize=255773
content-disposition: inline; filename="cdc-contact-phishing.webp"
cf-bgj: imgq:85,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 39358B67FDEE12D9
x-amz-id-2: hXf8YoYzg1LhAszTaMLlORaorYsr5xlQOcc5m3YDFVeHPT6GNj15BPnGGWiyBN96fe1TZ/thEEk=
accept-ranges: bytes
last-modified: Tue, 26 Jan 2021 02:03:12 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:875b119e8f72b355f25d9839e01e6e97
etag: "875b119e8f72b355f25d9839e01e6e97"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=1200
cf-request-id: 07f15c6ef100004ab0e4bee000000001
content-length: 202622
cf-ray: 6195969188e54ab0-FRA
expires: Fri, 29 Jan 2021 20:28:57 GMT

GET
H2 200 theme-icons.woff2
www.area1security.com/wp-content/themes/area1/assets/fonts/ 4 KB
5 KB 46ms
45ms Font
font/woff2 2606:4700::6812:1a99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.area1security.com/wp-content/themes/area1/assets/fonts/theme-icons.woff2
Requested by: Host: www.area1security.com
URL: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b8811650afae7a53ca6e2bf2ac088b8cdec200b6eb62284cc145f8695fb6a09

Request headers

Origin: https://www.area1security.com
Referer: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:57 GMT
cf-cache-status: HIT
age: 2609
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 2RAZFZ6Q1T9M5VAW
x-amz-id-2: kGn6Q0qO1ulisrb1cLPXdV3Y9qJg4cQWq4BWzPBvAyxpdFMLv4LwY2D7YkSboDLFMvp37KdX/ac=
accept-ranges: bytes
last-modified: Tue, 12 Jan 2021 01:31:00 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:0704dc2d6c20c08d738dcd0b093f23c7
etag: "0704dc2d6c20c08d738dcd0b093f23c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=1200
cf-request-id: 07f15c6eff00004ab03c2da000000001
content-length: 4520
cf-ray: 61959691991d4ab0-FRA
expires: Fri, 29 Jan 2021 20:28:57 GMT

GET
H3-Q050 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 34ms
20ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,600,700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.area1security.com
Referer: https://fonts.googleapis.com/css?family=Lato:300,400,600,700&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 13:34:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:59 GMT
server: sffe
age: 369246
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14044
x-xss-protection: 0
expires: Tue, 25 Jan 2022 13:34:51 GMT

GET
H2 200 scripts.min.js Show response
www.area1security.com/wp-content/themes/area1/assets/build/ 882 KB
201 KB 33ms
28ms Script
application/javascript 2606:4700::6812:1a99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.area1security.com/wp-content/themes/area1/assets/build/scripts.min.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37395d94fe5c1a9b6fbd12955388eefb1fd0c15cc95619f8c8157fb132c30277

Request headers

Referer: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 2609
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: C1273C9573768B29
x-amz-id-2: VZ8hMqpfdU9F19zMdol0fABkIgMpa+pi3BNUyemC73YJr3Un2A8Rqlh2ZLwbqtSUjrWKI4fyVBY=
last-modified: Sat, 21 Nov 2020 02:11:27 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:42307b0261e9f177b59d50d507174c31
etag: W/"42307b0261e9f177b59d50d507174c31"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1200
cf-request-id: 07f15c6f1b00004ab0daa31000000001
cf-ray: 61959691c9cc4ab0-FRA
expires: Fri, 29 Jan 2021 20:28:57 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 123 KB
40 KB 48ms
42ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyC3BnZKCuaAaz825HOTZkCjU9fD7mq_afU

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

cf0091a8683a58b2f3b5acc2b910296ffcff35ec4c5a50ed36a528bcac21ae66

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:57 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
server-timing: gfet4t7; dur=29
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41193
x-xss-protection: 0
expires: Fri, 29 Jan 2021 20:38:57 GMT

GET
H/1.1 200
OK sidebarv2.js Show response
www.bugherd.com/ 43 B
748 B 568ms
192ms Script
text/javascript 54.175.121.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bugherd.com/sidebarv2.js?apikey=neidmqorvyga4b32tw22og

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.175.121.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-175-121-11.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

6faed0e4b708dd466ed2caf20a877b4b99ce8f938d31caa3af6f70772ba641ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 29 Jan 2021 20:08:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
P3p: CP="NOI ADM DEV COM NAV OUR STP"
Connection: close
X-Xss-Protection: 1; mode=block
X-Request-Id: 23b618f8-437c-4f45-8e31-73a89267ab42
X-Runtime: 0.012243
Referrer-Policy: strict-origin-when-cross-origin
Server: Cowboy
X-Frame-Options: SAMEORIGIN
Etag: W/"abbc8b1b7094a2925f070fdfc24bea9b"
X-Download-Options: noopen
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0; includeSubDomains
Content-Type: text/javascript; charset=utf-8
Via: 1.1 vegur
Cache-Control: max-age=0, private, must-revalidate

GET
H2 200 104892217.js Show response
extend.vimeocdn.com/ga/ 17 KB
6 KB 289ms
93ms Script
text/javascript 151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://extend.vimeocdn.com/ga/104892217.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: b2b2ad1d953b1341442dca10555ebf44343c74fa9755492be52bf521f61dab11

Request headers

Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:58 GMT
content-encoding: gzip
age: 18297188
x-cache: HIT
x-cache-hits: 416778
content-length: 5672
x-served-by: cache-fra19132-FRA
x-vimeo-dc: ge
last-modified: Mon, 29 Jun 2020 23:08:13 GMT
server: Apache
x-timer: S1611950938.147106,VS0,VE0
etag: "43cc-5a94122101140"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jun 2030 01:35:50 GMT

GET
H2

200

swiper-bundle.min.js Show response
unpkg.com/swiper@6.4.10/
Redirect Chain

https://unpkg.com/swiper/swiper-bundle.min.js
https://unpkg.com/swiper@6.4.10/swiper-bundle.min.js

137 KB
35 KB

54ms
50ms

Script
application/javascript

2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@6.4.10/swiper-bundle.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

484dd9acca33cedeefa7d9c7775403901e0ca4fbc9ff6c277e4eac767e02de77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 39606
vary: Accept-Encoding
cf-request-id: 07f15c6f51000097f6f80c2000000001
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"2241d-efbvGY/C1X/dxGrJNHdSLMg7D8I"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 948e3e00eda75c76925cebd5982af699
cache-control: public, max-age=31536000
cf-ray: 619596921d0597f6-FRA

Redirect headers

date: Fri, 29 Jan 2021 20:08:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 222
vary: Accept, Accept-Encoding
content-length: 57
cf-request-id: 07f15c6f25000097f61ab23000000001
server: cloudflare
location: /swiper@6.4.10/swiper-bundle.min.js
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 21258d1029239ae2123e71732f0aae36
cache-control: public, s-maxage=600, max-age=60
cf-ray: 61959691dcc897f6-FRA

GET
H2 200 custom.js Show response
www.area1security.com/wp-content/themes/area1/assets/js/application/pages/ 3 KB
1 KB 43ms
36ms Script
application/javascript 2606:4700::6812:1a99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.area1security.com/wp-content/themes/area1/assets/js/application/pages/custom.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c39de8d003d74962c2ab7b13b22a10537838552f27f541e911c9b28e9df802a

Request headers

Referer: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 2609
cf-polished: origSize=7623
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 7740E0C5DD78D694
x-amz-id-2: lbC4EwS0OnI5n2SMGZJ5K6YM8SMnxcJnwwLBnBsV3aBa7gqFrvWoBum11I7eIYOKlpP7vDJ/Bv4=
last-modified: Tue, 12 Jan 2021 01:31:16 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:c3d3ee6ce3ff4744af73bd845bf93da9
etag: W/"c3d3ee6ce3ff4744af73bd845bf93da9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1200
cf-request-id: 07f15c6f2400004ab0f6316000000001
cf-ray: 61959691d9f94ab0-FRA
expires: Fri, 29 Jan 2021 20:28:57 GMT

GET
H2 200 bodyScrollLock.min.js Show response
cdn.jsdelivr.net/npm/body-scroll-lock@2.6.4/lib/ 3 KB
1 KB 13ms
6ms Script
application/javascript 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/body-scroll-lock@2.6.4/lib/bodyScrollLock.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2619bdf0e0a9d79b74fed1389ca2d3da61f0818813b76c31a626459f83d5d48c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 140725
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1092
etag: W/"b16-+ZeUwjFQYs11QXRwbyaN7RGUvVA"
x-served-by: cache-fra19134-FRA
date: Fri, 29 Jan 2021 20:08:57 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 forms2.min.js Show response
app-ab22.marketo.com/js/forms2/js/ 204 KB
69 KB 490ms
125ms Script
application/x-javascript 104.16.96.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-ab22.marketo.com/js/forms2/js/forms2.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.96.80 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

014de295141a456ceda8e3c4762085e53dca50f91ddf65906d227f70cf0b1a55

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5995
strict-transport-security: max-age=63113904
cf-request-id: 07f15c70cb00001e99e63b4000000001
last-modified: Sat, 16 Jan 2021 05:11:57 GMT
server: cloudflare
etag: "24c128a-33187-5b8fd8726827e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 619596947af61e99-AMS
expires: Sat, 30 Jan 2021 00:08:58 GMT

GET
H2 200 countUp.js Show response
cdnjs.cloudflare.com/ajax/libs/countup.js/1.9.3/ 8 KB
2 KB 26ms
19ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/countup.js/1.9.3/countUp.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

733a018cb334354fff1d8ae52623d5669bd4df4da01ceb0912a352361ba14247

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 774797
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2161
cf-request-id: 07f15c6f23000064436031f000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-1eb4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8jLS%2BegZpP6eBLS4VyRoG03BkvTnhrZKFP5mVGy2JTx6gkGU%2BVchG529Y6%2FWbD0p5nlRi5R5%2BoKaXjiRMam%2F9kwhKvFsvtIbovSx5jJvbzb%2BOJNHESMvuF2OHpK2TNhxSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 61959691ddae6443-FRA
expires: Wed, 19 Jan 2022 20:08:57 GMT

GET
H2 200 TweenMax.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/latest/ 105 KB
31 KB 19ms
13ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/latest/TweenMax.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 774357
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31378
cf-request-id: 07f15c6f230000644359ac8000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-1a5b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IUyKo9xD%2BO3mVglq0oZms7x7c8EQjXQ0aJZAntIlu72L3grKaww69329zcmCsKiloM1csTPDzZ9ip0Fq8b0DbEU1ofjN3EZFkdfWVXCu%2FEMAQPOrAqo0hkN7DFobIaUUMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 61959691ddaf6443-FRA
expires: Wed, 19 Jan 2022 20:08:57 GMT

GET
H2 200 autocomplete-noconflict.js Show response
www.area1security.com/wp-content/plugins/search-by-algolia-instant-relevant-results/js/ 53 B
303 B 43ms
37ms Script
application/javascript 2606:4700::6812:1a99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.area1security.com/wp-content/plugins/search-by-algolia-instant-relevant-results/js/autocomplete-noconflict.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7eabaa9bb3449c434af9a74f77afb68872049c4d67b2326589c112b2db9b02a3

Request headers

Referer: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 2609
cf-polished: origSize=56
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 3291050A689DCEA9
x-amz-id-2: exldrqQ19MYodtd4uXPml8igOoZQGn8ga2BF/yQRCZ2K8eo/n+ZZb5Y/JC4GlasMtfuIs4yeGSo=
last-modified: Sat, 21 Nov 2020 02:11:26 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:5f52583d8458739459c3ceaee48f1e7c
etag: W/"5f52583d8458739459c3ceaee48f1e7c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1200
cf-request-id: 07f15c6f2400004ab004a82000000001
cf-ray: 61959691d9fc4ab0-FRA
expires: Fri, 29 Jan 2021 20:28:57 GMT

GET
H2 200 autocomplete.min.js Show response
www.area1security.com/wp-content/plugins/search-by-algolia-instant-relevant-results/js/autocomplete.js/ 55 KB
17 KB 56ms
50ms Script
application/javascript 2606:4700::6812:1a99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.area1security.com/wp-content/plugins/search-by-algolia-instant-relevant-results/js/autocomplete.js/autocomplete.min.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e4021b59c1368de0d79e4c4c4b055765bc0bea375872a2b0e8ef33f66d5c485

Request headers

Referer: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 2609
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 000B8E65DF40FFF1
x-amz-id-2: nELqZcVPQzoyMFJkhklnhDv4Lzzk+CugFCOH4oerfF0xoRyoYWzs6EZLPMMv3hVQEHAr5Jzvihg=
last-modified: Sat, 21 Nov 2020 02:11:26 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:d7b1c756c2db602e11567ba987226af4
etag: W/"d7b1c756c2db602e11567ba987226af4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1200
cf-request-id: 07f15c6f2400004ab028089000000001
cf-ray: 61959691d9fe4ab0-FRA
expires: Fri, 29 Jan 2021 20:28:57 GMT

GET
H2 200 algoliasearch.jquery.min.js Show response
www.area1security.com/wp-content/plugins/search-by-algolia-instant-relevant-results/js/algoliasearch/ 65 KB
17 KB 47ms
42ms Script
application/javascript 2606:4700::6812:1a99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.area1security.com/wp-content/plugins/search-by-algolia-instant-relevant-results/js/algoliasearch/algoliasearch.jquery.min.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee2a7b51378f1eae8def636a976934def4a2fec23a7db806d6c644bce4e600fc

Request headers

Referer: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 2609
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 403AA0BF0F1A4715
x-amz-id-2: DGAUc5qa12aVVODyEXh27q0S+XVIF931rJrVgUAb43A+Abqkj94Sr96tw0EnnR9TadB05Km/oIU=
last-modified: Sat, 21 Nov 2020 02:11:26 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:6c75e6e185c16aa615584b5f3e82b0f4
etag: W/"6c75e6e185c16aa615584b5f3e82b0f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1200
cf-request-id: 07f15c6f2300004ab00f200000000001
cf-ray: 61959691d9ff4ab0-FRA
expires: Fri, 29 Jan 2021 20:28:57 GMT

GET
H2 200 wp-util.min.js Show response
www.area1security.com/wp-includes/js/ 1 KB
808 B 47ms
41ms Script
application/javascript 2606:4700::6812:1a99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.area1security.com/wp-includes/js/wp-util.min.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 622bd29e595894b02f5c5ab95628f99d6e6d46483bac342b4fff38bbc64a8a35

Request headers

Referer: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 2609
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 68BBF8660BDBF1E7
x-amz-id-2: ZxNgPkT9KiIbx3sCBtDPXqjk8Svnx7tm9oz5h6nGXyYXzcULJhgx7GJNb8cDYpyZ6D031vck4mI=
last-modified: Mon, 04 Jan 2021 23:56:09 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:12b99b14f0a718568e3e516f36bdb886
etag: W/"12b99b14f0a718568e3e516f36bdb886"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1200
cf-request-id: 07f15c6f2400004ab0288c5000000001
cf-ray: 61959691da014ab0-FRA
expires: Fri, 29 Jan 2021 20:28:57 GMT

GET
H2 200 underscore.min.js Show response
www.area1security.com/wp-includes/js/ 16 KB
6 KB 40ms
35ms Script
application/javascript 2606:4700::6812:1a99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.area1security.com/wp-includes/js/underscore.min.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b5fc275c98a58b1073a713920cefa54fab60ad9d85a67cf6907aaf8fbb3c474

Request headers

Referer: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 2609
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: D16B7CEEEE764B2F
x-amz-id-2: cA+r+kHD+CzNu9+2Jehx2HUDxlWuzNb/QHrg9YwFsnyd2bB1RwbGZ4ugvoVeWGjobE95ihlbJaY=
last-modified: Mon, 04 Jan 2021 23:56:09 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:039ca2cb0b64e4962638e527bb56e8d0
etag: W/"039ca2cb0b64e4962638e527bb56e8d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1200
cf-request-id: 07f15c6f2400004ab03884c000000001
cf-ray: 61959691da034ab0-FRA
expires: Fri, 29 Jan 2021 20:28:57 GMT

GET
H2 200 analytics-talk-content-tracking.js Show response
www.area1security.com/wp-content/plugins/duracelltomi-google-tag-manager/js/ 2 KB
990 B 43ms
39ms Script
application/javascript 2606:4700::6812:1a99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.area1security.com/wp-content/plugins/duracelltomi-google-tag-manager/js/analytics-talk-content-tracking.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8baa01b3b16cfe77ad745bd12cc99d1a226a9855b17cb4c2b9c6edf754be53f2

Request headers

Referer: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 2609
cf-polished: origSize=3725
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: D7A974F179357E01
x-amz-id-2: R4Kr8BfoJMh6OwVvPvhdx5PV7ZZENQUJoWvpHvkl+EEM2NOQa5aLw5BEge7YUYM7H/FRQk3adFs=
last-modified: Sat, 21 Nov 2020 02:11:26 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:7ff5596e1f2696392ad1280abe83ce9c
etag: W/"7ff5596e1f2696392ad1280abe83ce9c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1200
cf-request-id: 07f15c6f2400004ab0f097d000000001
cf-ray: 61959691da054ab0-FRA
expires: Fri, 29 Jan 2021 20:28:57 GMT

GET
H2 200 gtm4wp-social-tracker.js Show response
www.area1security.com/wp-content/plugins/duracelltomi-google-tag-manager/js/ 2 KB
779 B 45ms
41ms Script
application/javascript 2606:4700::6812:1a99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.area1security.com/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-social-tracker.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12c7c022e658d66f73ea8067246586e5c0f2dc5bce35c2eaabb8ecb019f6c2fe

Request headers

Referer: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 2609
cf-polished: origSize=3099
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 1BB678A573BF3F3B
x-amz-id-2: 2cbq7iP/boYnxXZLztKBgY5OZRLYD9LtM7V59drjYEphzRhuVyh5XRh7vSphJrTg8fez9rlwEZU=
last-modified: Sat, 21 Nov 2020 02:11:26 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:5dcea1f519d96da2f99b369f61affc4f
etag: W/"5dcea1f519d96da2f99b369f61affc4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1200
cf-request-id: 07f15c6f2400004ab03f37b000000001
cf-ray: 61959691da064ab0-FRA
expires: Fri, 29 Jan 2021 20:28:57 GMT

GET
H2 200 gtm4wp-form-move-tracker.js Show response
www.area1security.com/wp-content/plugins/duracelltomi-google-tag-manager/js/ 1 KB
624 B 44ms
39ms Script
application/javascript 2606:4700::6812:1a99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.area1security.com/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a4e4d87eb5124ff8ace838e9e12db5b279607a0773d2b91cd079d85d426089b

Request headers

Referer: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 2609
cf-polished: origSize=1487
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 0B1467DAD4070DD3
x-amz-id-2: UDo1kt0At0ElmPAvqYMAASiC2nauMbBSKg59XQnjFE0WPDRDnwcFJMZLW2uSQND6hadS4z7suwc=
last-modified: Sat, 21 Nov 2020 02:11:26 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:b554a878cd1c765decedc9aabcb7b103
etag: W/"b554a878cd1c765decedc9aabcb7b103"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1200
cf-request-id: 07f15c6f2500004ab01d8e5000000001
cf-ray: 61959691da084ab0-FRA
expires: Fri, 29 Jan 2021 20:28:57 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 84 KB
30 KB 30ms
5ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 19:00:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4103
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30028
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 29 Jan 2022 19:00:34 GMT

GET
H2 200 plausible.js Show response
plausible.io/js/ 1 KB
985 B 33ms
5ms Script
application/javascript 2a03:b0c0:3:e0::26f:c001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plausible.io/js/plausible.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:b0c0:3:e0::26f:c001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Netlify /
Resource Hash: 622cc6cc1547de528cfeaee7ab449ba63a9da68dbf476937f19832802508dabe

Request headers

Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nf-request-id: 82d86783-3241-40e7-9870-5cfecbec20ee-637981
date: Fri, 29 Jan 2021 19:50:25 GMT
content-encoding: br
server: Netlify
age: 1112
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=3600,public
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 701
x-request-id: Fl7L03qZ3NKNOI0Auxkj

GET
H2 200 bizible.js Show response
cdn.bizible.com/scripts/ 86 KB
33 KB 390ms
100ms Script
application/x-javascript 68.232.35.12
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/scripts/bizible.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.12 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BA7) /
Resource Hash: bda943417a17390567ef9f9b2cc4742d61cf9d48ba5db87abe2f9d63d7c42fb5

Request headers

Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:58 GMT
content-encoding: gzip
last-modified: Fri, 22 Jan 2021 00:08:29 GMT
server: ECS (amb/6BA7)
age: 71081
etag: "62549ab652f0d61:0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 33769

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 134 KB
52 KB 67ms
53ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XM4D98EE7X&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TZNPQBB

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c2f7379b4c7830f9d87a2e2393f197ca623e11e2d4fdf0cd0a909f626fd4c36f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:57 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52551
x-xss-protection: 0
expires: Fri, 29 Jan 2021 20:08:57 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TZNPQBB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 3293
date: Fri, 29 Jan 2021 19:14:04 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Fri, 29 Jan 2021 21:14:04 GMT

GET
H2 200 / Show response
ipinfo.io/ 248 B
413 B 421ms
214ms Script
text/javascript 216.239.34.21
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ipinfo.io/?token=136616de95c87f&callback=callback

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TZNPQBB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.34.21 Los Gatos, United States, ASN15169 (GOOGLE, US),

Reverse DNS

any-in-2215.1e100.net

Software

Resource Hash

093c8507b85e5163d2b70fd90836bc70d2d60c80290625c1d196df2c5dc69db1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:58 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
access-control-allow-origin: *
x-frame-options: DENY
content-type: text/javascript; charset=utf-8
via: 1.1 google
x-content-type-options: nosniff
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 loader.js Show response
www.gstatic.com/wcm/ 539 B
494 B 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/wcm/loader.js

Requested by

Host: go.area1security.com
URL: https://go.area1security.com/io6A0gT9g0P00I000sj2G0a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e05da544a93b639782cb0974f5dacbfc36b60d40622f680e3383ec581243ca4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 19:22:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Jun 2020 00:15:00 GMT
server: sffe
age: 2780
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 366
x-xss-protection: 0
expires: Fri, 29 Jan 2021 20:22:37 GMT

GET
H3-Q050 200 call-tracking_2.js Show response
www.gstatic.com/call-tracking/ 51 KB
20 KB 33ms
20ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/call-tracking/call-tracking_2.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/loader.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee0af9cb821e3b90c73da380ca1ea46a9568f50635facf5e263d0044c9124c9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:26:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 23 Apr 2020 17:15:00 GMT
server: sffe
age: 373344
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19708
x-xss-protection: 0
expires: Tue, 25 Jan 2022 12:26:33 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
392 B 46ms
12ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1650074218&t=pageview&_s=1&dl=https%3A%2F%2Fwww.area1security.com%2Fblog%2Fpfizer-vaccine-phishing-campaign%2F%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3Dna%26utm_content%3Dna%26utm_campaign%3D2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please%26mkt_tok%3DeyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%253D%253D&dr=https%3A%2F%2Fgo.area1security.com%2Fio6A0gT9g0P00I000sj2G0a&ul=en-us&de=UTF-8&dt=Count%20Yourself%20in%20For%20a%20Vaccine%20Phish%20%7C%20Area%201%20Security&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=132242721&gjid=369560039&cid=685055537.1611950938&tid=UA-50588008-1&_gid=2132443364.1611950938&_r=1&gtm=2wg1k0TZNPQBB&z=1901977308

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Jan 2021 20:08:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.area1security.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 collect
www.google-analytics.com/g/ 0
23 B 29ms
13ms Other
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-XM4D98EE7X&gtm=2oe1k0&_p=1650074218&sr=1600x1200&ul=en-us&cid=685055537.1611950938&_s=1&dl=https%3A%2F%2Fwww.area1security.com%2Fblog%2Fpfizer-vaccine-phishing-campaign%2F%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3Dna%26utm_content%3Dna%26utm_campaign%3D2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please%26mkt_tok%3DeyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%253D%253D&dr=https%3A%2F%2Fgo.area1security.com%2Fio6A0gT9g0P00I000sj2G0a&dt=Count%20Yourself%20in%20For%20a%20Vaccine%20Phish%20%7C%20Area%201%20Security&sid=1611950937&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XM4D98EE7X&l=dataLayer&cx=c
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 29 Jan 2021 20:08:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.area1security.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
92 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-50588008-1&cid=685055537.1611950938&jid=132242721&gjid=369560039&_gid=2132443364.1611950938&_u=YEBAAEAAAAAAAC~&z=811440195

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 29 Jan 2021 20:08:58 GMT
content-type: text/plain
access-control-allow-origin: https://www.area1security.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

wcm Show response
www.google.pl/pagead/attribution/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/923313590/wcm?cc=ZZ&dn=6504919371&cl=00ozCIOi-IQBELbLorgD&ref=https%3A%2F%2Fgo.area1security.com%2Fio6A0gT9g0P00I000sj2G0a&ct_eid=2
https://www.google.pl/pagead/attribution/wcm?cc=ZZ&dn=6504919371&cl=00ozCIOi-IQBELbLorgD

80 B
569 B

34ms
15ms

XHR
application/json

2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.pl/pagead/attribution/wcm?cc=ZZ&dn=6504919371&cl=00ozCIOi-IQBELbLorgD

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: application/json; charset=UTF-8
access-control-allow-origin: null
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87
x-xss-protection: 0

Redirect headers

timing-allow-origin: *
date: Fri, 29 Jan 2021 20:08:58 GMT
x-content-type-options: nosniff
server: cafe
location: https://www.google.pl/pagead/attribution/wcm?cc=ZZ&dn=6504919371&cl=00ozCIOi-IQBELbLorgD
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: https://www.area1security.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
108 B 30ms
30ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-50588008-1&cid=685055537.1611950938&jid=132242721&_u=YEBAAEAAAAAAAC~&z=1253282009

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Jan 2021 20:08:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 31ms
30ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-50588008-1&cid=685055537.1611950938&jid=132242721&_u=YEBAAEAAAAAAAC~&z=1253282009

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Jan 2021 20:08:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 4 KB
2 KB 23ms
23ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TZNPQBB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3022978
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 948
cf-request-id: 07f15c70df000064435e1e6000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-f62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NnCBYqok%2Fo5bG7qm5t%2F%2FeNZQjHM0c2eaweyX4HXk%2FaxmV%2BnvixKhvg%2Busde8nj3i0siWhVX5DB%2F2W30k7paFNoXDWn5R%2BzcgkOIrazpvKR3RtRK%2BzL3ZKPX8PpFtZXBO4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 619596949e906443-FRA
expires: Wed, 19 Jan 2022 20:08:58 GMT

GET
H2 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 19 KB
6 KB 36ms
35ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TZNPQBB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1208957
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5676
cf-request-id: 07f15c70de0000644360330000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-4d5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IPcpbNbhsaRnvmD3JXE%2FhhXoHv4iD4H4agQQZ1kKi9wpX%2FwQIkHuGkSRpg5lSdL770FbnC3jLXxRPP1jr%2FQmlfkqwZa8wut6f4Fe9OJA5Wf3XzsQQI%2BVax4mKUurxxziog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 619596949e926443-FRA
expires: Wed, 19 Jan 2022 20:08:58 GMT

GET
H2 200 bfys9szbrt7k.js Show response
js.driftt.com/include/1611951000000/ 138 KB
45 KB 449ms
243ms Script
application/javascript 13.224.94.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1611951000000/bfys9szbrt7k.js

Requested by

Host: go.area1security.com
URL: https://go.area1security.com/io6A0gT9g0P00I000sj2G0a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.94.122 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-94-122.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

3c028e9666117b356459012caad6c5b5d20a8227b95b01a899e48ebe7f27b94d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:58 GMT
content-encoding: gzip
x-amz-cf-pop: ZRH50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 21 Dec 2020 20:19:33 GMT
server: nginx
etag: W/"4d7b506764645b403852bae487758a92"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
via: 1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront)
cache-control: max-age=10
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: MgPfRKDsL2oC6MbH3EwxhF1f2Oka9Hq2Em44KxdeUkMyDwfg-ZZKBg==

GET
H/1.1 200
OK pixel.js Show response
origin.acuityplatform.com/event/v2/ 2 KB
2 KB 252ms
80ms Script
application/javascript 104.108.48.95
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://origin.acuityplatform.com/event/v2/pixel.js
Requested by: Host: go.area1security.com
URL: https://go.area1security.com/io6A0gT9g0P00I000sj2G0a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.48.95 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-48-95.deploy.static.akamaitechnologies.com
Software: nginx/1.14.0 /
Resource Hash: e61452dfc7618c61fdb2891ef6c18e147ec6de6d0796657d145cefc3c8d2357c

Request headers

Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 29 Jan 2021 20:08:58 GMT
Last-Modified: Thu, 05 Nov 2020 21:09:51 GMT
Server: nginx/1.14.0
ETag: "5fa46a1f-83f"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2111

GET
H2 200 3269.js Show response
tracking.g2crowd.com/attribution_tracking/conversions/ 16 B
1 KB 495ms
474ms Script
text/javascript 2606:4700::6812:1bbe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.g2crowd.com/attribution_tracking/conversions/3269.js?p=https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%253D%253D&e=

Requested by

Host: go.area1security.com
URL: https://go.area1security.com/io6A0gT9g0P00I000sj2G0a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1bbe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .g2crowd.com .g2.com; connect-src 'self' .g2crowd.com .g2.com; font-src 'self' .g2crowd.com .g2.com; form-action 'self' .g2crowd.com .g2.com; frame-src 'self' .g2crowd.com .g2.com; img-src 'self' .g2crowd.com .g2.com; manifest-src 'self' .g2crowd.com .g2.com; media-src 'self' .g2crowd.com .g2.com; object-src 'self' .g2crowd.com .g2.com; script-src 'self' .g2crowd.com .g2.com; style-src 'self' .g2crowd.com .g2.com; worker-src 'self' .g2crowd.com .g2.com
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:59 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: eaef9b91-cf75-45bd-9bbb-02807e971376
x-runtime: 0.006273
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"3dae93a05edd9dcfc1864b87178a31e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
x-download-options: noopen
content-type: text/javascript; charset=utf-8
cache-control: max-age=600, public
content-security-policy: default-src 'self' *.g2crowd.com *.g2.com; connect-src 'self' *.g2crowd.com *.g2.com; font-src 'self' *.g2crowd.com *.g2.com; form-action 'self' *.g2crowd.com *.g2.com; frame-src 'self' *.g2crowd.com *.g2.com; img-src 'self' *.g2crowd.com *.g2.com; manifest-src 'self' *.g2crowd.com *.g2.com; media-src 'self' *.g2crowd.com *.g2.com; object-src 'self' *.g2crowd.com *.g2.com; script-src 'self' *.g2crowd.com *.g2.com; style-src 'self' *.g2crowd.com *.g2.com; worker-src 'self' *.g2crowd.com *.g2.com
cf-request-id: 07f15c71b100000746370a9000000001
cf-ray: 61959695e8350746-FRA

GET
H2 200 104892217.js Show response
extend.vimeocdn.com/ga/ 17 KB
6 KB 80ms
80ms Script
text/javascript 151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://extend.vimeocdn.com/ga/104892217.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: b2b2ad1d953b1341442dca10555ebf44343c74fa9755492be52bf521f61dab11

Request headers

Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:58 GMT
content-encoding: gzip
age: 18297188
x-cache: HIT
x-cache-hits: 416780
content-length: 5672
x-served-by: cache-fra19132-FRA
x-vimeo-dc: ge
last-modified: Mon, 29 Jun 2020 23:08:13 GMT
server: Apache
x-timer: S1611950939.636697,VS0,VE0
etag: "43cc-5a94122101140"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jun 2030 01:35:50 GMT

GET
H/1.1 204
No Content pj Show response
e.acuityplatform.com/ 0
155 B 576ms
217ms Script
text/plain 69.90.254.51
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://e.acuityplatform.com/pj?pk=2500522576298312265&pu=https%3A%2F%2Fwww.area1security.com%2Fblog%2Fpfizer-vaccine-phishing-campaign%2F%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3Dna%26utm_content%3Dna%26utm_campaign%3D2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please%26mkt_tok%3DeyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%253D%253D
Requested by: Host: origin.acuityplatform.com
URL: https://origin.acuityplatform.com/event/v2/pixel.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.90.254.51 , Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 55ms
13ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.area1security.com
URL: https://www.area1security.com/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-social-tracker.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B89) /
Resource Hash: 2b418a10ba4680c77fa07fb0e736eec6306cba0dbbbc8deac94a25e679178e15

Request headers

Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 29 Jan 2021 20:08:58 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Oct 2020 21:52:09 GMT
Server: ECS (amb/6B89)
Age: 114
Etag: "a671d4d584ef50954e5cebb21da17065+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28698

GET
H2 200 ipv
cdn.bizible.com/m/ 43 B
303 B 87ms
87ms Image
image/gif 68.232.35.12
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizible.com/m/ipv?_biz_r=https%3A%2F%2Fgo.area1security.com%2Fio6A0gT9g0P00I000sj2G0a&_biz_h=-1906410348&_biz_u=ff3ceb8c801c410ded7926d95fbee9ee&_biz_s=949904&_biz_l=https%3A%2F%2Fwww.area1security.com%2Fblog%2Fpfizer-vaccine-phishing-campaign%2F%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3Dna%26utm_content%3Dna%26utm_campaign%3D2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please%26mkt_tok%3DeyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%253D%253D&_biz_t=1611950938375&_biz_i=Count%20Yourself%20in%20For%20a%20Vaccine%20Phish%20%7C%20Area%201%20Security&_biz_n=0&rnd=497353&cdn_o=a&_biz_z=1611950938670
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.12 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B75) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Jan 2021 20:08:58 GMT
last-modified: Fri, 29 Jan 2021 01:58:26 GMT
server: ECS (amb/6B75)
age: 65432
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
accept-ranges: bytes
content-type: Image/GIF
content-length: 43
expires: -1

GET
H2 200 u
cdn.bizibly.com/ 43 B
202 B 87ms
86ms Image
image/gif 68.232.35.12
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizibly.com/u?_biz_u=ff3ceb8c801c410ded7926d95fbee9ee&_biz_s=949904&_biz_l=https%3A%2F%2Fwww.area1security.com%2Fblog%2Fpfizer-vaccine-phishing-campaign%2F%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3Dna%26utm_content%3Dna%26utm_campaign%3D2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please%26mkt_tok%3DeyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%253D%253D&_biz_t=1611950938672&_biz_i=Count%20Yourself%20in%20For%20a%20Vaccine%20Phish%20%7C%20Area%201%20Security&rnd=780943&cdn_o=a&_biz_z=1611950938672
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.12 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B97) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Jan 2021 20:08:58 GMT
last-modified: Fri, 29 Jan 2021 00:54:37 GMT
server: ECS (amb/6B97)
age: 69261
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
accept-ranges: bytes
content-type: Image/GIF
content-length: 43
expires: -1

GET
H/1.1 200
OK widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html
platform.twitter.com/widgets/ Frame 45A4 0
0 14ms
13ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html?origin=https%3A%2F%2Fwww.area1security.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B81) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.area1security.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.area1security.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 76914
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Fri, 29 Jan 2021 20:08:58 GMT
Etag: "9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified: Thu, 01 Oct 2020 21:50:01 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6B81)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 5825

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 40 KB
13 KB 275ms
95ms Script
text/javascript 2.18.233.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: go.area1security.com
URL: https://go.area1security.com/io6A0gT9g0P00I000sj2G0a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: c2cb2cc5345c71f30b0ce56069cfe0bdf65eb061228333d27ba0e7388748636a

Request headers

Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: eHeCFa11ZmebQv0hmrjMAs.eB.BPo.q4
Content-Encoding: gzip
ETag: "0aed5b94bc26ce0fe9e58d25dd314418"
x-amz-request-id: A153E367E4F64E44
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 12695
x-amz-id-2: 1CcC1EKrieRTlAyvmM8I9czxbYiNWqUAlIg4XQoBWjKMxkmKs0MXuebcXJ5+1jv9UbHz74EL7Lo=
Last-Modified: Thu, 10 Dec 2020 18:09:34 GMT
Server: AmazonS3
Date: Fri, 29 Jan 2021 20:08:59 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 xdc.js Show response
cdn.bizible.com/ 111 B
522 B 198ms
197ms Script
text/javascript 68.232.35.12
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/xdc.js?_biz_u=ff3ceb8c801c410ded7926d95fbee9ee&_biz_h=-1906410348&cdn_o=a&jsVer=4.21.01.21
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.12 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BBB) /
Resource Hash: fb73975aee9cc34871efc2ac4d5b67d8e1f75d83fbe75b17708b7ee9955af86c

Request headers

Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:58 GMT
content-encoding: gzip
server: ECS (amb/6BBB)
etag: EDC5B00C
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: private, must-revalidate, max-age=21600
content-type: text/javascript; charset=utf-8
content-length: 214

GET
H2 200 PartnerPortal_with_Links3.svg
www.area1security.com/wp-content/uploads/2020/07/ 18 KB
7 KB 31ms
31ms Image
image/svg+xml 2606:4700::6812:1a99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.area1security.com/wp-content/uploads/2020/07/PartnerPortal_with_Links3.svg
Requested by: Host: www.area1security.com
URL: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74ea3c41c31d42cb8b923c06bea1b37bf316685bbf53d020153600c247c650be

Request headers

Referer: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:58 GMT
content-encoding: br
cf-cache-status: HIT
age: 2609
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 4124130119688687
x-amz-id-2: VD8G2ADwUwD/LRAios8U4ApvMJgldbOrzDFRr+19m+Unxvya1UX/fCuoJJS1Pwx2JdseGJAzegY=
last-modified: Tue, 12 Jan 2021 01:46:40 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:ee6d3ce4591b37fcd593f5441346363f
etag: W/"ee6d3ce4591b37fcd593f5441346363f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1200
cf-request-id: 07f15c72ea00004ab02134a000000001
cf-ray: 61959697dbfe4ab0-FRA
expires: Fri, 29 Jan 2021 20:28:58 GMT

GET
H2 200 FeaturedResource_260x320@2.png
www.area1security.com/wp-content/uploads/2020/11/ 53 KB
54 KB 32ms
32ms Image
image/webp 2606:4700::6812:1a99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.area1security.com/wp-content/uploads/2020/11/FeaturedResource_260x320@2.png
Requested by: Host: www.area1security.com
URL: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df965e89ef07dd7e42f8e2943f46e6d8c80a4393b29411f00314389de6639587

Request headers

Referer: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:58 GMT
cf-cache-status: HIT
age: 2609
cf-polished: origFmt=png, origSize=153913
content-disposition: inline; filename="FeaturedResource_260x320@2.webp"
cf-bgj: imgq:85,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 15104C5F49A375B9
x-amz-id-2: N7fOoLSouUB8B1oYkCs/SEQFamqR/bZg9kznV6GYAALmCcd86rtjil+4Inwxcf37ooXw62o3h3E=
accept-ranges: bytes
last-modified: Tue, 12 Jan 2021 13:37:58 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:853163e8dd7734125ff201a85e3b6229
etag: "853163e8dd7734125ff201a85e3b6229"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=1200
cf-request-id: 07f15c72ed00004ab0e9aef000000001
content-length: 54292
cf-ray: 61959697dc034ab0-FRA
expires: Fri, 29 Jan 2021 20:28:58 GMT

GET
H2 200 graphic-demo.png
www.area1security.com/wp-content/uploads/2020/03/ 30 KB
30 KB 34ms
33ms Image
image/webp 2606:4700::6812:1a99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.area1security.com/wp-content/uploads/2020/03/graphic-demo.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5190509f9fca3269f8ccb41eb5de04b7834bad144c219d4581aac7f8c5c7a7da

Request headers

Referer: https://www.area1security.com/blog/pfizer-vaccine-phishing-campaign/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please&mkt_tok=eyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:58 GMT
cf-cache-status: HIT
age: 2609
cf-polished: origFmt=png, origSize=48217
content-disposition: inline; filename="graphic-demo.webp"
cf-bgj: imgq:85,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 5BF09CA0965B98C6
x-amz-id-2: mk/50FXUIsJYOIECWZ0we4ElfH4oTLWW4QBtHRGKXXTFdF6SX0j9RVYK83gSDar1WIvMhQIQXUc=
accept-ranges: bytes
last-modified: Tue, 12 Jan 2021 01:44:52 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:c7e044d6090796161785c3e3e56de5b2
etag: "c7e044d6090796161785c3e3e56de5b2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=1200
cf-request-id: 07f15c72f000004ab01d94f000000001
content-length: 30332
cf-ray: 61959697ec214ab0-FRA
expires: Fri, 29 Jan 2021 20:28:58 GMT

GET
H2 200 index.html
js.driftt.com/deploy/assets/ Frame 5F6A 0
0 114ms
113ms Document
text/html 13.224.94.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/index.html

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1611951000000/bfys9szbrt7k.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.94.122 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-94-122.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: js.driftt.com
:scheme: https
:path: /deploy/assets/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.area1security.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.area1security.com/

Response headers

content-type: text/html; charset=utf-8
content-length: 894
server: nginx
last-modified: Mon, 21 Dec 2020 20:19:33 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 29 Jan 2021 20:08:58 GMT
cache-control: max-age=10
etag: "e550e67e741cdc9d863ebf4ab2b74d31"
x-cache: Hit from cloudfront
via: 1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: KtihDJ82DVRParcAO0lGHPV51fzdhQS5mn4YLtkCfysoqa9UBBaIzA==
age: 3

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/5EGGX7PHUFEY7N5HSUGQQ4/index.js
https://s.adroll.com/j/exp/index.js

28 B
747 B

96ms
96ms

Script
application/javascript

2.18.233.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 8C_4p5S6NLuKOM2fXKpm7asomxwPn3IL
Content-Encoding: gzip
ETag: "5816cced8568d223aa09d889f300692b"
x-amz-request-id: A6E4D842C4F3666B
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 48
x-amz-id-2: 1Pslf+Y9QwUHIZmwUo95w2CKA8MTrgZpbGBRFLUwAevxRDJ3euWTGuAJ2AJ78njOjdUd48ZsKSg=
Last-Modified: Tue, 19 Jan 2021 16:25:36 GMT
Server: AmazonS3
Date: Fri, 29 Jan 2021 20:08:59 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Fri, 29 Jan 2021 20:08:59 GMT
Server: AkamaiGHost
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 0

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/5EGGX7PHUFEY7N5HSUGQQ4/2FGPV6HRYVGHROWBAYIDDD/ 0
773 B 309ms
111ms Script
text/javascript 2.18.233.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/5EGGX7PHUFEY7N5HSUGQQ4/2FGPV6HRYVGHROWBAYIDDD/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: X.pLOZPt4UmG1U60DKpw9yRoOsrDmomx
Content-Encoding: gzip
ETag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-request-id: 5F915C3B29DAFA81
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 20
x-amz-id-2: Dk8Gvj8by/Ihve/AF59ZuR1r1PmKGmM1Bi7zTCJ2kNHvddU0Uc4BsOdvDVhHgLUMdTJy4EQbUYk=
Last-Modified: Fri, 29 Jan 2021 17:54:06 GMT
Server: AmazonS3
Date: Fri, 29 Jan 2021 20:08:59 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2

200

/ Show response
d.adroll.com/consent/check/5EGGX7PHUFEY7N5HSUGQQ4/
Redirect Chain

https://d.adroll.mgr.consensu.org/consent/iabcheck/5EGGX7PHUFEY7N5HSUGQQ4?_s=495d3e481534d7b95b1d34f8ab86bdb9&_b=2
https://d.adroll.com/consent/check/5EGGX7PHUFEY7N5HSUGQQ4/?_s=495d3e481534d7b95b1d34f8ab86bdb9&_b=2

395 B
488 B

317ms
114ms

Script
application/javascript

63.35.114.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/5EGGX7PHUFEY7N5HSUGQQ4/?_s=495d3e481534d7b95b1d34f8ab86bdb9&_b=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.114.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: ec41db5c28efb8d316df45a436f8e8d93bc629a353f681811991874b9606f647

Request headers

Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 20:08:59 GMT
server: nginx/1.18.0
content-length: 395
content-type: application/javascript

Redirect headers

location: https://d.adroll.com/consent/check/5EGGX7PHUFEY7N5HSUGQQ4/?_s=495d3e481534d7b95b1d34f8ab86bdb9&_b=2
date: Fri, 29 Jan 2021 20:08:59 GMT
server: nginx/1.18.0
content-length: 105

POST
H2 204 collect
www.google-analytics.com/g/ 0
76 B 13ms
12ms Other
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-XM4D98EE7X&gtm=2oe1k0&_p=1650074218&sr=1600x1200&ul=en-us&cid=685055537.1611950938&dl=https%3A%2F%2Fwww.area1security.com%2Fblog%2Fpfizer-vaccine-phishing-campaign%2F%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3Dna%26utm_content%3Dna%26utm_campaign%3D2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please%26mkt_tok%3DeyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%253D%253D&dr=https%3A%2F%2Fgo.area1security.com%2Fio6A0gT9g0P00I000sj2G0a&dt=Count%20Yourself%20in%20For%20a%20Vaccine%20Phish%20%7C%20Area%201%20Security&sid=1611950937&sct=1&seg=0&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XM4D98EE7X&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 29 Jan 2021 20:09:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.area1security.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/43/7a/ 75 KB
28 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/43/7a/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyC3BnZKCuaAaz825HOTZkCjU9fD7mq_afU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbb9341647ab729d0f440f5716e780c36b035d22ca131add02d43016f70c3ccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 19:40:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Jan 2021 02:18:40 GMT
server: sffe
age: 174513
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28118
x-xss-protection: 0
expires: Thu, 27 Jan 2022 19:40:30 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/43/7a/ 145 KB
54 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/43/7a/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyC3BnZKCuaAaz825HOTZkCjU9fD7mq_afU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

329ea811a14caf32b10869db63261cf1b7cae7036530ab372cebc2b131dc77a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 19:40:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Jan 2021 02:18:40 GMT
server: sffe
age: 174513
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55025
x-xss-protection: 0
expires: Thu, 27 Jan 2022 19:40:30 GMT

GET
H3-Q050 200 AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ 62 B
406 B 67ms
52ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.area1security.com%2Fblog%2Fpfizer-vaccine-phishing-campaign%2F%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3Dna%26utm_content%3Dna%26utm_campaign%3D2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please%26mkt_tok%3DeyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%253D%253D&4sAIzaSyC3BnZKCuaAaz825HOTZkCjU9fD7mq_afU&callback=_xdc_._sxvr8t&key=AIzaSyC3BnZKCuaAaz825HOTZkCjU9fD7mq_afU&token=118467

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/43/7a/common.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

b89127010626b79a609b91bfd139a1d93dfbbe3d97734a2391d01c5d3b052d39

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Jan 2021 20:09:03 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=23
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

174 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.area1security.com/	1970-01-20 00:31:26	Name: _biz_pendingA Value: %5B%22m%2Fipv%3F_biz_r%3Dhttps%253A%252F%252Fgo.area1security.com%252Fio6A0gT9g0P00I000sj2G0a%26_biz_h%3D-1906410348%26_biz_u%3Dff3ceb8c801c410ded7926d95fbee9ee%26_biz_s%3D949904%26_biz_l%3Dhttps%253A%252F%252Fwww.area1security.com%252Fblog%252Fpfizer-vaccine-phishing-campaign%252F%253Futm_medium%253Demail%2526utm_source%253Dnewsletter%2526utm_term%253Dna%2526utm_content%253Dna%2526utm_campaign%253D2021-01-29-Newsletter-POTW-More-Vaccines-Less-Phishing-Please%2526mkt_tok%253DeyJpIjoiTVdFeFpESmhNR1ExTXpReSIsInQiOiI3OGtSV3lyU3FueHF4elBlRDBNZk1TYnpwS1ZRNWVOTHZaMnZXcTlvd0UxWW5RazVcLzZVcUhtQlRJYTFzS2ppYzJDWkcxSUwxTUhLelFOWjgrcGZKY1BTbVFNMld2NjY5a3ZqdDZvNUkwODhhQW03Q2FTKzU0Z3BGT1VJTTRWMk0ifQ%25253D%25253D%26_biz_t%3D1611950938375%26_biz_i%3DCount%2520Yourself%2520in%2520For%2520a%2520Vaccine%2520Phish%2520%257C%2520Area%25201%2520Security%26_biz_n%3D0%26rnd%3D497353%22%5D
.area1security.com/	1970-01-20 00:31:26	Name: _biz_nA Value: 1
.area1security.com/	1970-01-19 15:45:52	Name: _biz_sid Value: 949904
.area1security.com/	1970-01-20 09:17:02	Name: _ga Value: GA1.1.685055537.1611950938
.area1security.com/	1970-01-19 15:45:50	Name: _gat_UA-50588008-1 Value: 1
.area1security.com/	1970-01-20 00:31:26	Name: _biz_uid Value: ff3ceb8c801c410ded7926d95fbee9ee
.area1security.com/	1970-01-19 15:47:17	Name: _gid Value: GA1.2.2132443364.1611950938
.area1security.com/	1970-01-20 09:17:02	Name: _ga_XM4D98EE7X Value: GS1.1.1611950937.1.0.1611950937.0
.area1security.com/	1970-01-19 17:55:26	Name: _gcl_au Value: 1.1.738064172.1611950938
.area1security.com/	1970-01-19 16:29:02	Name: __cfduid Value: d872bd032de7af6cd67c8ec8a089dc5df1611950936

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.cloudflare.com
ajax.googleapis.com
app-ab22.marketo.com
cdn.bizible.com
cdn.bizibly.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
d.adroll.com
d.adroll.mgr.consensu.org
e.acuityplatform.com
extend.vimeocdn.com
fonts.googleapis.com
fonts.gstatic.com
go.area1security.com
ipinfo.io
js.driftt.com
maps.googleapis.com
origin.acuityplatform.com
p.typekit.net
platform.twitter.com
plausible.io
s.adroll.com
stats.g.doubleclick.net
tracking.g2crowd.com
unpkg.com
use.typekit.net
www.area1security.com
www.bugherd.com
www.google-analytics.com
www.google.com
www.google.de
www.google.pl
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
104.108.48.95
104.16.96.80
13.224.94.122
151.101.14.109
2.18.233.40
216.239.34.21
216.58.210.2
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700::6810:125e
2606:4700::6810:7daf
2606:4700::6810:a823
2606:4700::6812:1a99
2606:4700::6812:1bbe
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::200a
2a00:1450:4001:811::200e
2a00:1450:4001:812::2008
2a00:1450:4001:812::200a
2a00:1450:4001:812::200e
2a00:1450:4001:827::2003
2a00:1450:4001:829::200a
2a00:1450:4001:82a::200a
2a00:1450:400c:c00::9d
2a02:26f0:6c00:285::19fd
2a02:26f0:6c00::210:ba0a
2a03:b0c0:3:e0::26f:c001
2a04:4e42:3::621
54.175.121.11
54.217.146.39
63.35.114.199
68.232.35.12
69.90.254.51
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
014de295141a456ceda8e3c4762085e53dca50f91ddf65906d227f70cf0b1a55
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
06f0f999f55406270467fd935c746d8f0e2865acb2df6567a673cabfd244cfb5
093c8507b85e5163d2b70fd90836bc70d2d60c80290625c1d196df2c5dc69db1
12c7c022e658d66f73ea8067246586e5c0f2dc5bce35c2eaabb8ecb019f6c2fe
160d3073c32a64cf6178c0cd578fbb4c3b7ec3c7de23050569ddc09ffc8bfc62
1b8811650afae7a53ca6e2bf2ac088b8cdec200b6eb62284cc145f8695fb6a09
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1e66fe239f6b4f42c0afc170d9b871052bc18e8b6845a90c6102feedd2f6ca0c
2107e5c8ed1195bd4435c730cfbe30733f0c39387ea34c48948fd16eb4fa2d2d
2189c210d31db92d71f92e1f6cdee0789c49c83ce1084a31184975e4a345f86b
25564a36dfc078097b64abc68e1ca1c668d03370e9875c32038f0f6975f83400
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2619bdf0e0a9d79b74fed1389ca2d3da61f0818813b76c31a626459f83d5d48c
2b418a10ba4680c77fa07fb0e736eec6306cba0dbbbc8deac94a25e679178e15
329ea811a14caf32b10869db63261cf1b7cae7036530ab372cebc2b131dc77a7
37395d94fe5c1a9b6fbd12955388eefb1fd0c15cc95619f8c8157fb132c30277
377bf285812a1c784b42626aa90f76db9b9100f16513490e87a7c7e8c5c9ce78
3bb5ef29fb54f147873b07060266a8e6641c27c912e85cbbc9a2cb03b6d6885c
3c028e9666117b356459012caad6c5b5d20a8227b95b01a899e48ebe7f27b94d
3c39de8d003d74962c2ab7b13b22a10537838552f27f541e911c9b28e9df802a
3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862
3eb5e7f43e997718971765eb7c33b0b602a52476bbf0c343658f21c8470a79e1
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
45a89bddb685d822581cb8eee836984e42fa5d0be26d75d99b46d9a949b02cd0
484dd9acca33cedeefa7d9c7775403901e0ca4fbc9ff6c277e4eac767e02de77
5190509f9fca3269f8ccb41eb5de04b7834bad144c219d4581aac7f8c5c7a7da
60e5af32bd2b6ff69bd3234cd747980889777348734198e77e21922fa2e490dd
622bd29e595894b02f5c5ab95628f99d6e6d46483bac342b4fff38bbc64a8a35
622cc6cc1547de528cfeaee7ab449ba63a9da68dbf476937f19832802508dabe
6faed0e4b708dd466ed2caf20a877b4b99ce8f938d31caa3af6f70772ba641ac
6fe96954452c06555e23bf3598ad124abc2b984b7c2c53db9cd2dffe2995b59c
703982c4eb24c8b28b83f9e4c269525521afc3cecb9ed0ad9eaab9f0a88a7c7d
706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38
733a018cb334354fff1d8ae52623d5669bd4df4da01ceb0912a352361ba14247
74ea3c41c31d42cb8b923c06bea1b37bf316685bbf53d020153600c247c650be
75d9700e1dc0a0c72a7815a64a7c0a737e92b492d65e7f16533f5fed1a09e1b5
7b5fc275c98a58b1073a713920cefa54fab60ad9d85a67cf6907aaf8fbb3c474
7e05da544a93b639782cb0974f5dacbfc36b60d40622f680e3383ec581243ca4
7e4021b59c1368de0d79e4c4c4b055765bc0bea375872a2b0e8ef33f66d5c485
7eabaa9bb3449c434af9a74f77afb68872049c4d67b2326589c112b2db9b02a3
81c534d64fc156ae44b3fa90016b1b09f3abb37013be4e1abf7f49d05d82e9fd
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8a4e4d87eb5124ff8ace838e9e12db5b279607a0773d2b91cd079d85d426089b
8baa01b3b16cfe77ad745bd12cc99d1a226a9855b17cb4c2b9c6edf754be53f2
8de84e17f0f1f2fb7c940cc7b7487de94ac6a9024c760bee235e64a18ffa3eb7
902eeb8fc01d3fd4ac0f3f806cd580b3cc16c36a6480b8dfdeae6dad63043715
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
abbd9b12d7b53fc7cb2db6f32805590ecc29c08db54fd43666affb928f47bf17
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b2b2ad1d953b1341442dca10555ebf44343c74fa9755492be52bf521f61dab11
b7b00c72ad83584446f9aa5f1c82e74a7306c1f6ac396b8da54043039bb66507
b89127010626b79a609b91bfd139a1d93dfbbe3d97734a2391d01c5d3b052d39
bda943417a17390567ef9f9b2cc4742d61cf9d48ba5db87abe2f9d63d7c42fb5
bea383a329cf8b8450c0f202f61dadc22a9227ae057dcdeaafa58e76b64e38b8
c2cb2cc5345c71f30b0ce56069cfe0bdf65eb061228333d27ba0e7388748636a
c2f7379b4c7830f9d87a2e2393f197ca623e11e2d4fdf0cd0a909f626fd4c36f
cc5d370924e2c28e8f2d6d607c5975c42fafe866baf92c798e6f4c087f439147
cf0091a8683a58b2f3b5acc2b910296ffcff35ec4c5a50ed36a528bcac21ae66
d1d88346db141ccc4f154bf8fd2720c480d49c360c71187ad3c905d08c9d91e9
d7c57bbba53cf17f400ffd55936b86d5233b8d5a4c1908c350f3686db0345a10
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
dbb9341647ab729d0f440f5716e780c36b035d22ca131add02d43016f70c3ccf
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df965e89ef07dd7e42f8e2943f46e6d8c80a4393b29411f00314389de6639587
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e61452dfc7618c61fdb2891ef6c18e147ec6de6d0796657d145cefc3c8d2357c
e75f4ef83eb773c1878c0e1bb0736625e4b9390af4dfbc635347ae0eb12987bc
ec41db5c28efb8d316df45a436f8e8d93bc629a353f681811991874b9606f647
edb80de1f7a8a324a3fe4c0db17f7fbeba3af9753c35ed819544a78837e4e804
ee0af9cb821e3b90c73da380ca1ea46a9568f50635facf5e263d0044c9124c9e
ee2a7b51378f1eae8def636a976934def4a2fec23a7db806d6c644bce4e600fc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f7ac5ac9022f66779b2df77751582d8543ecc442511969239797442a372ef989
fb73975aee9cc34871efc2ac4d5b67d8e1f75d83fbe75b17708b7ee9955af86c

www.area1security.com Open in urlscan Pro 2606:4700::6812:1a99 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

90 Requests

100 %HTTPS

64 %IPv6

27 Domains

35 Subdomains

31 IPs

7 Countries

3235 kBTransfer

6123 kBSize

10 Cookies

14 Outgoing links

Page URL History

Redirected requests

90 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.area1security.com Open in urlscan Pro
2606:4700::6812:1a99 Public Scan

Screenshot
Live screenshot

Full Image

90
Requests

100 %
HTTPS

64 %
IPv6

27
Domains

35
Subdomains

31
IPs

7
Countries

3235 kB
Transfer

6123 kB
Size

10
Cookies

90 HTTP transactions
0 data transactions