bolster.ai Open in urlscan Pro
2606:4700:10::6816:42db Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bolster.ai/blog/usps-phishing-campaign
Submission: On December 06 via api (December 6th 2023, 2:12:16 am UTC) from TR — Scanned from DE

Summary HTTP 125 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 45 IPs in 5 countries across 38 domains to perform 125 HTTP transactions. The main IP is 2606:4700:10::6816:42db, located in United States and belongs to CLOUDFLARENET, US. The main domain is bolster.ai.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on March 21st 2023. Valid for: a year.

This is the only time bolster.ai was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
44	2606:4700:10:... 2606:4700:10::6816:42db	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.26.2.32 104.26.2.32	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	152.195.15.58 152.195.15.58	15133 (EDGECAST) (EDGECAST)
3	2606:4700:440... 2606:4700:4400::ac40:93bc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:7eaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:400... 2a04:4e42:400::729	54113 (FASTLY) (FASTLY)
1	18.66.97.10 18.66.97.10	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:bd59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:890f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
6	2606:4700:440... 2606:4700:4400::6812:22b5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
2	104.64.124.188 104.64.124.188	16625 (AKAMAI-AS) (AKAMAI-AS)
2	13.32.27.54 13.32.27.54	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:350... 2a02:26f0:3500:16::215:149b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	162.159.153.247 162.159.153.247	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.70.219.197 52.70.219.197	14618 (AMAZON-AES) (AMAZON-AES)
11	2.17.147.185 2.17.147.185	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.32.27.69 13.32.27.69	16509 (AMAZON-02) (AMAZON-02)
2	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
2	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
2	2606:4700::68... 2606:4700::6811:579a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4cba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:7a0c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:440... 2606:4700:4400::ac40:991b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	216.239.32.36 216.239.32.36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
1	2a02:26f0:710... 2a02:26f0:7100::210:180	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4 5	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	34.96.71.22 34.96.71.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.244.174.68 35.244.174.68	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.66.97.46 18.66.97.46	16509 (AMAZON-02) (AMAZON-02)
1 2	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:1f18:612... 2600:1f18:612b:4264:a73a:b86c:19e1:1c8b	14618 (AMAZON-AES) (AMAZON-AES)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
125	45

44 2606:4700:10::6816:42db (United States)

ASN13335 (CLOUDFLARENET, US)

bolster.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.2.32 (None, )

ASN13335 (CLOUDFLARENET, US)

app.secureprivacy.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 152.195.15.58 (United States)

ASN15133 (EDGECAST, US)

cdn.bizible.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.bizibly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)

pro.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::729 (United States)

ASN54113 (FASTLY, US)

vjs.zencdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-10.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:bd59 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:890f (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:4400::6812:22b5 (United States)

ASN13335 (CLOUDFLARENET, US)

client.crisp.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.64.124.188 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-124-188.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.27.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-54.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.153.247 (None, )

ASN13335 (CLOUDFLARENET, US)

a.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.70.219.197 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-219-197.compute-1.amazonaws.com

q.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2.17.147.185 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-147-185.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-69.fra56.r.cloudfront.net

tag.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:579a (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4cba (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7a0c (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:991b (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.32.36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

540-rfh-299.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100::210:180 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-46.fra56.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.151.101 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4264:a73a:b86c:19e1:1c8b (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	bolster.ai bolster.ai	2 MB
12	6sc.co j.6sc.co — Cisco Umbrella Rank: 5657 c.6sc.co — Cisco Umbrella Rank: 8715 ipv6.6sc.co — Cisco Umbrella Rank: 5852 b.6sc.co — Cisco Umbrella Rank: 3994	22 KB
6	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 327 www.linkedin.com — Cisco Umbrella Rank: 629 px4.ads.linkedin.com — Cisco Umbrella Rank: 6419	5 KB
6	crisp.chat client.crisp.chat — Cisco Umbrella Rank: 16959	157 KB
5	bizible.com cdn.bizible.com — Cisco Umbrella Rank: 6947	51 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 329	14 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 700 script.hotjar.com — Cisco Umbrella Rank: 933	61 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	56 KB
3	fontawesome.com pro.fontawesome.com — Cisco Umbrella Rank: 5123	223 KB
2	hubspot.com track.hubspot.com — Cisco Umbrella Rank: 2246 forms.hubspot.com — Cisco Umbrella Rank: 4894	3 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	1 KB
2	company-target.com s.company-target.com — Cisco Umbrella Rank: 1383 api.company-target.com — Cisco Umbrella Rank: 3792	1 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6765	562 B
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2693 www.google.com — Cisco Umbrella Rank: 2	705 B
2	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2129	19 KB
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 4726 forms.hscollectedforms.net — Cisco Umbrella Rank: 4810	26 KB
2	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 713	610 B
2	t.co t.co — Cisco Umbrella Rank: 589	582 B
2	quora.com a.quora.com — Cisco Umbrella Rank: 4913 q.quora.com — Cisco Umbrella Rank: 3720	15 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 763	13 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75	2 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3659	7 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	194 KB
2	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2326	2 KB
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 339	239 B
1	tremorhub.com partners.tremorhub.com — Cisco Umbrella Rank: 1153	393 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 711	98 B
1	mktoresp.com 540-rfh-299.mktoresp.com	318 B
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 4727	88 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2128	21 KB
1	demandbase.com tag.demandbase.com — Cisco Umbrella Rank: 4557	21 KB
1	clarity.ms www.clarity.ms — Cisco Umbrella Rank: 796	163 B
1	bizibly.com cdn.bizibly.com — Cisco Umbrella Rank: 13567	203 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 678	15 KB
1	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 4490	2 KB
1	zencdn.net vjs.zencdn.net — Cisco Umbrella Rank: 5507	11 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 857	2 KB
1	secureprivacy.ai app.secureprivacy.ai — Cisco Umbrella Rank: 62095	7 KB
125	38

	Domain	Requested by
44	bolster.ai	bolster.ai cdn.bizible.com
9	b.6sc.co	bolster.ai
6	client.crisp.chat	bolster.ai client.crisp.chat
5	cdn.bizible.com	bolster.ai cdn.bizible.com
4	px.ads.linkedin.com	3 redirects cdn.bizible.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com bolster.ai
3	cdnjs.cloudflare.com	bolster.ai
3	pro.fontawesome.com	bolster.ai pro.fontawesome.com
2	dsum-sec.casalemedia.com	1 redirects s.company-target.com
2	www.google.de	bolster.ai
2	js.hs-banner.com	js.hs-scripts.com js.hs-banner.com
2	analytics.twitter.com	bolster.ai
2	t.co	bolster.ai
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
2	script.hotjar.com	static.hotjar.com script.hotjar.com
2	munchkin.marketo.net	bolster.ai munchkin.marketo.net
2	www.googletagmanager.com	bolster.ai www.googletagmanager.com
2	js.hs-scripts.com	bolster.ai
1	forms.hubspot.com	cdn.bizible.com
1	track.hubspot.com
1	pixel.rubiconproject.com	s.company-target.com
1	partners.tremorhub.com	s.company-target.com
1	api.company-target.com	cdn.bizible.com
1	forms.hscollectedforms.net	cdn.bizible.com
1	id.rlcdn.com	bolster.ai
1	s.company-target.com	tag.demandbase.com
1	px4.ads.linkedin.com	bolster.ai
1	www.linkedin.com	1 redirects
1	ipv6.6sc.co	cdn.bizible.com
1	c.6sc.co	cdn.bizible.com
1	540-rfh-299.mktoresp.com	munchkin.marketo.net
1	www.google.com	bolster.ai
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	js.hsleadflows.net	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	tag.demandbase.com	bolster.ai
1	j.6sc.co	bolster.ai
1	q.quora.com	bolster.ai
1	www.clarity.ms	bolster.ai
1	a.quora.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	cdn.bizibly.com	bolster.ai
1	static.ads-twitter.com	bolster.ai
1	ws.zoominfo.com	bolster.ai
1	static.hotjar.com	bolster.ai
1	vjs.zencdn.net	bolster.ai
1	unpkg.com	bolster.ai
1	app.secureprivacy.ai	bolster.ai
125	50

This site contains links to these domains. Also see Links.

Domain
boost.bolster.ai
platform.bolster.ai
home.bolster.ai
www.brighttalk.com
usps.com
checkphish.ai
www.alviy.com
www.clever-cloud.com
clever-cloud.com
now-dns.com
www.facebook.com
twitter.com
pinterest.com
www.linkedin.com
reddit.com
www.tumblr.com
vk.com
getpocket.com
t.me

Subject Issuer	Validity	Valid
*.bolster.ai AlphaSSL CA - SHA256 - G4	`2023-03-21` - `2024-04-21`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-06` - `2024-05-04`	a year	crt.sh
io.bizible.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-01` - `2024-07-01`	a year	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-04` - `2025-01-03`	a year	crt.sh
vjs.zencdn.net GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-06-03` - `2024-07-04`	a year	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2023-04-04` - `2024-04-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
crisp.chat Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-06` - `2024-02-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
quora.com R3	`2023-11-26` - `2024-02-24`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-08-29` - `2024-08-29`	a year	crt.sh
*.quora.com R3	`2023-11-05` - `2024-02-03`	3 months	crt.sh
6sc.co R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2023-08-23` - `2024-09-23`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.mktoresp.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-07` - `2024-10-07`	a year	crt.sh
*.company-target.com R3	`2023-10-20` - `2024-01-18`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2023-09-27` - `2024-09-26`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2023-11-03` - `2024-05-03`	6 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://bolster.ai/blog/usps-phishing-campaign
Frame ID: CB1E2262E3F52E52D9A6E46C86E30250
Requests: 121 HTTP requests in this frame

Frame: https://s.company-target.com/s/sync?exc=lr
Frame ID: 013674421A20A5338D21A67FE88F9770
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Vast Parcel Delivery Phishing Campaign Discovered | Bolster

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
owl\.carousel.*\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

125
Requests

98 %
HTTPS

55 %
IPv6

38
Domains

50
Subdomains

45
IPs

5
Countries

2779 kB
Transfer

6663 kB
Size

49
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://boost.bolster.ai/contact-us.html
Title: Contact

Search URL Search Domain Scan URL

URL: https://boost.bolster.ai/support.html
Title: Support

Search URL Search Domain Scan URL

URL: https://platform.bolster.ai/sign-in
Title: Log In

Search URL Search Domain Scan URL

URL: https://home.bolster.ai/demo
Title: Request Demo

Search URL Search Domain Scan URL

URL: https://www.brighttalk.com/webcast/20066/601082?utm_source=Bolster&utm_medium=blogpost&utm_campaign=601082
Title: Register for our live webinar covering 2023 holiday scams

Search URL Search Domain Scan URL

URL: http://usps.com/
Title: USPS.com

Search URL Search Domain Scan URL

URL: https://checkphish.ai/?__hstc=216000520.63f25dd594cc30594e672b398578d243.1701828731767.1701828731767.1701828731767.1&__hssc=216000520.1.1701828731767&__hsfp=881765916
Title: CheckPhish

Search URL Search Domain Scan URL

URL: https://www.alviy.com/
Title: alviy.com

Search URL Search Domain Scan URL

URL: https://www.clever-cloud.com/
Title: clever-cloud.com

Search URL Search Domain Scan URL

URL: http://clever-cloud.com/
Title: forumz.info

Search URL Search Domain Scan URL

URL: http://now-dns.com/
Title: now-dns.com

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://bolster.ai/blog/usps-phishing-campaign

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://bolster.ai/blog/usps-phishing-campaign

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://bolster.ai/blog/usps-phishing-campaign

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://bolster.ai/blog/usps-phishing-campaign

Search URL Search Domain Scan URL

URL: https://reddit.com/submit?url=https://bolster.ai/blog/usps-phishing-campaign

Search URL Search Domain Scan URL

URL: https://www.tumblr.com/widgets/share/tool?canonicalUrl=https://bolster.ai/blog/usps-phishing-campaign

Search URL Search Domain Scan URL

URL: http://vk.com/share.php?url=https://bolster.ai/blog/usps-phishing-campaign

Search URL Search Domain Scan URL

URL: https://getpocket.com/edit?url=https://bolster.ai/blog/usps-phishing-campaign

Search URL Search Domain Scan URL

URL: https://t.me/share/url?url=https://bolster.ai/blog/usps-phishing-campaign

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/bolster-ai/

Search URL Search Domain Scan URL

URL: https://twitter.com/bolsterai

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 101

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2180364&time=1701828730046&url=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2180364&time=1701828730046&url=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2180364%26time%3D1701828730046%26url%3Dhttps%253A%252F%252Fbolster.ai%252Fblog%252Fusps-phishing-campaign%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2180364&time=1701828730046&url=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2180364&time=1701828730046&url=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&cookiesTest=true&liSync=true&e_ipv6=AQJk1rrOQB9FOQAAAYw85aINJjmLEtKkOvfRwXbcRwbZIXxXhSAjTpsFY_fC79HXSzqpYM-ujRQY7w

Request Chain 108

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1717639930&external_user_id=4578c468-18d7-4bcf-b62b-da6adea3a0c6 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1717639930&external_user_id=4578c468-18d7-4bcf-b62b-da6adea3a0c6&C=1

125 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request usps-phishing-campaign Show response
bolster.ai/blog/ 99 KB
24 KB 663ms
614ms Document
text/html 2606:4700:10::6816:42db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

4a96f0d2fb3c5ebaadfb44016f4fac7f2f2da1052f619ecb262647753361fb60

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 83110089ae5cbb71-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 06 Dec 2023 02:12:07 GMT
link: <https://bolster.ai/wp-json/>; rel="https://api.w.org/" <https://bolster.ai/wp-json/wp/v2/posts/5220>; rel="alternate"; type="application/json" <https://bolster.ai/?p=5220>; rel=shortlink
server: cloudflare
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 60
x-cache-group: normal
x-cacheable: SHORT
x-pingback: https://bolster.ai/xmlrpc.php
x-powered-by: WP Engine

GET
H2 200 60ff3ef04d555ec68f918fdf.js Show response
app.secureprivacy.ai/script/ 6 KB
7 KB 75ms
32ms Script
application/octet-stream 104.26.2.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.secureprivacy.ai/script/60ff3ef04d555ec68f918fdf.js
Requested by: Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4efdd29b2f63cac6ca076e38260e5296db1f53ddcdf04af3a7446f38e2bf275

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:07 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 20 Apr 2022 04:04:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: X0413CJViCUvEoKuEFj/mQ==
server: cloudflare
etag: "0x8DA2282D18D7EAE"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M2m5CSxQD63MPTZS5UsdFvepc7JHZd%2BPHdcgMk3dC%2F50%2Fj0t3XJbBMEnwT6m2JolEoNSzntREhLKDGC29uK8hVphq8eIdk0ADinqL%2FXAhouM4JtnDnXR1b9Lr6rL4gY9Ao4EpbuS"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
x-ms-request-id: 30fd239d-301e-0050-67e9-2763fb000000
x-ms-version: 2018-03-28
accept-ranges: bytes
cf-ray: 8311008dcd8337e8-FRA
content-length: 6537

GET
H2 200 fonts.css
bolster.ai/wp-content/themes/bolster/assets/css/ 2 KB
392 B 22ms
18ms Stylesheet
text/css 2606:4700:10::6816:42db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/wp-content/themes/bolster/assets/css/fonts.css?t=1678414621980

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f88b2e2275b3f0cae0a176e1d249ae53f39bced3d6b5b1422419ac8b54d03217

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:07 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 06 Jul 2023 08:08:12 GMT
server: cloudflare
age: 671814
etag: W/"64a6766c-6dc"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8311008d8808bb71-FRA

GET
H2 200 landing.css
bolster.ai/wp-content/themes/bolster/assets/css/ 253 KB
38 KB 26ms
22ms Stylesheet
text/css 2606:4700:10::6816:42db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/wp-content/themes/bolster/assets/css/landing.css

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4eb64fef9cc9f636740ce1142a5dd7682ee88f51ed6ea3509b081d14939547df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:07 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 06 Jul 2023 08:08:14 GMT
server: cloudflare
age: 220281
cf-polished: origSize=288960
etag: W/"64a6766e-468c0"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8311008d880abb71-FRA

GET
H2 200 bizible.js Show response
cdn.bizible.com/scripts/ 67 KB
25 KB 82ms
18ms Script
application/x-javascript 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.bizible.com/scripts/bizible.js

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.15.58 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BA7) /

Resource Hash

c0790c2d2916752f04091f3dc2ff8f1fb793bc09c07bf99809706cea80223780

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSub
last-modified: Sun, 03 Dec 2023 10:44:23 GMT
server: ECS (amb/6BA7)
age: 17988
etag: "31e8b6add525da1:0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 25393

GET
H2 200 vendor.js Show response
bolster.ai/wp-content/themes/bolster/assets/js/ 608 KB
179 KB 34ms
30ms Script
application/javascript 2606:4700:10::6816:42db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/wp-content/themes/bolster/assets/js/vendor.js?t=1678414621980

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18bef914d9394fb470b7faa0402881527df938cf2add1e526a8d901e3f656bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:07 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 06 Jul 2023 08:09:10 GMT
server: cloudflare
age: 337355
etag: W/"64a676a6-97fba"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8311008d9816bb71-FRA

GET
H2 200 all.css
pro.fontawesome.com/releases/v5.10.0/css/ 153 KB
29 KB 78ms
26ms Stylesheet
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.10.0/css/all.css
Requested by: Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2af905d92cfd34b5413126a54f639da408166cbbcb54318e413ad5e10b5bf6ec

Request headers

Referer: https://bolster.ai/
Origin: https://bolster.ai
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:07 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: R18627XWHDQG4MV3
age: 576525
x-amz-id-2: ccYEsYYtlwvHgCCpFgKz4IGxb55BvJYf5Bx2RFqAkBRhz54oEVWGuAid3+RCanVsr6wVrbKVXuo=
last-modified: Mon, 28 Jun 2021 16:54:32 GMT
server: cloudflare
etag: W/"aa1272633e7e552395d147a499bad186"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: text/css
cache-control: max-age=31556926
cf-ray: 8311008ddb2d37e6-FRA

GET
H2 200 aos.css
unpkg.com/aos@2.3.1/dist/ 25 KB
2 KB 48ms
18ms Stylesheet
text/css 2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/aos@2.3.1/dist/aos.css

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:07 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 509377
last-modified: Thu, 17 May 2018 22:11:13 GMT
fly-request-id: 01HGF8J6EWNNE67EG31TRSKEWC-fra
server: cloudflare
etag: W/"65c5-BVfTdFS2f0LyyxAeV+UHD7EZNXA"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8311008dbd494d50-FRA

GET
H2 200 owl.carousel.min.css
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/ 3 KB
1 KB 44ms
15ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/owl.carousel.min.css

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://bolster.ai
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 415643
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 845
last-modified: Mon, 04 May 2020 16:04:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf0-d17"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dd%2FDYp%2FqhidGjpVGYdbvCRGESEgzZHE5fn7xOJdTmUndJ%2BbHp9rqJBNL0FtROXW9OxfKbW9C%2FV4ZvgEe%2Bacw%2BItAd1fjAOpzetLeMpPceCpIUI8wr8D860jAfKsbGU%2F7JLZnPOYU7Z2suVMFh%2Fzf%2FqfN"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8311008dbe67360b-FRA
expires: Mon, 25 Nov 2024 02:12:07 GMT

GET
H2 200 owl.carousel.min.js Show response
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/ 43 KB
11 KB 42ms
14ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/owl.carousel.min.js

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://bolster.ai
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 513499
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10158
last-modified: Mon, 04 May 2020 16:04:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf0-ad36"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TGzqm5BdMJMcvQc724o0trXh%2BtLCPuMyyQHYwQgTUG7tQW2B1sWrfCIc2UKmQzTftURRexCfEDDyM10R1fB5UDe7JUV5J%2BRtYH7sBD1RTBW1Zdvb2GRPt%2FM9mW6q2kloHw0Fiho0eK4iuzxgZ5Pk22kw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8311008dbe68360b-FRA
expires: Mon, 25 Nov 2024 02:12:07 GMT

GET
H2 200 vendor.css
bolster.ai/wp-content/themes/bolster/assets/css/ 167 KB
26 KB 746ms
743ms Stylesheet
text/css 2606:4700:10::6816:42db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/wp-content/themes/bolster/assets/css/vendor.css?t=50490

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

155044aeeaea2b8d35efc40af273259a893d6c271eb4439e50432f3ddbb99aae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:08 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 06 Jul 2023 08:08:16 GMT
server: cloudflare
strict-transport-security: max-age=15552000; preload
etag: W/"64a67670-29d50"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8311008d880cbb71-FRA

GET
H2 200 swiper-bundle.min.css
bolster.ai/wp-content/themes/bolster/assets/css/ 18 KB
5 KB 723ms
720ms Stylesheet
text/css 2606:4700:10::6816:42db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/wp-content/themes/bolster/assets/css/swiper-bundle.min.css?t=51217

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af8545de3876815292506711e1369bff9dfe57ec7e04c45c3e1bdac48a11f3b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:08 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sat, 05 Aug 2023 05:45:52 GMT
server: cloudflare
strict-transport-security: max-age=15552000; preload
etag: W/"64cde210-4691"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8311008d880dbb71-FRA

GET
H2 200 blog.css
bolster.ai/wp-content/themes/bolster/assets/css/ 167 KB
27 KB 755ms
752ms Stylesheet
text/css 2606:4700:10::6816:42db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/wp-content/themes/bolster/assets/css/blog.css?t=18183

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

782ae98c072f0e0e45013aa1b0444d0d8e3f6c3c9c1e237c215e93efebc26886

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:08 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 06 Sep 2023 18:34:43 GMT
server: cloudflare
strict-transport-security: max-age=15552000; preload
etag: W/"64f8c643-29aa6"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8311008d880ebb71-FRA

GET
H2 200 swiper-bundle.min.js Show response
bolster.ai/wp-content/themes/bolster/assets/js/ 137 KB
39 KB 25ms
23ms Script
application/javascript 2606:4700:10::6816:42db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/wp-content/themes/bolster/assets/js/swiper-bundle.min.js

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b98b576cf86540a5ce760ea71801cf6ba087b7f1d6e92c09a3a4e849daf3bc3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:07 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 05 Aug 2023 05:45:07 GMT
server: cloudflare
strict-transport-security: max-age=15552000; preload
age: 337355
etag: W/"64cde1e3-224e5"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8311008d9817bb71-FRA

GET
H2 200 header.css
bolster.ai/wp-content/themes/bolster/assets/css/ 20 KB
4 KB 730ms
728ms Stylesheet
text/css 2606:4700:10::6816:42db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/wp-content/themes/bolster/assets/css/header.css?t=37966

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

829810d625bfa081a203d32317d65b3cffefcb4854baf822e95120dd8daeb911

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:08 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sat, 05 Aug 2023 09:09:19 GMT
server: cloudflare
strict-transport-security: max-age=15552000; preload
etag: W/"64ce11bf-4f46"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8311008d880fbb71-FRA

GET
H2 200 video-js.css
vjs.zencdn.net/7.20.1/ 45 KB
11 KB 36ms
9ms Stylesheet
text/css 2a04:4e42:400::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vjs.zencdn.net/7.20.1/video-js.css
Requested by: Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8c660e0b2d031b0efa6f5c892800da2d4f8555550eb929c66223bbb52a024f19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230131-FRA
date: Wed, 06 Dec 2023 02:12:07 GMT
content-encoding: gzip
last-modified: Wed, 01 Jun 2022 13:49:44 GMT
etag: "1f86b2298f610cfd578349a148c4f765"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
content-length: 10959
x-cache-hits: 1

GET
H2 200 style.css
bolster.ai/wp-content/themes/bolster/ 17 B
192 B 19ms
17ms Stylesheet
text/css 2606:4700:10::6816:42db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/wp-content/themes/bolster/style.css

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eeda6f6208cf7226321ea4ff61ec9b93fde032d5dd25cff49a4941fbca6b2816

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:07 GMT
strict-transport-security: max-age=15552000; preload
cf-cache-status: HIT
age: 333442
cf-polished: origSize=186
content-length: 17
cf-bgj: minify
last-modified: Sat, 05 Aug 2023 06:39:43 GMT
server: cloudflare
etag: "64cdeeaf-ba"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8311008d8810bb71-FRA

GET
H2 200 style.min.css
bolster.ai/wp-includes/css/dist/block-library/ 102 KB
14 KB 21ms
20ms Stylesheet
text/css 2606:4700:10::6816:42db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/wp-includes/css/dist/block-library/style.min.css?ver=6.3.2

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:07 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 19 Jul 2023 11:13:55 GMT
server: cloudflare
strict-transport-security: max-age=15552000; preload
age: 1263204
etag: W/"64b7c573-19824"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8311008d8811bb71-FRA

GET
H2 200 styles.css
bolster.ai/wp-content/plugins/contact-form-7/includes/css/ 2 KB
1003 B 23ms
21ms Stylesheet
text/css 2606:4700:10::6816:42db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.4

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2d4b7ac2cf724a064d15a4379ccca7a81c346dcb143f279d83a0e99f9563cc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:07 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 30 Nov 2023 06:41:33 GMT
server: cloudflare
age: 490605
cf-polished: origSize=2894
etag: W/"65682e9d-b4e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8311008d8812bb71-FRA

GET
H2 200 ez-toc-sticky.min.css
bolster.ai/wp-content/plugins/easy-table-of-contents/assets/css/ 5 KB
1 KB 20ms
19ms Stylesheet
text/css 2606:4700:10::6816:42db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/wp-content/plugins/easy-table-of-contents/assets/css/ez-toc-sticky.min.css?ver=2.0.56.1

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f27902b2b9390fb8b4b9b4239b762bc52fb4e6e2098d3dfecc1fdb37c9431b8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:07 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 21 Oct 2023 03:47:02 GMT
server: cloudflare
strict-transport-security: max-age=15552000; preload
age: 1232101
etag: W/"653349b6-1575"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8311008d8813bb71-FRA

GET
H2 200 hotjar-2066347.js Show response
static.hotjar.com/c/ 9 KB
4 KB 81ms
44ms Script
application/javascript 18.66.97.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2066347.js?sv=6

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-10.fra56.r.cloudfront.net

Software

Resource Hash

1f98016af7863e9375dc797ad3f658094061862855d5b35f8a2eb4ad42c1dc55

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:09 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/5be8cfaa474b6d0e58cd7807f79ec28c
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: u8LwLpGEy_ZBxav4Z04fR0MSG6oQkkS6SozwjYPYVu5pc7rb3hW5hA==

GET
H2 200 style.css
bolster.ai/wp-content/themes/bolster/ 17 B
102 B 24ms
22ms Stylesheet
text/css 2606:4700:10::6816:42db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/wp-content/themes/bolster/style.css?ver=6.3.2

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eeda6f6208cf7226321ea4ff61ec9b93fde032d5dd25cff49a4941fbca6b2816

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:08 GMT
strict-transport-security: max-age=15552000; preload
cf-cache-status: HIT
age: 671814
cf-polished: origSize=186
content-length: 17
cf-bgj: minify
last-modified: Sat, 05 Aug 2023 06:39:43 GMT
server: cloudflare
etag: "64cdeeaf-ba"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8311008e5895bb71-FRA

GET
H2 200 app.css
bolster.ai/wp-content/themes/bolster/assets/css/ 20 KB
4 KB 25ms
23ms Stylesheet
text/css 2606:4700:10::6816:42db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/wp-content/themes/bolster/assets/css/app.css?ver=6.5.6

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3977a57ffee5f9602acb2256a493b055b0fbe0c683c5544573bb7e81473be89

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:08 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 13 Jul 2023 08:08:59 GMT
server: cloudflare
age: 337356
cf-polished: origSize=20583
etag: W/"64afb11b-5067"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8311008e5896bb71-FRA

GET
H2 200 jquery.min.js Show response
bolster.ai/wp-includes/js/jquery/ 85 KB
30 KB 29ms
27ms Script
application/javascript 2606:4700:10::6816:42db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/wp-includes/js/jquery/jquery.min.js?ver=3.7.0

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:08 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 26 May 2023 11:33:35 GMT
server: cloudflare
strict-transport-security: max-age=15552000; preload
age: 1190245
etag: W/"6470990f-155ba"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8311008e5898bb71-FRA

GET
H2 200 jquery-migrate.min.js Show response
bolster.ai/wp-includes/js/jquery/ 13 KB
5 KB 24ms
22ms Script
application/javascript 2606:4700:10::6816:42db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:08 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 09 Jun 2023 05:49:24 GMT
server: cloudflare
strict-transport-security: max-age=15552000; preload
age: 490606
etag: W/"6482bd64-3509"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8311008e5899bb71-FRA

GET
H2 200 24174425.js Show response
js.hs-scripts.com/ 2 KB
772 B 344ms
307ms Script
application/javascript 2606:4700::6810:bd59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/24174425.js

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:bd59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1aaa7602e78447a2988a91b391264442802b8b43c3c15ac7023c28b373524db2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 786526b0-0c60-4c3a-a7ee-bb8aa3342d3e
x-envoy-upstream-service-time: 12
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 786526b0-0c60-4c3a-a7ee-bb8aa3342d3e
last-modified: Wed, 06 Dec 2023 01:13:59 GMT
server: cloudflare
x-trace: 2B44EAA578325B16E2F8C771D2C346D3FF02269E24000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://bolster.ai
x-evy-trace-virtual-host: all
cache-control: public, max-age=60
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-6ffdd984b9-qsms9
cf-ray: 8311009739b09c07-FRA
expires: Wed, 06 Dec 2023 02:13:09 GMT

GET
H2 200 Screenshot-2023-11-13-at-2.38.47-PM.png
bolster.ai/wp-content/uploads/2023/11/ 186 KB
186 KB 974ms
972ms Image
image/png 2606:4700:10::6816:42db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bolster.ai/wp-content/uploads/2023/11/Screenshot-2023-11-13-at-2.38.47-PM.png

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e97b650032c4807fe8534ae690b1cf062a9c17f48792d34156875c4ccf296ccd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:09 GMT
strict-transport-security: max-age=15552000; preload
cf-cache-status: MISS
last-modified: Mon, 13 Nov 2023 21:39:01 GMT
server: cloudflare
etag: "65529775-2e6d2"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8311008e589bbb71-FRA
content-length: 190162

GET
H2 200 Screenshot-2023-11-13-at-2.38.47-PM-1024x711.png
bolster.ai/wp-content/uploads/2023/11/ 33 KB
33 KB 771ms
770ms Image
image/png 2606:4700:10::6816:42db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bolster.ai/wp-content/uploads/2023/11/Screenshot-2023-11-13-at-2.38.47-PM-1024x711.png

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96b09dd52b1b7c1561e3a0cbe37396a4f9000c483e46ba02d0b2ef901003d9a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:08 GMT
strict-transport-security: max-age=15552000; preload
cf-cache-status: MISS
last-modified: Mon, 13 Nov 2023 21:39:05 GMT
server: cloudflare
etag: "65529779-8359"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8311008e589abb71-FRA
content-length: 33625

GET
H2 200 Screenshot-2023-11-21-at-8.22.03-AM.png
bolster.ai/wp-content/uploads/2023/11/ 89 KB
89 KB 27ms
25ms Image
image/webp 2606:4700:10::6816:42db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bolster.ai/wp-content/uploads/2023/11/Screenshot-2023-11-21-at-8.22.03-AM.png

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e655517e7fbdca05e234e076d682568be673643e5bdc7fbb12f5ad23a5cb487d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:08 GMT
strict-transport-security: max-age=15552000; preload
cf-cache-status: HIT
age: 62720
cf-polished: origFmt=png, origSize=219350
content-disposition: inline; filename="Screenshot-2023-11-21-at-8.webp"
content-length: 91246
cf-bgj: imgq:100,h2pri
last-modified: Tue, 21 Nov 2023 15:22:16 GMT
server: cloudflare
etag: "655ccb28-358d6"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8311008e589cbb71-FRA

GET
H2 200 Screenshot-2023-11-21-at-8.22.43-AM.png
bolster.ai/wp-content/uploads/2023/11/ 107 KB
107 KB 21ms
20ms Image
image/webp 2606:4700:10::6816:42db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bolster.ai/wp-content/uploads/2023/11/Screenshot-2023-11-21-at-8.22.43-AM.png

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac2dd4848e29d55d9d05965e66295266f840fde1e7e5c625b8056ed5e17ed515

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:08 GMT
strict-transport-security: max-age=15552000; preload
cf-cache-status: HIT
age: 62720
cf-polished: origFmt=png, origSize=245045
content-disposition: inline; filename="Screenshot-2023-11-21-at-8.webp"
content-length: 109202
cf-bgj: imgq:100,h2pri
last-modified: Tue, 21 Nov 2023 15:22:53 GMT
server: cloudflare
etag: "655ccb4d-3bd35"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8311008e88abbb71-FRA

GET
H2 200 logo-icon.png
bolster.ai/wp-content/uploads/2023/03/ 232 B
426 B 19ms
18ms Image
image/webp 2606:4700:10::6816:42db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bolster.ai/wp-content/uploads/2023/03/logo-icon.png

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a76b1e17e889d7e6a493b7348283138763a7cc525e318a6514a44b4df8970328

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:08 GMT
strict-transport-security: max-age=15552000; preload
cf-cache-status: HIT
age: 220280
cf-polished: origFmt=png, origSize=310
content-disposition: inline; filename="logo-icon.webp"
content-length: 232
cf-bgj: imgq:100,h2pri
last-modified: Thu, 04 May 2023 20:50:30 GMT
server: cloudflare
etag: "64541a96-136"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8311008ea8bebb71-FRA

GET
H2 200 left.png
bolster.ai/wp-content/themes/bolster/assets/images/Integrated-Blog/ 136 B
313 B 24ms
18ms Image
image/webp 2606:4700:10::6816:42db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bolster.ai/wp-content/themes/bolster/assets/images/Integrated-Blog/left.png

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1113cf2f526dabe790e97946546078167c948cfbb78f677d420adc12e91995f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:09 GMT
strict-transport-security: max-age=15552000; preload
cf-cache-status: HIT
age: 220281
cf-polished: origFmt=png, origSize=241
content-disposition: inline; filename="left.webp"
content-length: 136
cf-bgj: imgq:100,h2pri
last-modified: Thu, 06 Jul 2023 08:10:52 GMT
server: cloudflare
etag: "64a6770c-f1"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 831100970d5dbb71-FRA

GET
H2 200 AdobeStock_503358549-scaled.jpeg
bolster.ai/wp-content/uploads/2023/04/ 104 KB
105 KB 29ms
23ms Image
image/jpeg 2606:4700:10::6816:42db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bolster.ai/wp-content/uploads/2023/04/AdobeStock_503358549-scaled.jpeg

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a19d40a21176824d532a82ca48b559517a7a2a7be01d80ae8ee1e2aee5a94031

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:09 GMT
strict-transport-security: max-age=15552000; preload
cf-cache-status: HIT
age: 57525
cf-polished: origSize=119101
content-length: 106831
cf-bgj: imgq:100,h2pri
last-modified: Tue, 25 Jul 2023 01:20:46 GMT
server: cloudflare
etag: "64bf236e-1d13d"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 831100970d5ebb71-FRA

GET
H2 200 Shutterstock_2048016017.jpg
bolster.ai/wp-content/uploads/2023/09/ 265 KB
265 KB 988ms
983ms Image
image/jpeg 2606:4700:10::6816:42db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bolster.ai/wp-content/uploads/2023/09/Shutterstock_2048016017.jpg

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

001acb0598d2959f23d095f40bfbfc6ee00f380ae3cf24b1fb8646699ae260d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:10 GMT
strict-transport-security: max-age=15552000; preload
cf-cache-status: MISS
last-modified: Thu, 14 Sep 2023 03:42:15 GMT
server: cloudflare
etag: "65028117-4232f"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 831100970d5fbb71-FRA
content-length: 271151

GET
H2 200 Shutterstock_517844728.jpg
bolster.ai/wp-content/uploads/2023/09/ 329 KB
329 KB 524ms
518ms Image
image/jpeg 2606:4700:10::6816:42db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bolster.ai/wp-content/uploads/2023/09/Shutterstock_517844728.jpg

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

552bdb67c124807fd4a78a9af1bf8675b32e8c2a5b15fe04ab52504c64d39146

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:09 GMT
strict-transport-security: max-age=15552000; preload
cf-cache-status: MISS
last-modified: Tue, 05 Sep 2023 21:10:54 GMT
server: cloudflare
etag: "64f7995e-5222c"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 831100970d60bb71-FRA
content-length: 336428

GET
H2 200 bolster-logo-white.svg
bolster.ai/wp-content/uploads/2023/03/ 3 KB
1 KB 24ms
19ms Image
image/svg+xml 2606:4700:10::6816:42db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bolster.ai/wp-content/uploads/2023/03/bolster-logo-white.svg

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e5fe921affab5fc16bb76cb0138677bc52dc4abe1257ecfcae99bf225f09b01

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 18 Apr 2023 21:26:31 GMT
server: cloudflare
strict-transport-security: max-age=15552000; preload
age: 220281
etag: W/"643f0b07-bc0"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 831100970d61bb71-FRA

GET
H2 200 soc-type-two.png
bolster.ai/wp-content/uploads/2023/03/ 5 KB
6 KB 33ms
29ms Image
image/webp 2606:4700:10::6816:42db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bolster.ai/wp-content/uploads/2023/03/soc-type-two.png

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c2ce731a0fb36e28c1cc50b12c121c81ae56fbaef0a109c516f3de4e67eb0b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:09 GMT
strict-transport-security: max-age=15552000; preload
cf-cache-status: HIT
age: 125788
cf-polished: origFmt=png, origSize=6911
content-disposition: inline; filename="soc-type-two.webp"
content-length: 5604
cf-bgj: imgq:100,h2pri
last-modified: Tue, 18 Apr 2023 21:26:32 GMT
server: cloudflare
etag: "643f0b08-1aff"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 831100970d62bb71-FRA

GET
H2 200 in.jpg
bolster.ai/wp-content/uploads/2023/03/ 687 B
855 B 26ms
22ms Image
image/jpeg 2606:4700:10::6816:42db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bolster.ai/wp-content/uploads/2023/03/in.jpg

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5370a5f05408ac6c35354c362f4ac427f28438f4c4431c8f4f6555775073d62

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:09 GMT
strict-transport-security: max-age=15552000; preload
cf-cache-status: HIT
age: 220281
cf-polished: origSize=872
content-length: 687
cf-bgj: imgq:100,h2pri
last-modified: Thu, 04 May 2023 20:48:49 GMT
server: cloudflare
etag: "64541a31-368"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 831100970d63bb71-FRA

GET
H2 200 tw.jpg
bolster.ai/wp-content/uploads/2023/03/ 687 B
789 B 31ms
28ms Image
image/jpeg 2606:4700:10::6816:42db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bolster.ai/wp-content/uploads/2023/03/tw.jpg

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75ba0e9c35e2379a79f86786534917bff2df3f6341ffd026b71a055112b2badb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:09 GMT
strict-transport-security: max-age=15552000; preload
cf-cache-status: HIT
age: 220281
cf-polished: origSize=874
content-length: 687
cf-bgj: imgq:100,h2pri
last-modified: Thu, 04 May 2023 20:48:49 GMT
server: cloudflare
etag: "64541a31-36a"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 831100970d64bb71-FRA

GET
H3 200 lottie_svg.min.js Show response
cdnjs.cloudflare.com/ajax/libs/bodymovin/5.5.3/ 194 KB
44 KB 26ms
14ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bodymovin/5.5.3/lottie_svg.min.js

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82579c118595edaf3938bd630ff491419d33e0b52c907fa3f9f61f4a05f0451a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1974425
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 44603
last-modified: Mon, 04 May 2020 16:06:35 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d8b-30991"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I7SzUBvKbfmojPsHMwe4jJTIzxbdpW2kd2MMcYo9u8zQozXvuDhZWalf9bp%2BUPULyFe1acmHjMhlTy6eGAw6zThh%2BkX7%2BD9kBOuKSMm9GH3ObxxeZAwqy5trRFZsPoH1Wh8oKAT%2F7jcXGJOifm%2FPz6P8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8311008eda791981-FRA
expires: Mon, 25 Nov 2024 02:12:08 GMT

GET
H2 200 index.js Show response
bolster.ai/wp-content/plugins/contact-form-7/includes/swv/js/ 11 KB
3 KB 17ms
17ms Script
application/javascript 2606:4700:10::6816:42db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.4

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:08 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 30 Nov 2023 06:41:33 GMT
server: cloudflare
age: 490604
etag: W/"65682e9d-2b6d"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8311008f08fcbb71-FRA

GET
H2 200 index.js Show response
bolster.ai/wp-content/plugins/contact-form-7/includes/js/ 13 KB
4 KB 17ms
17ms Script
application/javascript 2606:4700:10::6816:42db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.4

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:08 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 30 Nov 2023 06:41:33 GMT
server: cloudflare
age: 490604
etag: W/"65682e9d-337e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8311008f2910bb71-FRA

GET
H2 200 24174425.js Show response
js.hs-scripts.com/ 2 KB
1 KB 172ms
138ms Script
application/javascript 2606:4700::6810:bd59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/24174425.js?integration=WordPress&ver=10.2.16

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:bd59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76c5fcfd56fbe17b960c6c790cdeb40565fdb31a0b959a9c770f85554606d10c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 47d370c6-87b9-409b-9a7b-a28ff00d0159
x-envoy-upstream-service-time: 17
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 47d370c6-87b9-409b-9a7b-a28ff00d0159
last-modified: Wed, 06 Dec 2023 01:14:00 GMT
server: cloudflare
x-trace: 2B7C9EB9C105DC11226E99D78FD13136B2C88394F4000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://bolster.ai
x-evy-trace-virtual-host: all
cache-control: public, max-age=60
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-6ffdd984b9-sj554
cf-ray: 8311009739af9c07-FRA
expires: Wed, 06 Dec 2023 02:13:09 GMT

GET
H2 200 comment-reply.min.js Show response
bolster.ai/wp-includes/js/ 3 KB
1 KB 22ms
22ms Script
application/javascript 2606:4700:10::6816:42db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/wp-includes/js/comment-reply.min.js?ver=6.3.2

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:08 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
server: cloudflare
strict-transport-security: max-age=15552000; preload
age: 823639
etag: W/"625095f6-ba5"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8311008f4928bb71-FRA

GET
H2 404 responsive-embeds.js
bolster.ai/wp-content/themes/bolster/assets/js/ 0
0 764ms
764ms Script
text/html 2606:4700:10::6816:42db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/wp-content/themes/bolster/assets/js/responsive-embeds.js?ver=6.3.2

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:08 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: gzip
cf-cache-status: EXPIRED
server: cloudflare
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/html
cache-control: max-age=14400
cf-ray: 8311008f6937bb71-FRA

GET
H2 200 main.js Show response
bolster.ai/wp-content/themes/bolster/assets/js/ 9 KB
3 KB 37ms
29ms Script
application/javascript 2606:4700:10::6816:42db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/wp-content/themes/bolster/assets/js/main.js?ver=1.1.7

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b627a031966227afe6a97cf9188c9f8c2cb852336a0231566655b5c9de84b482

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:09 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sat, 05 Aug 2023 06:13:40 GMT
server: cloudflare
age: 2204186
cf-polished: origSize=14297
etag: W/"64cde894-37d9"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 831100970d5cbb71-FRA

GET
H2 200 6176ff301763cc001309b96a Show response
ws.zoominfo.com/pixel/ 3 KB
2 KB 256ms
223ms Script
text/javascript 2606:4700::6810:890f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/6176ff301763cc001309b96a

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:890f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

2eea5733fb3b170b73649dafc71af3d0a760e4e220f1d9a0f13dd26a08c457b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 831100973c786915-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
alt-svc: h3=":443"; ma=86400

GET
H2 404 print.css
bolster.ai/wp-content/themes/bolster/assets/css/ 0
0 793ms
790ms Stylesheet
text/html 2606:4700:10::6816:42db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/wp-content/themes/bolster/assets/css/print.css?ver=6.3.2

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:10 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: gzip
cf-cache-status: EXPIRED
server: cloudflare
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/html
cache-control: max-age=14400
cf-ray: 831100970d65bb71-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 325 KB
105 KB 83ms
44ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W4T3NN7

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

66f1cdfbf890e2d5e08c3ceaafa41ac0a1296ce1b057b89db0ad5f22e733ed3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 106707
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 06 Dec 2023 02:12:09 GMT

GET
BLOB 200
OK 23594d22-49c4-43f9-9dc5-f02d322c4dee
https://bolster.ai/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://bolster.ai/23594d22-49c4-43f9-9dc5-f02d322c4dee
Requested by: Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 ProximaNova_Medium_400.woff2
bolster.ai/wp-content/themes/bolster/assets/fonts/ 52 KB
53 KB 28ms
18ms Font
font/woff2 2606:4700:10::6816:42db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/wp-content/themes/bolster/assets/fonts/ProximaNova_Medium_400.woff2

Requested by

Host: bolster.ai
URL: https://bolster.ai/wp-content/themes/bolster/assets/css/fonts.css?t=1678414621980

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

208205bdec1ba25e00bb82dd733447e7092f96f45427a51499ca8b348a514ca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://bolster.ai/wp-content/themes/bolster/assets/css/fonts.css?t=1678414621980
Origin: https://bolster.ai
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:09 GMT
strict-transport-security: max-age=15552000; preload
cf-cache-status: HIT
last-modified: Thu, 06 Jul 2023 08:08:35 GMT
server: cloudflare
age: 1934395
etag: "64a67683-d1e4"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 831100974d8fbb71-FRA
content-length: 53732

GET
H2 200 ProximaNova_Bold_700.woff2
bolster.ai/wp-content/themes/bolster/assets/fonts/ 53 KB
53 KB 32ms
22ms Font
font/woff2 2606:4700:10::6816:42db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/wp-content/themes/bolster/assets/fonts/ProximaNova_Bold_700.woff2

Requested by

Host: bolster.ai
URL: https://bolster.ai/wp-content/themes/bolster/assets/css/fonts.css?t=1678414621980

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae76d384435e2a9c9b328827d7c0527d27541437f0387551a12225488bcb78db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://bolster.ai/wp-content/themes/bolster/assets/css/fonts.css?t=1678414621980
Origin: https://bolster.ai
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:09 GMT
strict-transport-security: max-age=15552000; preload
cf-cache-status: HIT
last-modified: Thu, 06 Jul 2023 08:08:34 GMT
server: cloudflare
age: 1934395
etag: "64a67682-d2c8"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 831100974d91bb71-FRA
content-length: 53960

GET
H2 200 fa-brands-400.woff2
pro.fontawesome.com/releases/v5.10.0/webfonts/ 73 KB
73 KB 25ms
16ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.10.0/webfonts/fa-brands-400.woff2
Requested by: Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.10.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03a811b7e81f930c938141ba6c0a439f59acfe1a3c4a6768b7901741a32b459e

Request headers

Referer: https://pro.fontawesome.com/releases/v5.10.0/css/all.css
Origin: https://bolster.ai
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:09 GMT
cf-cache-status: HIT
x-amz-request-id: 7DE3SBHFR90PSYHS
age: 258811
content-length: 74668
x-amz-id-2: nZu+F093+vEMtsUi8HIYDIw5Paur0dAzAF9Yq0tImMLSYXjrZQHempsezSIGHREEqBWtMYvNLTI=
last-modified: Mon, 28 Jun 2021 16:56:06 GMT
server: cloudflare
etag: "2de2a530b2c689d8dc9548acfcf670a1"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8311009748c137e6-FRA

GET
H2 200 Graphik-Semibold-webfont.woff2
bolster.ai/wp-content/themes/bolster/assets/fonts/ 40 KB
40 KB 36ms
26ms Font
font/woff2 2606:4700:10::6816:42db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/wp-content/themes/bolster/assets/fonts/Graphik-Semibold-webfont.woff2

Requested by

Host: bolster.ai
URL: https://bolster.ai/wp-content/themes/bolster/assets/css/fonts.css?t=1678414621980

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d15a6bd0f96369f06aed1411eb2da9a874450957a952f0aec17550aad4496b63

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://bolster.ai/wp-content/themes/bolster/assets/css/fonts.css?t=1678414621980
Origin: https://bolster.ai
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:09 GMT
strict-transport-security: max-age=15552000; preload
cf-cache-status: HIT
last-modified: Thu, 06 Jul 2023 08:08:33 GMT
server: cloudflare
age: 337356
etag: "64a67681-9f89"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 831100974d92bb71-FRA
content-length: 40841

GET
H2 200 fa-solid-900.woff2
pro.fontawesome.com/releases/v5.10.0/webfonts/ 120 KB
120 KB 39ms
30ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.10.0/webfonts/fa-solid-900.woff2
Requested by: Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.10.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d27aa8bf9677cf4ef12acd7b37afc20f1f661d7c163b929ae9caf103b01fce37

Request headers

Referer: https://pro.fontawesome.com/releases/v5.10.0/css/all.css
Origin: https://bolster.ai
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:09 GMT
cf-cache-status: HIT
x-amz-request-id: 7DE3VHWJ5YQ0S5BT
age: 258811
content-length: 123004
x-amz-id-2: /jNNTUOIO9St8gEZcVFATzlI4aqjbEg+ppU4YbXaHJLLNMW++CqPZOeMO3ym1JBK8bNaHuZuvX4=
last-modified: Mon, 28 Jun 2021 16:56:06 GMT
server: cloudflare
etag: "88fd444847dc842d15e229df26571b03"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8311009758c237e6-FRA

GET
H2 200 Graphik-Regular-webfont.woff2
bolster.ai/wp-content/themes/bolster/assets/fonts/ 36 KB
36 KB 27ms
24ms Font
font/woff2 2606:4700:10::6816:42db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/wp-content/themes/bolster/assets/fonts/Graphik-Regular-webfont.woff2

Requested by

Host: bolster.ai
URL: https://bolster.ai/wp-content/themes/bolster/assets/css/fonts.css?t=1678414621980

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e290fd043b2f300fcc6802ce9762f59dc63a4486ba3fa5a5d4491c1bef84677

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://bolster.ai/wp-content/themes/bolster/assets/css/fonts.css?t=1678414621980
Origin: https://bolster.ai
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:09 GMT
strict-transport-security: max-age=15552000; preload
cf-cache-status: HIT
last-modified: Thu, 06 Jul 2023 08:08:32 GMT
server: cloudflare
age: 1934395
etag: "64a67680-8ead"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 831100974d93bb71-FRA
content-length: 36525

GET
H2 200 l.js Show response
client.crisp.chat/ 8 KB
3 KB 52ms
27ms Script
application/javascript 2606:4700:4400::6812:22b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/l.js

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:22b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74d73ce62bf4e55531f706c6d6dcf8c7b95208101207e608d39c3296a6fa8ff4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 70670
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 24 Aug 2023 11:12:52 GMT
server: cloudflare
etag: W/"64e73b34-2023"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: false
vary: Accept-Encoding
cf-ray: 83110097bdfe9b40-FRA
access-control-allow-headers: Content-Type, Origin
expires: Thu, 07 Dec 2023 02:12:09 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 61ms
7ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:09 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230090-FRA

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 68ms
14ms Script
application/x-javascript 104.64.124.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.64.124.188 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-64-124-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Wed, 06 Dec 2023 02:12:09 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H2 200 bizible.js Show response
cdn.bizible.com/scripts/ 67 KB
25 KB 16ms
15ms Script
application/x-javascript 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.bizible.com/scripts/bizible.js?lang=en

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.15.58 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BA7) /

Resource Hash

c0790c2d2916752f04091f3dc2ff8f1fb793bc09c07bf99809706cea80223780

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSub
last-modified: Sun, 03 Dec 2023 10:44:23 GMT
server: ECS (amb/6BA7)
age: 17988
etag: "31e8b6add525da1:0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 25393

GET
H2 200 modules.9a6460d94a753d6764ef.js Show response
script.hotjar.com/ 218 KB
55 KB 32ms
8ms Script
application/javascript 13.32.27.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.9a6460d94a753d6764ef.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2066347.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-54.fra56.r.cloudfront.net

Software

Resource Hash

15123675f1ab5bbd2dd01a31b3296559f3ebe212aec4fbb1604b1340c83ec2d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:42:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 52203
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55401
last-modified: Tue, 05 Dec 2023 11:41:37 GMT
etag: "96ef6b2dd3fa58f5dfaaef19a5968444"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: fHzZUIz7pisg_v47Basm9zQKwJMmwB6gT0U0i0ttrLfnIo-TB1f4yg==

GET
H2 200 wp-emoji-release.min.js Show response
bolster.ai/wp-includes/js/ 18 KB
5 KB 17ms
17ms Script
application/javascript 2606:4700:10::6816:42db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/wp-includes/js/wp-emoji-release.min.js?ver=6.3.2

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 02 Feb 2023 00:53:25 GMT
server: cloudflare
strict-transport-security: max-age=15552000; preload
age: 1334478
etag: W/"63db0985-4904"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 831100983e17bb71-FRA

GET
H2 200 ipv
cdn.bizible.com/ 43 B
303 B 15ms
14ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizible.com/ipv?_biz_r=&_biz_h=-1906410348&_biz_u=8d7bbdb4abbe450cca9b060679b41eea&_biz_l=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&_biz_t=1701828729634&_biz_i=Vast%20Parcel%20Delivery%20Phishing%20Campaign%20Discovered%20%7C%20Bolster&_biz_n=0&rnd=89780&cdn_o=a&_biz_z=1701828729638
Requested by: Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B77) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 02:12:09 GMT
last-modified: Tue, 05 Dec 2023 17:44:10 GMT
server: ECS (amb/6B77)
age: 30479
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
H2 200 u
cdn.bizibly.com/ 43 B
203 B 25ms
14ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizibly.com/u?_biz_u=8d7bbdb4abbe450cca9b060679b41eea&_biz_l=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&_biz_t=1701828729640&_biz_i=Vast%20Parcel%20Delivery%20Phishing%20Campaign%20Discovered%20%7C%20Bolster&rnd=914338&cdn_o=a&_biz_z=1701828729640
Requested by: Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B97) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 02:12:09 GMT
last-modified: Tue, 05 Dec 2023 17:44:16 GMT
server: ECS (amb/6B97)
age: 30473
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
H2 200 vgfx-two.svg Show response
bolster.ai/wp-content/themes/bolster/assets/images/ 25 KB
8 KB 16ms
15ms XHR
image/svg+xml 2606:4700:10::6816:42db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/wp-content/themes/bolster/assets/images/vgfx-two.svg

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c6cd63c2969bb05e6f04ef0a3fc0f8d46e5278b280d48bcbaf61e6a8755f112

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Accept: text/html, */*; q=0.01
Referer: https://bolster.ai/blog/usps-phishing-campaign
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 31 Aug 2023 08:49:57 GMT
server: cloudflare
strict-transport-security: max-age=15552000; preload
age: 337356
etag: W/"64f05435-6382"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 831100986e44bb71-FRA

POST
H2 404 page-view Show response
bolster.ai/api/v1/va/ 93 KB
17 KB 333ms
333ms XHR
text/html 2606:4700:10::6816:42db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/api/v1/va/page-view

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

216c59ae61df5f19a802d52e3a8cafd3905ffa9fef067d25abbcf0eff054a2e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://bolster.ai/blog/usps-phishing-campaign
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 06 Dec 2023 02:12:09 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: WP Engine
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
cf-ray: 831100987e4fbb71-FRA
link: <https://bolster.ai/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 272 KB
89 KB 33ms
32ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZHB4R2SB0J&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W4T3NN7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2d5fc275167056650b064763c7e12b83ff6eaa1f13873984b7c977cb01aadff4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90921
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 06 Dec 2023 02:12:09 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/853909062/ 3 KB
2 KB 63ms
27ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/853909062/?random=1701828729697&cv=11&fst=1701828729697&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831618047&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&hn=www.googleadservices.com&frm=0&tiba=Vast%20Parcel%20Delivery%20Phishing%20Campaign%20Discovered%20%7C%20Bolster&auid=330964655.1701828730&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W4T3NN7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6f0c0db03e50c472c6e8c7b47d522f361a62b5e3c4a9197659abe6aadd79e3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 02:12:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1279
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1 KB
806 B 51ms
6ms Script
application/javascript 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W4T3NN7

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

96271179d44086ad6cfba78c4788e3ac34dac8c8bfd18d2c2226d12d5abd0063

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 04 Dec 2023 13:47:16 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=33098
accept-ranges: bytes
content-length: 596

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 57ms
31ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W4T3NN7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 06 Dec 2023 02:12:09 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D77931AA8BC449E194571E769CE37E6E Ref B: FRAEDGE1916 Ref C: 2023-12-06T02:12:09Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 200 qevents.js Show response
a.quora.com/ 41 KB
14 KB 46ms
15ms Script
text/plain 162.159.153.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.quora.com/qevents.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W4T3NN7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.153.247 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2a101f313f27c267a744088e44664a87d2ec7dc2a3464bf1319a95094dc76db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:09 GMT
x-amz-version-id: DENAuZi5jc6G3XAf0_byr8vJzUcVnf.F
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: SQW7NAVMXQTQ03G5
age: 1977062
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: RJxqPI9akTsEL27egwxozy7RV38C3QGpKE99PaCDc+mp6rx7AxaaOpkck1XY3C1gw3J/aONga1w=
last-modified: Tue, 17 Oct 2023 18:57:21 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:5defc3f1c55a0cb9cbca8c06fbabaf65
etag: W/"5defc3f1c55a0cb9cbca8c06fbabaf65"
vary: Accept-Encoding
content-type: text/plain
cache-control: public, max-age=14400
cf-ray: 83110098d97d3a8b-FRA
expires: Wed, 06 Dec 2023 06:12:09 GMT

GET
H2 204 bnnzuy42qy Show response
www.clarity.ms/tag/ 0
163 B 148ms
112ms Script
text/plain 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/bnnzuy42qy?ref=gtm2
Requested by: Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:09 GMT
x-azure-ref: 20231206T021209Z-nfqnkn5bqx6avdpswcn6r7nmk400000001a0000000009pph
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/2334585c267f4a5a9d4e23ea1a58cbb5/ 43 B
424 B 965ms
103ms Image
image/gif 52.70.219.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.quora.com/_/ad/2334585c267f4a5a9d4e23ea1a58cbb5/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.70.219.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-70-219-197.compute-1.amazonaws.com

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Wed, 06 Dec 2023 02:12:10 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Server: nginx
Connection: keep-alive
Content-Length: 43
X-Q-Stat: ,1edc8c9b505985bcb42bde5d59c76ca9,10.0.0.68,20464,178.162.209.131,,183326324848,1,1701828730.625,0.001,,.,0,0,0.000,0.000,-,0,0,203,200,100,10,34729,,,,,,-,
Content-Type: image/gif

GET
H2 200 6si.min.js Show response
j.6sc.co/ 63 KB
17 KB 143ms
45ms Script
application/javascript 2.17.147.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.185 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-185.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dff292ba95a269db37dbecf8b6aea27cdbbd198c7bcc3760bce16cd40a8eb4f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 02:12:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 29 Nov 2023 18:58:51 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "656789eb-fde9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 17438
expires: Wed, 06 Dec 2023 02:12:09 GMT

GET
H2 200 23477a25a2949410.min.js Show response
tag.demandbase.com/ 74 KB
21 KB 534ms
490ms Script
application/javascript 13.32.27.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.demandbase.com/23477a25a2949410.min.js

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-69.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

5843f9c838c1b6efece847bc6d696ed906c1826782b126ad5db09920b6270105

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: GhPFGpFz7l.JXL97eq4.jcuj9eO70Q.Q
content-encoding: gzip
via: 1.1 2e4a0520ad8fe16707823b20e9441e08.cloudfront.net (CloudFront)
date: Wed, 06 Dec 2023 02:12:11 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
last-modified: Fri, 17 Nov 2023 01:10:01 GMT
server: AmazonS3
etag: W/"2eeeb21ab9bdb7f23148271dd0708471"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-id: Ypv4aOkjTdSMi2TWV0w3kRi-MVE2Y62atsn-4UfJRoshlxoGMPtb8g==

GET
H2 200 client.js Show response
client.crisp.chat/static/javascripts/ 409 KB
102 KB 27ms
25ms Script
application/javascript 2606:4700:4400::6812:22b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/javascripts/client.js?2940d8d

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/l.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:22b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75c8dd961325f7367f1b846efc96e829b6a3ebc03aebd108ad8f631ad28b872a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 60916
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 24 Aug 2023 11:12:52 GMT
server: cloudflare
etag: W/"64e73b34-6650b"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
access-control-allow-credentials: false
vary: Accept-Encoding
cf-ray: 83110098ce7c9b40-FRA
access-control-allow-headers: Content-Type, Origin
expires: Sat, 03 Dec 2033 02:12:09 GMT

GET
H2 200 client_default.css
client.crisp.chat/static/stylesheets/ 355 KB
48 KB 23ms
21ms Stylesheet
text/css 2606:4700:4400::6812:22b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/stylesheets/client_default.css?2940d8d

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/l.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:22b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cc061085907c749f4f81a853ae49a331efe4fcd538da758a65bb855dd1dcd2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 996
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 21 Nov 2023 09:15:39 GMT
server: cloudflare
etag: W/"655c753b-58c0e"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
access-control-allow-credentials: false
vary: Accept-Encoding
cf-ray: 83110098ce7b9b40-FRA
access-control-allow-headers: Content-Type, Origin
expires: Sat, 03 Dec 2033 02:12:09 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ 11 KB
5 KB 16ms
15ms Script
application/x-javascript 104.64.124.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.64.124.188 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-64-124-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Wed, 06 Dec 2023 02:12:09 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Fri, 15 Mar 2024 02:12:09 GMT

GET
H2 200 adsct
t.co/i/ 43 B
378 B 233ms
181ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=f3469c5d-991a-40c6-a3f4-9a052e184a43&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=7f93ba6e-204d-428b-b051-ad8d3f00a64f&tw_document_href=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4co5&type=javascript&version=2.3.29

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-response-time: 165
date: Wed, 06 Dec 2023 02:12:09 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: f582adf33ba28d92
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 4b2295d608027862d1946165ec23186b1f341f021c2a5281a686932f7f3d83d6
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
395 B 261ms
199ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=f3469c5d-991a-40c6-a3f4-9a052e184a43&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=7f93ba6e-204d-428b-b051-ad8d3f00a64f&tw_document_href=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4co5&type=javascript&version=2.3.29

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-response-time: 181
date: Wed, 06 Dec 2023 02:12:09 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 92942c3516bffe3a
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 96a91b4121b0524b774f14bf1a1afdf420a95764466fcb609314d9fd6e1b1738
content-length: 43

GET
H2 200 adsct
t.co/i/ 43 B
204 B 248ms
216ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=86a62ca7-cb9d-40d0-80fc-69eaf175d900&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=7f93ba6e-204d-428b-b051-ad8d3f00a64f&tw_document_href=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4co5&type=javascript&version=2.3.29

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-response-time: 185
date: Wed, 06 Dec 2023 02:12:09 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: c3b60b7c74e7df4f
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 4b2295d608027862d1946165ec23186b1f341f021c2a5281a686932f7f3d83d6
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
215 B 255ms
200ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=86a62ca7-cb9d-40d0-80fc-69eaf175d900&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=7f93ba6e-204d-428b-b051-ad8d3f00a64f&tw_document_href=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4co5&type=javascript&version=2.3.29

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-response-time: 182
date: Wed, 06 Dec 2023 02:12:09 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: d7065ae0471ed988
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 96a91b4121b0524b774f14bf1a1afdf420a95764466fcb609314d9fd6e1b1738
content-length: 43

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 69 KB
25 KB 429ms
399ms Script
application/javascript 2606:4700::6811:579a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hscollectedforms.net/collectedforms.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/24174425.js?integration=WordPress&ver=10.2.16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:579a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ad17c7d661733bbf1cfe9bc6e85033bfed43c87c94cb72ba02f484adf1593c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bolster.ai/
Origin: https://bolster.ai
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:10 GMT
x-amz-version-id: qOShuUL.zI.RMIWwukZE0taADNX_1wuf
via: 1.1 3203c4b5504fa019a752072f0419ef6a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-amz-cf-pop: IAD12-P3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: fa4d0b29-588f-4acc-adbb-d9d24c7c7741
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.444/bundles/project.js&cfRay=831100993e0c2c55-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 5
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: fa4d0b29-588f-4acc-adbb-d9d24c7c7741
last-modified: Mon, 04 Dec 2023 12:10:50 UTC
server: cloudflare
etag: W/"109b7665e389a0b17fbf732bf7a02089"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-b78fbd96d-c7x79
cf-ray: 831100993e0c2c55-FRA
x-amz-cf-id: zkDajpFWISaz1suNMnfFr4va-XCR-LLHpmti9ROFvmEBKjVZuIETXQ==
x-hs-target-asset: collected-forms-embed-js/static-1.444/bundles/project.js

GET
H2 200 24174425.js Show response
js.hs-analytics.net/analytics/1701828600000/ 66 KB
21 KB 178ms
147ms Script
text/javascript 2606:4700::6810:4cba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1701828600000/24174425.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/24174425.js?integration=WordPress&ver=10.2.16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4cba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15ba162b90858156f7be7d037d5577ccbe27720030608c6a6a4054c8994982ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:09 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: Q4SJDZC026XT7TZX
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 6a9f9050-6bc2-4cce-b690-45a9fb39a4f7
x-envoy-upstream-service-time: 18
x-amz-id-2: iSI+IVwU2rX0r/1UJZatOcpTtZbtTMs4iHVBLSDqC1Pte9AuWiz+0FAmXn0YMJklPjjjAqMRSmc=
x-evy-trace-listener: listener_https
x-request-id: 6a9f9050-6bc2-4cce-b690-45a9fb39a4f7
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 15 Nov 2023 18:23:07 GMT
server: cloudflare
etag: W/"f838aa4e87979366523055b644f0ddd6"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-fd6fb8679-smrrp
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 831100995ac01970-FRA
expires: Wed, 06 Dec 2023 02:17:09 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 551 KB
88 KB 213ms
187ms Script
application/javascript 2606:4700::6812:7a0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsleadflows.net/leadflows.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/24174425.js?integration=WordPress&ver=10.2.16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7a0c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a59a536f6a35976c81d050cc1f734740643674e9736ae066f85213a5535e7a0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bolster.ai/
Origin: https://bolster.ai
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1291/bundle/main/lead-flows-release.js&cfRay=83110099daa63625-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"c314aa317d74a89c787c3c4a9d2fd97c"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=86400, max-age=0
x-hs-target-asset: lead-flows-js/static-1.1291/bundle/main/lead-flows-release.js
date: Wed, 06 Dec 2023 02:12:10 GMT
x-amz-version-id: QUNwK0xemzsIqupWMH2b5phjsLRnkTKD
via: 1.1 16df6ade68382d048f8aad1f7e39da28.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 2ba8b68b-9e12-4205-86ea-e94540f4fe59
x-cache: Hit from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 7
x-evy-trace-route-configuration: listener_https/all
x-request-id: 2ba8b68b-9e12-4205-86ea-e94540f4fe59
last-modified: Mon, 04 Dec 2023 12:11:15 UTC
server: cloudflare
access-control-max-age: 3000
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-b78fbd96d-zp5qw
cf-ray: 83110099daa63625-FRA
x-amz-cf-id: 7efUvqutTJF19E25dTu5FwMSckalCf1QdOXNQNKhHbwouDcvqdEDSg==

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/24174425/ 60 KB
19 KB 348ms
323ms Script
text/javascript 2606:4700:4400::ac40:991b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/24174425/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/24174425.js?integration=WordPress&ver=10.2.16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d5497632832a0db2a9a50c25d750e74e9497ba42f40622d5ca66350352bab7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:10 GMT
x-amz-version-id: Tw0fa8tMHUl4CkaNMDToqP.Eu431DYnx
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: ZNX3E2JQPNFSVXWV
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: e129217e-cca0-47b8-aa27-c5c06fc65b4b
x-envoy-upstream-service-time: 40
x-amz-id-2: dJfjGrUAGM5NRqXtMvKRlVg2Wc2RWUqiPJ9Sa2XJfPy24zoAXjktvMxNAMXcrGK8izNxB7203NE=
x-evy-trace-listener: listener_https
x-request-id: e129217e-cca0-47b8-aa27-c5c06fc65b4b
x-evy-trace-route-configuration: listener_https/all
last-modified: Tue, 21 Nov 2023 14:28:24 GMT
server: cloudflare
etag: W/"0e8092b322eada36d088b30941148ca8"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://bolster.ai
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6849bc8697-s9pg8
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 83110099d9e23674-FRA
expires: Wed, 06 Dec 2023 02:17:10 GMT

GET
H2 200 xdc.js Show response
cdn.bizible.com/ 116 B
325 B 133ms
127ms Script
text/javascript 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.bizible.com/xdc.js?_biz_u=8d7bbdb4abbe450cca9b060679b41eea&_biz_h=-1906410348&cdn_o=a&jsVer=4.23.11.30

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.15.58 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BBB) /

Resource Hash

620d5943ad9aea8e971e9ab42845eda0ce8e18150910255814601cbbd7d03018

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSub
server: ECS (amb/6BBB)
etag: 5F3F4425
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
content-length: 217

GET
H2 200 browser-perf.28a8c6b22b3c0474c577.js Show response
script.hotjar.com/ 4 KB
2 KB 9ms
8ms Script
application/javascript 13.32.27.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/browser-perf.28a8c6b22b3c0474c577.js

Requested by

Host: script.hotjar.com
URL: https://script.hotjar.com/modules.9a6460d94a753d6764ef.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-54.fra56.r.cloudfront.net

Software

Resource Hash

f0682c5bcb9a2e1a7a27212c0fcebe713d653ad64e32742d4a4dbea937bb6bb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 10:24:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 2821683
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1589
last-modified: Fri, 03 Nov 2023 10:23:46 GMT
etag: "d065ec1659ab8dbb93042fdf9a225634"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: _-xntpiBVKep9RbzimeedPrCfHHUe0X4MlhnQyUolBmWmRwTiIJb_w==

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 31 KB
12 KB 7ms
7ms Script
application/javascript 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

15838004d5e196b563a00a0ba16ce432fed6deb3dd4fab7122601f2c4f41560a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 04 Dec 2023 13:47:15 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=33024
accept-ranges: bytes
content-length: 12150

POST
H2 204 collect
region1.analytics.google.com/g/ 0
250 B 718ms
19ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-ZHB4R2SB0J&gtm=45je3bt0v885963507z8831618047&_p=1701828729430&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=2083155716.1701828730&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701828729&sct=1&seg=0&dl=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&dt=Vast%20Parcel%20Delivery%20Phishing%20Campaign%20Discovered%20%7C%20Bolster&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2717
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZHB4R2SB0J&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 02:12:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bolster.ai
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
250 B 703ms
19ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ZHB4R2SB0J&cid=2083155716.1701828730&gtm=45je3bt0v885963507z8831618047&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZHB4R2SB0J&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 02:12:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bolster.ai
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 593ms
430ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZHB4R2SB0J&cid=2083155716.1701828730&gtm=45je3bt0v885963507z8831618047&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=2039723157

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 02:12:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/853909062/ 42 B
455 B 326ms
178ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/853909062/?random=1701828729697&cv=11&fst=1701828000000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831618047&u_w=1600&u_h=1200&url=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&frm=0&tiba=Vast%20Parcel%20Delivery%20Phishing%20Campaign%20Discovered%20%7C%20Bolster&fmt=3&is_vtc=1&cid=CAQSGwDICaaNVaUsfpzHkd8B-p6wC_jgqHBLaDtcUg&random=3525043590&rmt_tld=0&ipr=y

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 02:12:10 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/853909062/ 42 B
455 B 285ms
137ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/853909062/?random=1701828729697&cv=11&fst=1701828000000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831618047&u_w=1600&u_h=1200&url=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&frm=0&tiba=Vast%20Parcel%20Delivery%20Phishing%20Campaign%20Discovered%20%7C%20Bolster&fmt=3&is_vtc=1&cid=CAQSGwDICaaNVaUsfpzHkd8B-p6wC_jgqHBLaDtcUg&random=3525043590&rmt_tld=1&ipr=y

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 02:12:10 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK visitWebPage
540-rfh-299.mktoresp.com/webevents/ 2 B
318 B 841ms
114ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://540-rfh-299.mktoresp.com/webevents/visitWebPage?_mchNc=1701828729983&_mchCn=&_mchId=540-RFH-299&_mchTk=_mch-bolster.ai-1701828729982-71208&_mchHo=bolster.ai&_mchPo=&_mchRu=%2Fblog%2Fusps-phishing-campaign&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Wed, 06 Dec 2023 02:12:11 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 4b7c318a-3ac9-4fc1-bd81-b174b1f064a2

GET
H2 204 187021074.js Show response
bat.bing.com/p/action/ 0
116 B 144ms
143ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/187021074.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Wed, 06 Dec 2023 02:12:09 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0F37EA205ADB45F0BBB56AA9EFF7FB0B Ref B: FRAEDGE1916 Ref C: 2023-12-06T02:12:09Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
284 B 139ms
138ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=187021074&tm=gtm002&Ver=2&mid=b7c664e7-8d8e-4c64-9cfe-97bcceca32d3&sid=dcb3772093dc11ee8f300140a57de48e&vid=dcb3ab4093dc11ee92a517e8c4e3fdac&vids=1&msclkid=N&gtm_tag_source=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Vast%20Parcel%20Delivery%20Phishing%20Campaign%20Discovered%20%7C%20Bolster&p=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&r=&lt=2389&evt=pageLoad&sv=1&rn=394272

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 06 Dec 2023 02:12:09 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 22A777E234494555AFD06F3A8CF11CF9 Ref B: FRAEDGE1916 Ref C: 2023-12-06T02:12:10Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
189 B 50ms
48ms XHR
text/html 2.17.147.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.147.185 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-147-185.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:10 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://bolster.ai
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 24 B
313 B 958ms
9ms XHR
text/html 2a02:26f0:7100::210:180
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::210:180 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 6d6b766a86ee59cc94e61ba039af69a6adf0dc75e9eaa15522072d970f5090fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 02:12:10 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://bolster.ai
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2a00:c98:2050:a007:2::10
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1701828730305_34603388_930789236_27_730_228_586_219";dur=1
content-length: 24
expires: Wed, 06 Dec 2023 02:12:10 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 258ms
238ms Image
image/gif 2.17.147.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f259d00ecfb418c19d0dc8d84d4bffe8&svisitor=null&visitor=7725e672-cc2d-4bc4-8cb5-494900fd569f&session=68303cd0-28cf-4e85-89ec-9d69fa3aa77d&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Wed%2C%2006%20Dec%202023%2002%3A12%3A09%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22Recently%20discovered%20phishing%20campaign%2C%20disguised%20as%20a%20parcel%20delivery%20scam%2C%20has%20evolved%20to%20target%20even%20the%20most%20tech-savy.%20Learn%20more.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Vast%20Parcel%20Delivery%20Phishing%20Campaign%20Discovered%20%7C%20Bolster%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&pageViewId=e7346446-fb8a-4d0f-8fd6-3adbef55d6d8&v=1.1.12

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.185 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-185.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:10 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 233ms
229ms Image
image/gif 2.17.147.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f259d00ecfb418c19d0dc8d84d4bffe8&svisitor=null&visitor=7725e672-cc2d-4bc4-8cb5-494900fd569f&session=68303cd0-28cf-4e85-89ec-9d69fa3aa77d&event=ni%3AasyncSettingsAudit&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2006%20Dec%202023%2002%3A12%3A09%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22f259d00ecfb418c19d0dc8d84d4bffe8%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2006%20Dec%202023%2002%3A12%3A09%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2006%20Dec%202023%2002%3A12%3A09%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableRetargeting%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2006%20Dec%202023%2002%3A12%3A09%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22Recently%20discovered%20phishing%20campaign%2C%20disguised%20as%20a%20parcel%20delivery%20scam%2C%20has%20evolved%20to%20target%20even%20the%20most%20tech-savy.%20Learn%20more.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Vast%20Parcel%20Delivery%20Phishing%20Campaign%20Discovered%20%7C%20Bolster%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&pageViewId=e7346446-fb8a-4d0f-8fd6-3adbef55d6d8&v=1.1.12

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.185 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-185.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:10 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H3 200 / Show response
client.crisp.chat/settings/website/cd4537e9-58d0-4421-acde-ece9a1d27cc1/prelude/ 212 B
541 B 86ms
86ms Script
application/javascript 2606:4700:4400::6812:22b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/settings/website/cd4537e9-58d0-4421-acde-ece9a1d27cc1/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&2023-11-6-3-12

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?2940d8d

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:22b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d22584e7ed981a2cccef4f52827565bb11f052535d4bb647a3210957ccd2d6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 06 Dec 2023 02:12:10 GMT
server: cloudflare
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: false
vary: Accept-Encoding
cf-ray: 8311009abc1037c8-FRA
access-control-allow-headers: Content-Type, Origin
expires: Wed, 06 Dec 2023 06:12:10 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2180364&time=1701828730046&url=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2180364&time=1701828730046&url=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2180364%26time%3D1701828730046%26url%3Dhttps%253A%252F%252Fbolster.ai%252Fblog%25...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2180364&time=1701828730046&url=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2180364&time=1701828730046&url=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&cookiesTest=true&liSync=true&e_ipv6=AQJk1rrOQB9FOQAAAYw85...

0
266 B

248ms
181ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2180364&time=1701828730046&url=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&cookiesTest=true&liSync=true&e_ipv6=AQJk1rrOQB9FOQAAAYw85aINJjmLEtKkOvfRwXbcRwbZIXxXhSAjTpsFY_fC79HXSzqpYM-ujRQY7w
Requested by: Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:10 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 8AA0B7A8EE2641F3B9F38A8AC1941E2F Ref B: DUS30EDGE0805 Ref C: 2023-12-06T02:12:11Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYLzeEEzWyug0qIjdOtxg==

Redirect headers

date: Wed, 06 Dec 2023 02:12:10 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 5524FCA37E4D4352A2A9F4CFE489B0CF Ref B: FRAEDGE1907 Ref C: 2023-12-06T02:12:11Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2180364&time=1701828730046&url=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&cookiesTest=true&liSync=true&e_ipv6=AQJk1rrOQB9FOQAAAYw85aINJjmLEtKkOvfRwXbcRwbZIXxXhSAjTpsFY_fC79HXSzqpYM-ujRQY7w
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYLzeEA3HB9W79+hQNK+w==

GET
H2 200 cf-location Show response
js.hs-banner.com/v2/ 2 B
146 B 37ms
17ms Fetch
text/plain 2606:4700:4400::ac40:991b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/cf-location
Requested by: Host: js.hs-banner.com
URL: https://js.hs-banner.com/v2/24174425/banner.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6814ef46f686990cf4e946f966167b0507e1d642c44e51f61bffb0bba2d4672b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: https://bolster.ai
date: Wed, 06 Dec 2023 02:12:10 GMT
server: cloudflare
cf-ray: 8311009d7fc09213-FRA
content-length: 2
vary: Origin, Accept-Encoding
content-type: text/plain;charset=UTF-8

GET
H2 200 sync Show response
s.company-target.com/s/ Frame 0136 634 B
968 B 247ms
98ms Document
text/html 34.96.71.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.company-target.com/s/sync?exc=lr
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/23477a25a2949410.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.71.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.71.96.34.bc.googleusercontent.com
Software: /
Resource Hash: 7c4052781ec5c03a78f737c2c1f0262a29d706c6f78bd64e7333db076d4be474

Request headers

Referer: https://bolster.ai/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-methods: GET,OPTIONS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 634
content-type: text/html; charset=UTF-8
date: Wed, 06 Dec 2023 02:12:10 GMT
via: 1.1 google

GET
H2 451 464526.gif
id.rlcdn.com/ 0
98 B 215ms
21ms Image
text/plain 35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/464526.gif
Requested by: Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:10 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 json Show response
forms.hscollectedforms.net/collected-forms/v1/config/ 116 B
430 B 327ms
325ms XHR
application/json 2606:4700::6811:579a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=24174425&utk=

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:579a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afab1de3356fb47e43fc4bae6ee7aa54f06b131f8a31f16cc4ac79118c74743a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://bolster.ai/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 2655f147-388f-4d16-84c5-c09196535514
x-envoy-upstream-service-time: 13
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 2655f147-388f-4d16-84c5-c09196535514
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://bolster.ai
x-evy-trace-virtual-host: all
cache-control: max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-b78fbd96d-hsvgz
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 8311009de9b52c55-FRA

POST
H2 401 ip.json Show response
api.company-target.com/api/v2/ 12 B
505 B 177ms
60ms XHR
text/plain 18.66.97.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&page_title=Vast%20Parcel%20Delivery%20Phishing%20Campaign%20Discovered%20%7C%20Bolster

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-46.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bolster.ai/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 06 Dec 2023 02:12:10 GMT
via: 1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront)
www-authenticate: DemandBase API v2
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P2
x-cache: Error from cloudfront
request-id: e1204cea-2144-4e67-9a2c-055f9d679afa
content-length: 12
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://bolster.ai
access-control-expose-headers
vary: Origin
access-control-allow-credentials: true
x-amz-cf-id: 5f6cmbFxxC213iBmYLVId0sqoHk1r6jTV1O7nqfm3xFeJI_4ahv51Q==

GET
H2 200 u
cdn.bizible.com/ 43 B
107 B 18ms
17ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizible.com/u?mapType=mkto&mapValue=id%3A540-RFH-299%26token%3A_mch-bolster.ai-1701828729982-71208&_biz_u=8d7bbdb4abbe450cca9b060679b41eea&_biz_l=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&_biz_t=1701828730644&_biz_i=Vast%20Parcel%20Delivery%20Phishing%20Campaign%20Discovered%20%7C%20Bolster&_biz_n=1&rnd=777523&cdn_o=a&_biz_z=1701828730645
Requested by: Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B97) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 02:12:10 GMT
last-modified: Tue, 05 Dec 2023 17:44:16 GMT
server: ECS (amb/6B97)
age: 30474
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 0136
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1717639930&external_user_id=4578c468-18d7-4bcf-b62b-da6adea3a0c6
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1717639930&external_user_id=4578c468-18d7-4bcf-b62b-da6adea3a0c6&C=1

43 B
337 B

27ms
26ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1717639930&external_user_id=4578c468-18d7-4bcf-b62b-da6adea3a0c6&C=1
Requested by: Host: s.company-target.com
URL: https://s.company-target.com/s/sync?exc=lr
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 02:12:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WygEMlo0bgUbtz5v3gFL39kOFgxkkmd%2FM8UgTJWOxOz6Ho%2BbCqJr2ocTLzQUwxsxR2uwBt7Sa0HC6LcRQVQ3F4lKOWIqYAEzmnYHDutq6%2BnGbgc8HWfrGx1tMthz8t4cBpcYZ9UCBqMZTw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 831100a23d6d1cb5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 06 Dec 2023 02:12:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KOlW0BzeaEVTrW7INHsUW%2B%2BJGNsESaPDpUD7upPkHaiAlNh7pT6KqWqvKm36JQ2XiLUV2wrfI%2FZ9%2BZSi9%2F8bNfc3HLcDv1z7Qq7ppDX2SDMoL7dMVF4ldFxJawVedqcZeBnkgKkvOGqJtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=18&expiry=1717639930&external_user_id=4578c468-18d7-4bcf-b62b-da6adea3a0c6&C=1
cache-control: no-cache
cf-ray: 831100a21d5c1cb5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 sync
partners.tremorhub.com/ Frame 0136 43 B
393 B 413ms
100ms Image
image/gif 2600:1f18:612b:4264:a73a:b86c:19e1:1c8b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIDM=4578c468-18d7-4bcf-b62b-da6adea3a0c6
Requested by: Host: s.company-target.com
URL: https://s.company-target.com/s/sync?exc=lr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:a73a:b86c:19e1:1c8b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Wed, 06 Dec 2023 02:12:11 GMT
server: nginx
content-type: image/gif

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 0136 0
239 B 326ms
8ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?nid=5578&put=4578c468-18d7-4bcf-b62b-da6adea3a0c6&v=1181926
Requested by: Host: s.company-target.com
URL: https://s.company-target.com/s/sync?exc=lr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 231ms
229ms Image
image/gif 2.17.147.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f259d00ecfb418c19d0dc8d84d4bffe8&svisitor=null&visitor=7725e672-cc2d-4bc4-8cb5-494900fd569f&session=68303cd0-28cf-4e85-89ec-9d69fa3aa77d&event=ipv6&q=%7B%22address%22%3A%222a00%3Ac98%3A2050%3Aa007%3A2%3A%3A10%22%7D&isIframe=false&m=%7B%22description%22%3A%22Recently%20discovered%20phishing%20campaign%2C%20disguised%20as%20a%20parcel%20delivery%20scam%2C%20has%20evolved%20to%20target%20even%20the%20most%20tech-savy.%20Learn%20more.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Vast%20Parcel%20Delivery%20Phishing%20Campaign%20Discovered%20%7C%20Bolster%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&pageViewId=e7346446-fb8a-4d0f-8fd6-3adbef55d6d8&v=1.1.12

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.185 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-185.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:11 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H3 200 / Show response
client.crisp.chat/settings/website/cd4537e9-58d0-4421-acde-ece9a1d27cc1/ 1 KB
1 KB 81ms
80ms Script
application/javascript 2606:4700:4400::6812:22b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/settings/website/cd4537e9-58d0-4421-acde-ece9a1d27cc1/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&1700915517700

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?2940d8d

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:22b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c75578ffab4599d4d5556304c004482eb29241e114891fe4e6a72c45eddf9d22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: EXPIRED
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 04 Dec 2023 19:45:51 GMT
server: cloudflare
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: false
vary: Accept-Encoding
cf-ray: 831100a0bf4d37c8-FRA
access-control-allow-headers: Content-Type, Origin
expires: Wed, 06 Dec 2023 06:12:11 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 232ms
229ms Image
image/gif 2.17.147.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f259d00ecfb418c19d0dc8d84d4bffe8&svisitor=null&visitor=7725e672-cc2d-4bc4-8cb5-494900fd569f&session=68303cd0-28cf-4e85-89ec-9d69fa3aa77d&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2006%20Dec%202023%2002%3A12%3A11%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2006%20Dec%202023%2002%3A12%3A09%20GMT%22%2C%22timeSpent%22%3A%221005%22%2C%22totalTimeSpent%22%3A%221005%22%7D&isIframe=false&m=%7B%22description%22%3A%22Recently%20discovered%20phishing%20campaign%2C%20disguised%20as%20a%20parcel%20delivery%20scam%2C%20has%20evolved%20to%20target%20even%20the%20most%20tech-savy.%20Learn%20more.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Vast%20Parcel%20Delivery%20Phishing%20Campaign%20Discovered%20%7C%20Bolster%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&pageViewId=e7346446-fb8a-4d0f-8fd6-3adbef55d6d8&v=1.1.12

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.185 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-185.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:11 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H3 200 en.js Show response
client.crisp.chat/static/javascripts/locales/ 7 KB
3 KB 16ms
16ms Script
application/javascript 2606:4700:4400::6812:22b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/javascripts/locales/en.js?2940d8d

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?2940d8d

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:22b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7ac26cc635252b12278db01f4616403bd626ed7823fcf5e52576eeeff3b3548

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 74204
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 08 Aug 2023 12:01:16 GMT
server: cloudflare
etag: W/"64d22e8c-1c36"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
access-control-allow-credentials: false
vary: Accept-Encoding
cf-ray: 831100a1f84037c8-FRA
access-control-allow-headers: Content-Type, Origin
expires: Sat, 03 Dec 2033 02:12:11 GMT

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
191 B 262ms
186ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://bolster.ai/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 06 Dec 2023 02:12:11 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: E741791EEA9A4DC0A1E7080EA6858DE7 Ref B: FRAEDGE1907 Ref C: 2023-12-06T02:12:11Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
access-control-allow-origin: https://bolster.ai
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYLzeEIrw/bZKO7MXhEAQ==

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 428ms
120ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=881765916&v=1.1&a=24174425&ct=blog-post&rcu=https%3A%2F%2Fbolster.ai%2F&pu=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&t=Vast+Parcel+Delivery+Phishing+Campaign+Discovered+%7C+Bolster&cts=1701828731771&vi=63f25dd594cc30594e672b398578d243&nc=true&u=216000520.63f25dd594cc30594e672b398578d243.1701828731767.1701828731767.1701828731767.1&b=216000520.1.1701828731767&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 40bd9a9c-403b-4a4e-bac4-17a46b53af72
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 4
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 40bd9a9c-403b-4a4e-bac4-17a46b53af72
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SvKAnCXOa5wsqd4s%2BIPWZYGT5rKhX4r4yrMMORQrllts2%2BbzVEewT7X7ni3DPMrNRcjcMA4tbbnDxTlq6QhNIZYnUbe%2FR7By%2BxpeZFdLoS9cZiAk4f3obeP6SuqnDYlkWRwRutrT%2FGEaWHg2CQTn"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-7556df69f8-btqjb
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 831100a78bf34d54-FRA
x-robots-tag: none

GET
H2 404 vgfx.svg Show response
bolster.ai/assets/images/ 548 B
259 B 803ms
756ms XHR
text/html 2606:4700:10::6816:42db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/assets/images/vgfx.svg

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:42db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Accept: text/html, */*; q=0.01
Referer: https://bolster.ai/blog/usps-phishing-campaign
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:12 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: gzip
cf-cache-status: EXPIRED
server: cloudflare
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/html
cache-control: max-age=31536000
cf-ray: 831100a5ed67bb71-FRA

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 178 B
1 KB 538ms
101ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=24174425&utk=63f25dd594cc30594e672b398578d243&__hstc=216000520.63f25dd594cc30594e672b398578d243.1701828731767.1701828731767.1701828731767.1&__hssc=216000520.1.1701828731767&currentUrl=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9839485195a116ecec5608365dd07bfcee571fbe1d363530a90d5d74bb19e01f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 6af1dd7a-06d4-45fb-8c71-ed0ba4d58565
content-encoding: br
x-envoy-upstream-service-time: 21
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 6af1dd7a-06d4-45fb-8c71-ed0ba4d58565
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://bolster.ai
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QxzFD4uc7r%2BcYq3aknZwR0PGCML4arPVoOzjXtbjyzG56ZtnoQQISA3w3iW0Mx2c6Lz9Ncz%2F8Yux9VU7iW9gpMstDVVdYP9%2F4rWALVQqa5Yz3OQaDOXZ3%2F%2FrezIag4v8sGSqK0y9B4rzYnFXRaYt"}],"group":"cf-nel","max_age":604800}
x-robots-tag: none
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 831100a89f634d49-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-fc678f645-2vdxr

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 297ms
221ms Image
image/gif 2.17.147.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f259d00ecfb418c19d0dc8d84d4bffe8&svisitor=null&visitor=7725e672-cc2d-4bc4-8cb5-494900fd569f&session=68303cd0-28cf-4e85-89ec-9d69fa3aa77d&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2006%20Dec%202023%2002%3A12%3A12%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2006%20Dec%202023%2002%3A12%3A11%20GMT%22%2C%22timeSpent%22%3A%221003%22%2C%22totalTimeSpent%22%3A%222008%22%7D&isIframe=false&m=%7B%22description%22%3A%22Recently%20discovered%20phishing%20campaign%2C%20disguised%20as%20a%20parcel%20delivery%20scam%2C%20has%20evolved%20to%20target%20even%20the%20most%20tech-savy.%20Learn%20more.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Vast%20Parcel%20Delivery%20Phishing%20Campaign%20Discovered%20%7C%20Bolster%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&pageViewId=e7346446-fb8a-4d0f-8fd6-3adbef55d6d8&v=1.1.12

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.185 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-185.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:12 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 229ms
229ms Image
image/gif 2.17.147.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f259d00ecfb418c19d0dc8d84d4bffe8&svisitor=null&visitor=7725e672-cc2d-4bc4-8cb5-494900fd569f&session=68303cd0-28cf-4e85-89ec-9d69fa3aa77d&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2006%20Dec%202023%2002%3A12%3A13%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2006%20Dec%202023%2002%3A12%3A12%20GMT%22%2C%22timeSpent%22%3A%221007%22%2C%22totalTimeSpent%22%3A%223015%22%7D&isIframe=false&m=%7B%22description%22%3A%22Recently%20discovered%20phishing%20campaign%2C%20disguised%20as%20a%20parcel%20delivery%20scam%2C%20has%20evolved%20to%20target%20even%20the%20most%20tech-savy.%20Learn%20more.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Vast%20Parcel%20Delivery%20Phishing%20Campaign%20Discovered%20%7C%20Bolster%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&pageViewId=e7346446-fb8a-4d0f-8fd6-3adbef55d6d8&v=1.1.12

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.185 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-185.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:13 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 230ms
229ms Image
image/gif 2.17.147.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f259d00ecfb418c19d0dc8d84d4bffe8&svisitor=null&visitor=7725e672-cc2d-4bc4-8cb5-494900fd569f&session=68303cd0-28cf-4e85-89ec-9d69fa3aa77d&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2006%20Dec%202023%2002%3A12%3A14%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2006%20Dec%202023%2002%3A12%3A13%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%224017%22%7D&isIframe=false&m=%7B%22description%22%3A%22Recently%20discovered%20phishing%20campaign%2C%20disguised%20as%20a%20parcel%20delivery%20scam%2C%20has%20evolved%20to%20target%20even%20the%20most%20tech-savy.%20Learn%20more.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Vast%20Parcel%20Delivery%20Phishing%20Campaign%20Discovered%20%7C%20Bolster%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&pageViewId=e7346446-fb8a-4d0f-8fd6-3adbef55d6d8&v=1.1.12

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.185 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-185.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:14 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 231ms
230ms Image
image/gif 2.17.147.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f259d00ecfb418c19d0dc8d84d4bffe8&svisitor=null&visitor=7725e672-cc2d-4bc4-8cb5-494900fd569f&session=68303cd0-28cf-4e85-89ec-9d69fa3aa77d&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2006%20Dec%202023%2002%3A12%3A15%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2006%20Dec%202023%2002%3A12%3A14%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%225018%22%7D&isIframe=false&m=%7B%22description%22%3A%22Recently%20discovered%20phishing%20campaign%2C%20disguised%20as%20a%20parcel%20delivery%20scam%2C%20has%20evolved%20to%20target%20even%20the%20most%20tech-savy.%20Learn%20more.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Vast%20Parcel%20Delivery%20Phishing%20Campaign%20Discovered%20%7C%20Bolster%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&pageViewId=e7346446-fb8a-4d0f-8fd6-3adbef55d6d8&v=1.1.12

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.185 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-185.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:15 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 230ms
229ms Image
image/gif 2.17.147.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f259d00ecfb418c19d0dc8d84d4bffe8&svisitor=null&visitor=7725e672-cc2d-4bc4-8cb5-494900fd569f&session=68303cd0-28cf-4e85-89ec-9d69fa3aa77d&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2006%20Dec%202023%2002%3A12%3A16%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2006%20Dec%202023%2002%3A12%3A15%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%226019%22%7D&isIframe=false&m=%7B%22description%22%3A%22Recently%20discovered%20phishing%20campaign%2C%20disguised%20as%20a%20parcel%20delivery%20scam%2C%20has%20evolved%20to%20target%20even%20the%20most%20tech-savy.%20Learn%20more.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Vast%20Parcel%20Delivery%20Phishing%20Campaign%20Discovered%20%7C%20Bolster%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&pageViewId=e7346446-fb8a-4d0f-8fd6-3adbef55d6d8&v=1.1.12

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.185 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-185.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:12:16 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

Verdicts & Comments Add Verdict or Comment

115 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

49 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
bolster.ai/blog	1969-12-31 23:59:59	Name: bid Value: ba809dbabe60a07fbb11320c545786ab
.bolster.ai/	1970-01-21 01:29:24	Name: _biz_uid Value: 8d7bbdb4abbe450cca9b060679b41eea
.bizible.com/	1970-01-21 01:29:24	Name: _BUID Value: 8d7bbdb4abbe450cca9b060679b41eea
.bizibly.com/	1970-01-21 01:29:24	Name: _BUID Value: 05dff658998e79488d3c893c2bc2da2e
.bolster.ai/	1970-01-20 18:53:24	Name: _gcl_au Value: 1.1.330964655.1701828730
.ws.zoominfo.com/	1970-01-21 01:29:24	Name: visitorId Value: 3d1146298201053a555db1ec77ac06d8f8771d73b08d4efa5c4ba49d23381f29
.zoominfo.com/	1970-01-20 16:43:50	Name: __cf_bm Value: X3gHi4oPI4hbTWTRhxPcskApkM4krXqTGOM8QKOTrAo-1701828729-0-AfyHDOdZMm/e8NraaNcl7Pb1t+uCN0pAauo3UitodTGal93oAxaY6M5YzzmdIFnKjncAr8cZljnmrcWBzNqwGiE=
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: qMsT.XaMY_Er8o55tjJvHigSBrGF.dv3ciR7xgmx0z0-1701828729686-0-604800000
.doubleclick.net/	1970-01-20 16:43:49	Name: test_cookie Value: CheckForPermission
.bolster.ai/	1970-01-21 01:29:24	Name: _hjSessionUser_2066347 Value: eyJpZCI6ImQ2NjFmY2Q5LTUyMDktNWY1ZC1hYjdhLWU3Y2M2MzNiOGM4NyIsImNyZWF0ZWQiOjE3MDE4Mjg3Mjk4ODEsImV4aXN0aW5nIjpmYWxzZX0=
.bolster.ai/	1970-01-20 16:43:50	Name: _hjFirstSeen Value: 1
.bolster.ai/	1970-01-20 16:43:50	Name: _hjIncludedInSessionSample_2066347 Value: 0
.bolster.ai/	1970-01-20 16:43:50	Name: _hjSession_2066347 Value: eyJpZCI6IjEzZTUxNWRhLTIyMDMtNDY5MS1hMmMzLTA3MWZmMzhiMWJjNiIsImNyZWF0ZWQiOjE3MDE4Mjg3Mjk4ODIsImluU2FtcGxlIjpmYWxzZSwic2Vzc2lvbml6ZXJCZXRhRW5hYmxlZCI6ZmFsc2V9
.bolster.ai/	1970-01-20 16:43:50	Name: _hjAbsoluteSessionInProgress Value: 0
.bolster.ai/	1970-01-21 02:19:48	Name: _ga_ZHB4R2SB0J Value: GS1.1.1701828729.1.0.1701828729.60.0.0
.bolster.ai/	1970-01-21 02:19:48	Name: _ga Value: GA1.1.2083155716.1701828730
.bolster.ai/	1970-01-21 02:19:48	Name: _mkto_trk Value: id:540-RFH-299&token:_mch-bolster.ai-1701828729982-71208
.bolster.ai/	1970-01-20 16:45:15	Name: _uetsid Value: dcb3772093dc11ee8f300140a57de48e
.bolster.ai/	1970-01-21 02:05:24	Name: _uetvid Value: dcb3ab4093dc11ee92a517e8c4e3fdac
bolster.ai/	1970-01-21 02:19:48	Name: _gd_visitor Value: 7725e672-cc2d-4bc4-8cb5-494900fd569f
bolster.ai/	1970-01-20 16:44:03	Name: _gd_session Value: 68303cd0-28cf-4e85-89ec-9d69fa3aa77d
.t.co/	1970-01-21 02:19:48	Name: muc_ads Value: 6c2bd51f-29e0-4e06-a498-3323843d2072
.twitter.com/	1970-01-21 02:19:48	Name: personalization_id Value: "v1_91UGJH3WhbP4VfCs8EsgZA=="
.bing.com/	1970-01-21 02:05:24	Name: MUID Value: 2CC069CCF9586D7911077A13F8586C29
.6sc.co/	1970-01-21 02:19:48	Name: 6suuid Value: b5931102e35532007ad86f65bd01000074e23801
.bolster.ai/	1970-01-21 01:29:24	Name: _biz_nA Value: 2
.bolster.ai/	1970-01-21 01:29:24	Name: _biz_flagsA Value: %7B%22Version%22%3A1%2C%22ViewThrough%22%3A%221%22%2C%22XDomain%22%3A%221%22%2C%22Mkto%22%3A%221%22%7D
.bolster.ai/	1970-01-21 01:29:24	Name: _biz_pendingA Value: %5B%5D
.linkedin.com/	1970-01-20 18:53:24	Name: li_sugr Value: 7e0194de-4c27-4296-a404-d2d404f813d8
.linkedin.com/	1970-01-21 01:29:24	Name: bcookie Value: "v=2&1102bf54-1d26-44bb-88d9-82ee593cd75b"
.linkedin.com/	1970-01-20 16:45:15	Name: lidc Value: "b=OGST07:s=O:r=O:a=O:p=O:g=2702:u=1:x=1:i=1701828730:t=1701915130:v=2:sig=AQE-QxFRq0sH2orZjMN8TSGy-7MhOc7o"
.company-target.com/	1970-01-21 02:19:48	Name: tuuid Value: 4578c468-18d7-4bcf-b62b-da6adea3a0c6
.company-target.com/	1970-01-21 02:19:48	Name: tuuid_lu Value: 1701828730\|ix:0\|mctv:0\|rp:0
.bolster.ai/	1970-01-20 21:06:36	Name: crisp-client%2Fsession%2Fcd4537e9-58d0-4421-acde-ece9a1d27cc1 Value: session_fd5f211c-0d5c-4132-b867-2c5422c026cb
.linkedin.com/	1970-01-20 17:27:00	Name: UserMatchHistory Value: AQJGwtd54_9RJQAAAYw85aCVZV5EfRpj3RXqQu7bn79RKf2jyEfXmRcKatyZ3VtE9JdBt-RIuTfFIQ
.linkedin.com/	1970-01-20 17:27:00	Name: AnalyticsSyncHistory Value: AQLSezHvZdlDUwAAAYw85aCWPZAyeoAYX4DuIwJ8ECT57g05fkjoeLrkfPPrdpCbeL-JGMjQnunP-VSq_-8q9A
.casalemedia.com/	1970-01-21 01:29:24	Name: CMID Value: ZW-Ye7YUZLE0JLlejbHkzwAA
.casalemedia.com/	1970-01-20 18:53:24	Name: CMPS Value: 3179
.casalemedia.com/	1970-01-20 18:53:24	Name: CMPRO Value: 3179
.www.linkedin.com/	1970-01-21 01:29:24	Name: bscookie Value: "v=1&202312060212118f41910e-e3a4-43a4-8ea2-c97f1d3a8765AQESdCZ-GduY20Nk5ohV5PEMCG2_MeT6"
.linkedin.com/	1970-01-20 21:03:00	Name: li_gc Value: MTswOzE3MDE4Mjg3MzE7MjswMjFOVu+iZzMLOd8GoiCNyMTtLh8LMIbcvcwYXmpa7UVyWg==
.tremorhub.com/	1970-01-21 01:29:45	Name: tvid Value: 886281117c4946d99357c6fc377a6012
.tremorhub.com/	1970-01-21 02:19:48	Name: tv_UIDM Value: 4578c468-18d7-4bcf-b62b-da6adea3a0c6
.bolster.ai/	1970-01-20 21:03:00	Name: __hstc Value: 216000520.63f25dd594cc30594e672b398578d243.1701828731767.1701828731767.1701828731767.1
.bolster.ai/	1970-01-20 21:03:00	Name: hubspotutk Value: 63f25dd594cc30594e672b398578d243
.bolster.ai/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.bolster.ai/	1970-01-20 16:43:50	Name: __hssc Value: 216000520.1.1701828731767
.hubspot.com/	1970-01-20 16:43:50	Name: __cf_bm Value: VQj.6dxMyS4NSmp4hvri8nTwUh_kRU.5C5SP.7FEPK8-1701828732-0-Aey4F737FfbHyQC3yX5ZOOpcFfQKSVWyaUEsaye03uj40J57uPZ8AENAJL9sNC+jL04XYFgbdMqsTnUO9XY3m+0=
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: lsScZbKJaoS7DYCw6nkgABTBqGDMYsf0chfmfMeoDeE-1701828732203-0-604800000

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://bolster.ai/wp-content/themes/bolster/assets/js/responsive-embeds.js?ver=6.3.2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://bolster.ai/api/v1/va/page-view Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://bolster.ai/wp-content/themes/bolster/assets/css/print.css?ver=6.3.2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://id.rlcdn.com/464526.gif Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&page_title=Vast%20Parcel%20Delivery%20Phishing%20Campaign%20Discovered%20%7C%20Bolster Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://bolster.ai/assets/images/vgfx.svg Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

540-rfh-299.mktoresp.com
a.quora.com
analytics.twitter.com
api.company-target.com
app.secureprivacy.ai
b.6sc.co
bat.bing.com
bolster.ai
c.6sc.co
cdn.bizible.com
cdn.bizibly.com
cdnjs.cloudflare.com
client.crisp.chat
dsum-sec.casalemedia.com
forms.hscollectedforms.net
forms.hubspot.com
googleads.g.doubleclick.net
id.rlcdn.com
ipv6.6sc.co
j.6sc.co
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscollectedforms.net
js.hsleadflows.net
munchkin.marketo.net
partners.tremorhub.com
pixel.rubiconproject.com
pro.fontawesome.com
px.ads.linkedin.com
px4.ads.linkedin.com
q.quora.com
region1.analytics.google.com
s.company-target.com
script.hotjar.com
snap.licdn.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
t.co
tag.demandbase.com
track.hubspot.com
unpkg.com
vjs.zencdn.net
ws.zoominfo.com
www.clarity.ms
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
104.244.42.197
104.244.42.67
104.26.2.32
104.64.124.188
13.107.42.14
13.32.27.54
13.32.27.69
146.75.116.157
152.195.15.58
162.159.153.247
172.64.151.101
18.66.97.10
18.66.97.46
192.28.144.124
2.17.147.185
216.239.32.36
2600:1f18:612b:4264:a73a:b86c:19e1:1c8b
2606:4700:10::6816:42db
2606:4700:4400::6812:22b5
2606:4700:4400::ac40:93bc
2606:4700:4400::ac40:991b
2606:4700::6810:4cba
2606:4700::6810:7eaf
2606:4700::6810:890f
2606:4700::6810:bd59
2606:4700::6811:190e
2606:4700::6811:579a
2606:4700::6812:7a0c
2606:4700::6813:9a53
2620:1ec:21::14
2620:1ec:bdf::45
2620:1ec:c11::200
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:812::2008
2a00:1450:4001:829::2002
2a00:1450:400c:c00::9d
2a02:26f0:3500:16::215:149b
2a02:26f0:7100::210:180
2a04:4e42:400::729
34.96.71.22
35.244.174.68
52.70.219.197
69.173.144.138
001acb0598d2959f23d095f40bfbfc6ee00f380ae3cf24b1fb8646699ae260d3
03a811b7e81f930c938141ba6c0a439f59acfe1a3c4a6768b7901741a32b459e
0ad17c7d661733bbf1cfe9bc6e85033bfed43c87c94cb72ba02f484adf1593c0
1113cf2f526dabe790e97946546078167c948cfbb78f677d420adc12e91995f3
15123675f1ab5bbd2dd01a31b3296559f3ebe212aec4fbb1604b1340c83ec2d8
155044aeeaea2b8d35efc40af273259a893d6c271eb4439e50432f3ddbb99aae
15838004d5e196b563a00a0ba16ce432fed6deb3dd4fab7122601f2c4f41560a
15ba162b90858156f7be7d037d5577ccbe27720030608c6a6a4054c8994982ca
18bef914d9394fb470b7faa0402881527df938cf2add1e526a8d901e3f656bf5
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
1aaa7602e78447a2988a91b391264442802b8b43c3c15ac7023c28b373524db2
1f98016af7863e9375dc797ad3f658094061862855d5b35f8a2eb4ad42c1dc55
208205bdec1ba25e00bb82dd733447e7092f96f45427a51499ca8b348a514ca5
216c59ae61df5f19a802d52e3a8cafd3905ffa9fef067d25abbcf0eff054a2e1
2af905d92cfd34b5413126a54f639da408166cbbcb54318e413ad5e10b5bf6ec
2cc061085907c749f4f81a853ae49a331efe4fcd538da758a65bb855dd1dcd2d
2d5fc275167056650b064763c7e12b83ff6eaa1f13873984b7c977cb01aadff4
2eea5733fb3b170b73649dafc71af3d0a760e4e220f1d9a0f13dd26a08c457b4
3c2ce731a0fb36e28c1cc50b12c121c81ae56fbaef0a109c516f3de4e67eb0b8
3e290fd043b2f300fcc6802ce9762f59dc63a4486ba3fa5a5d4491c1bef84677
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4a96f0d2fb3c5ebaadfb44016f4fac7f2f2da1052f619ecb262647753361fb60
4c6cd63c2969bb05e6f04ef0a3fc0f8d46e5278b280d48bcbaf61e6a8755f112
4d22584e7ed981a2cccef4f52827565bb11f052535d4bb647a3210957ccd2d6d
4eb64fef9cc9f636740ce1142a5dd7682ee88f51ed6ea3509b081d14939547df
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
552bdb67c124807fd4a78a9af1bf8675b32e8c2a5b15fe04ab52504c64d39146
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5843f9c838c1b6efece847bc6d696ed906c1826782b126ad5db09920b6270105
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
620d5943ad9aea8e971e9ab42845eda0ce8e18150910255814601cbbd7d03018
66f1cdfbf890e2d5e08c3ceaafa41ac0a1296ce1b057b89db0ad5f22e733ed3b
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
6814ef46f686990cf4e946f966167b0507e1d642c44e51f61bffb0bba2d4672b
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
6d6b766a86ee59cc94e61ba039af69a6adf0dc75e9eaa15522072d970f5090fd
74d73ce62bf4e55531f706c6d6dcf8c7b95208101207e608d39c3296a6fa8ff4
75ba0e9c35e2379a79f86786534917bff2df3f6341ffd026b71a055112b2badb
75c8dd961325f7367f1b846efc96e829b6a3ebc03aebd108ad8f631ad28b872a
76c5fcfd56fbe17b960c6c790cdeb40565fdb31a0b959a9c770f85554606d10c
782ae98c072f0e0e45013aa1b0444d0d8e3f6c3c9c1e237c215e93efebc26886
7c4052781ec5c03a78f737c2c1f0262a29d706c6f78bd64e7333db076d4be474
7e5fe921affab5fc16bb76cb0138677bc52dc4abe1257ecfcae99bf225f09b01
7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1
82579c118595edaf3938bd630ff491419d33e0b52c907fa3f9f61f4a05f0451a
829810d625bfa081a203d32317d65b3cffefcb4854baf822e95120dd8daeb911
8c660e0b2d031b0efa6f5c892800da2d4f8555550eb929c66223bbb52a024f19
8d5497632832a0db2a9a50c25d750e74e9497ba42f40622d5ca66350352bab7b
96271179d44086ad6cfba78c4788e3ac34dac8c8bfd18d2c2226d12d5abd0063
96b09dd52b1b7c1561e3a0cbe37396a4f9000c483e46ba02d0b2ef901003d9a1
9839485195a116ecec5608365dd07bfcee571fbe1d363530a90d5d74bb19e01f
9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a19d40a21176824d532a82ca48b559517a7a2a7be01d80ae8ee1e2aee5a94031
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
a59a536f6a35976c81d050cc1f734740643674e9736ae066f85213a5535e7a0a
a76b1e17e889d7e6a493b7348283138763a7cc525e318a6514a44b4df8970328
ac2dd4848e29d55d9d05965e66295266f840fde1e7e5c625b8056ed5e17ed515
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae76d384435e2a9c9b328827d7c0527d27541437f0387551a12225488bcb78db
af8545de3876815292506711e1369bff9dfe57ec7e04c45c3e1bdac48a11f3b2
afab1de3356fb47e43fc4bae6ee7aa54f06b131f8a31f16cc4ac79118c74743a
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b627a031966227afe6a97cf9188c9f8c2cb852336a0231566655b5c9de84b482
b7ac26cc635252b12278db01f4616403bd626ed7823fcf5e52576eeeff3b3548
b98b576cf86540a5ce760ea71801cf6ba087b7f1d6e92c09a3a4e849daf3bc3f
c0790c2d2916752f04091f3dc2ff8f1fb793bc09c07bf99809706cea80223780
c2a101f313f27c267a744088e44664a87d2ec7dc2a3464bf1319a95094dc76db
c3977a57ffee5f9602acb2256a493b055b0fbe0c683c5544573bb7e81473be89
c4efdd29b2f63cac6ca076e38260e5296db1f53ddcdf04af3a7446f38e2bf275
c5370a5f05408ac6c35354c362f4ac427f28438f4c4431c8f4f6555775073d62
c75578ffab4599d4d5556304c004482eb29241e114891fe4e6a72c45eddf9d22
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
d15a6bd0f96369f06aed1411eb2da9a874450957a952f0aec17550aad4496b63
d27aa8bf9677cf4ef12acd7b37afc20f1f661d7c163b929ae9caf103b01fce37
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d6f0c0db03e50c472c6e8c7b47d522f361a62b5e3c4a9197659abe6aadd79e3f
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dff292ba95a269db37dbecf8b6aea27cdbbd198c7bcc3760bce16cd40a8eb4f7
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e2d4b7ac2cf724a064d15a4379ccca7a81c346dcb143f279d83a0e99f9563cc7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e655517e7fbdca05e234e076d682568be673643e5bdc7fbb12f5ad23a5cb487d
e97b650032c4807fe8534ae690b1cf062a9c17f48792d34156875c4ccf296ccd
eeda6f6208cf7226321ea4ff61ec9b93fde032d5dd25cff49a4941fbca6b2816
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0682c5bcb9a2e1a7a27212c0fcebe713d653ad64e32742d4a4dbea937bb6bb7
f27902b2b9390fb8b4b9b4239b762bc52fb4e6e2098d3dfecc1fdb37c9431b8f
f88b2e2275b3f0cae0a176e1d249ae53f39bced3d6b5b1422419ac8b54d03217
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

bolster.ai Open in urlscan Pro 2606:4700:10::6816:42db Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

125 Requests

98 %HTTPS

55 %IPv6

38 Domains

50 Subdomains

45 IPs

5 Countries

2779 kBTransfer

6663 kBSize

49 Cookies

22 Outgoing links

Redirected requests

125 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bolster.ai Open in urlscan Pro
2606:4700:10::6816:42db Public Scan

Screenshot
Live screenshot

Full Image

125
Requests

98 %
HTTPS

55 %
IPv6

38
Domains

50
Subdomains

45
IPs

5
Countries

2779 kB
Transfer

6663 kB
Size

49
Cookies

125 HTTP transactions
0 data transactions