cofense.com Open in urlscan Pro
141.193.213.20 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.co/ne4n9AEAfH?twclid=26xzi0j9ozt3w1adoo6y0jdimn
Effective URL:
https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/
Submission: On June 13 via api (June 13th 2023, 12:42:39 am UTC) from SG — Scanned from SG

Summary HTTP 155 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 37 IPs in 5 countries across 31 domains to perform 155 HTTP transactions. The main IP is 141.193.213.20, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is cofense.com. The Cisco Umbrella rank of the primary domain is 807048.
TLS certificate: Issued by R3 on May 5th 2023. Valid for: 3 months.

This is the only time cofense.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1 1	67.199.248.10 67.199.248.10	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
8	141.193.213.20 141.193.213.20	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	2404:6800:401... 2404:6800:4017:802::200a	15169 (GOOGLE) (GOOGLE)
80	2400:52e0:150... 2400:52e0:1500::868:1	200325 (BUNNYCDN) (BUNNYCDN)
6	2606:4700::68... 2606:4700::6812:1005	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:1413:1::... 2600:1413:1::17d3:8c60	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2404:6800:400... 2404:6800:4003:c02::61	15169 (GOOGLE) (GOOGLE)
1	2404:6800:401... 2404:6800:4017:803::2003	15169 (GOOGLE) (GOOGLE)
10	96.17.96.30 96.17.96.30	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:1413:1::... 2600:1413:1::17d3:8c70	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.206.79.35 52.206.79.35	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6810:650c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.50.91.74 23.50.91.74	16625 (AKAMAI-AS) (AKAMAI-AS)
1	108.138.189.68 108.138.189.68	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:d9f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:1ec:bdf::59 2620:1ec:bdf::59	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	199.232.46.109 199.232.46.109	54113 (FASTLY) (FASTLY)
2	2404:6800:401... 2404:6800:4017:805::200e	15169 (GOOGLE) (GOOGLE)
2	34.111.208.231 34.111.208.231	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:20c... 2600:9000:20c7:6200:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2001:4860:480... 2001:4860:4802:32::181	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4003:c01::9a	15169 (GOOGLE) (GOOGLE)
2	2404:6800:401... 2404:6800:4017:804::2003	15169 (GOOGLE) (GOOGLE)
1	103.43.90.117 103.43.90.117	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2600:1413:1::... 2600:1413:1::1734:abe3	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
1	2404:6800:401... 2404:6800:4017:803::2004	15169 (GOOGLE) (GOOGLE)
2	18.180.44.215 18.180.44.215	16509 (AMAZON-02) (AMAZON-02)
3	23.96.124.68 23.96.124.68	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.20.195.32 52.20.195.32	14618 (AMAZON-AES) (AMAZON-AES)
1 2	20.205.115.81 20.205.115.81	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	34.196.185.66 34.196.185.66	14618 (AMAZON-AES) (AMAZON-AES)
3	2606:4700::68... 2606:4700::6812:1105	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.188.42.15 35.188.42.15	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.217.134.50 52.217.134.50	() ()
155	37

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.199.248.10 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 141.193.213.20 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

cofense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4017:802::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

80 2400:52e0:1500::868:1 (Singapore)

ASN200325 (BUNNYCDN, SI)

ep67mn3zn7v.exactdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:1005 (United States)

ASN13335 (CLOUDFLARENET, US)

js.qualified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.qualified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1413:1::17d3:8c60 (Singapore)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c02::61 (Singapore)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4017:803::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 96.17.96.30 (Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a96-17-96-30.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1413:1::17d3:8c70 (Singapore)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.206.79.35 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-79-35.compute-1.amazonaws.com

lltrck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:650c (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.50.91.74 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-50-91-74.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.189.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-189-68.mxp64.r.cloudfront.net

static.oktopost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:d9f (United States)

ASN13335 (CLOUDFLARENET, US)

trk.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::59 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.46.109 (Singapore)

ASN54113 (FASTLY, US)

extend.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4017:805::200e (Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.208.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.208.111.34.bc.googleusercontent.com

ibc-flow.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20c7:6200:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c01::9a (Singapore)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4017:804::2003 (Australia)

ASN15169 (GOOGLE, US)

www.google.com.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.43.90.117 (Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1413:1::1734:abe3 (Singapore)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

404-jhu-612.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4017:803::2004 (Australia)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.180.44.215 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-180-44-215.ap-northeast-1.compute.amazonaws.com

epsilon.6sense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.96.124.68 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

s.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.20.195.32 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-195-32.compute-1.amazonaws.com

okt.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.205.115.81 (Central, Hong Kong) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.196.185.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-185-66.compute-1.amazonaws.com

app.qualified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:1105 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.qualified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.188.42.15 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 15.42.188.35.bc.googleusercontent.com

sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.134.50 (None, )

ASN- ()

qualified-production.s3.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
80	exactdn.com ep67mn3zn7v.exactdn.com	650 KB
12	6sc.co j.6sc.co — Cisco Umbrella Rank: 6413 c.6sc.co — Cisco Umbrella Rank: 9558 ipv6.6sc.co — Cisco Umbrella Rank: 6651 b.6sc.co — Cisco Umbrella Rank: 4271	15 KB
10	qualified.com js.qualified.com — Cisco Umbrella Rank: 25322 app.qualified.com — Cisco Umbrella Rank: 28208 assets.qualified.com — Cisco Umbrella Rank: 27088	1 MB
8	cofense.com cofense.com — Cisco Umbrella Rank: 807048	38 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1005 s.clarity.ms — Cisco Umbrella Rank: 8631 c.clarity.ms — Cisco Umbrella Rank: 1563	23 KB
5	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 390 www.linkedin.com — Cisco Umbrella Rank: 567 px4.ads.linkedin.com — Cisco Umbrella Rank: 6569	5 KB
3	google.com analytics.google.com — Cisco Umbrella Rank: 272 www.google.com — Cisco Umbrella Rank: 3	704 B
3	techtarget.com trk.techtarget.com — Cisco Umbrella Rank: 18682 ibc-flow.techtarget.com — Cisco Umbrella Rank: 21608	2 KB
2	6sense.com epsilon.6sense.com — Cisco Umbrella Rank: 10955	572 B
2	google.com.sg www.google.com.sg — Cisco Umbrella Rank: 11861	515 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 121	406 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 57	21 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3959	7 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 75	195 KB
1	amazonaws.com qualified-production.s3.us-east-1.amazonaws.com	7 KB
1	sentry.io sentry.io — Cisco Umbrella Rank: 224	442 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 252	743 B
1	okt.to okt.to — Cisco Umbrella Rank: 32904	100 B
1	mktoresp.com 404-jhu-612.mktoresp.com	318 B
1	adnxs.com secure.adnxs.com — Cisco Umbrella Rank: 472	815 B
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1007	375 B
1	vimeocdn.com extend.vimeocdn.com — Cisco Umbrella Rank: 10760	6 KB
1	oktopost.com static.oktopost.com — Cisco Umbrella Rank: 40618	4 KB
1	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 5046	2 KB
1	lltrck.com lltrck.com — Cisco Umbrella Rank: 32237
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 942	5 KB
1	gstatic.com fonts.gstatic.com	38 KB
1	typekit.net p.typekit.net — Cisco Umbrella Rank: 731	172 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	1 KB
1	bit.ly 1 redirects bit.ly — Cisco Umbrella Rank: 5143	335 B
1	t.co t.co — Cisco Umbrella Rank: 505	689 B
155	31

	Domain	Requested by
80	ep67mn3zn7v.exactdn.com	cofense.com ep67mn3zn7v.exactdn.com
8	assets.qualified.com	app.qualified.com assets.qualified.com
8	cofense.com	t.co ep67mn3zn7v.exactdn.com
7	b.6sc.co	cofense.com
3	s.clarity.ms	www.clarity.ms
3	px.ads.linkedin.com	3 redirects
2	c.clarity.ms	1 redirects
2	epsilon.6sense.com	j.6sc.co
2	ipv6.6sc.co	j.6sc.co
2	c.6sc.co	j.6sc.co
2	www.google.com.sg	cofense.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	analytics.google.com	www.googletagmanager.com
2	ibc-flow.techtarget.com	trk.techtarget.com
2	www.google-analytics.com	www.googletagmanager.com cofense.com
2	www.clarity.ms	t.co www.clarity.ms
2	munchkin.marketo.net	t.co munchkin.marketo.net
2	www.googletagmanager.com	cofense.com www.googletagmanager.com
1	qualified-production.s3.us-east-1.amazonaws.com
1	sentry.io	assets.qualified.com
1	app.qualified.com	js.qualified.com
1	c.bing.com	1 redirects
1	okt.to	static.oktopost.com
1	www.google.com	cofense.com
1	404-jhu-612.mktoresp.com	munchkin.marketo.net
1	secure.adnxs.com	j.6sc.co
1	px4.ads.linkedin.com	cofense.com
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	extend.vimeocdn.com	www.googletagmanager.com
1	trk.techtarget.com	t.co
1	static.oktopost.com	t.co
1	ws.zoominfo.com	t.co
1	lltrck.com	t.co
1	snap.licdn.com	www.googletagmanager.com
1	j.6sc.co	t.co
1	fonts.gstatic.com	fonts.googleapis.com
1	p.typekit.net	ep67mn3zn7v.exactdn.com
1	js.qualified.com	cofense.com
1	fonts.googleapis.com	cofense.com
1	bit.ly	1 redirects
1	t.co
155	42

This site contains links to these domains. Also see Links.

Domain
cofense.zendesk.com
go.cofense.com
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com
wpml.org

Subject Issuer	Validity	Valid
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-03` - `2024-01-03`	a year	crt.sh
cofense.com R3	`2023-05-05` - `2023-08-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.exactdn.com R3	`2023-05-11` - `2023-08-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-11` - `2024-04-10`	a year	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
6sc.co R3	`2023-05-25` - `2023-08-23`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
lltrck.com Go Daddy Secure Certificate Authority - G2	`2022-07-25` - `2023-08-26`	a year	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2023-04-04` - `2024-04-03`	a year	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-06` - `2024-02-05`	a year	crt.sh
*.oktopost.com Amazon RSA 2048 M01	`2023-02-28` - `2023-10-27`	8 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-12-01` - `2023-12-01`	a year	crt.sh
*.vimeocdn.com GlobalSign Atlas R3 DV TLS CA 2023 Q1	`2023-02-18` - `2024-03-21`	a year	crt.sh
ibc-flow.techtarget.com GTS CA 1D4	`2023-05-30` - `2023-08-28`	3 months	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-06-08` - `2024-07-07`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.google.com.sg GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.mktoresp.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-05` - `2023-11-05`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.6sense.com Amazon RSA 2048 M02	`2023-05-04` - `2024-06-02`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
okt.to R3	`2023-05-28` - `2023-08-26`	3 months	crt.sh
app.qualified.com R3	`2023-05-22` - `2023-08-20`	3 months	crt.sh
sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-06` - `2024-07-06`	a year	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2023-04-11` - `2023-12-20`	8 months	crt.sh

This page contains 2 frames:

Primary Page: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/
Frame ID: 9CB2376B84E91AAEFFB9CACC7D78448A
Requests: 147 HTTP requests in this frame

Frame: https://app.qualified.com/w/1/H3wWDXLUxD4irieG/messenger?uuid=890511f4-6d8f-47e6-a50b-b777a686cec8
Frame ID: F0C22B0B80A54E5BA923182E46D4BE6B
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Threat Actors Impersonate Email Security Providers | Cofense

Page URL History Show full URLs

https://t.co/ne4n9AEAfH?twclid=26xzi0j9ozt3w1adoo6y0jdimn Page URL
https://bit.ly/3Ijxa9W?twclid=26xzi0j9ozt3w1adoo6y0jdimn HTTP 301
https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-creden... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

155
Requests

95 %
HTTPS

51 %
IPv6

31
Domains

42
Subdomains

37
IPs

5
Countries

2102 kB
Transfer

5591 kB
Size

38
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://cofense.zendesk.com/auth/v2/login/signin
Title: Customer Resource Center

Search URL Search Domain Scan URL

URL: https://go.cofense.com/live-demo/
Title: Get a Demo

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Cofense/
Title: Facebook-f

Search URL Search Domain Scan URL

URL: https://twitter.com/cofense
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/11500065/
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCbvJmFk-Pwf85UbGI9-EGxw
Title: Youtube

Search URL Search Domain Scan URL

URL: https://wpml.org/
Title: wpml.org

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.co/ne4n9AEAfH?twclid=26xzi0j9ozt3w1adoo6y0jdimn Page URL
https://bit.ly/3Ijxa9W?twclid=26xzi0j9ozt3w1adoo6y0jdimn HTTP 301
https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 113

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=300721&time=1686616953040&url=https%3A%2F%2Fcofense.com%2Fblog%2Fthreat-actors-impersonate-email-security-providers-to-steal-user-credentials%2F&tm=gtmv2 HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=300721&time=1686616953040&url=https%3A%2F%2Fcofense.com%2Fblog%2Fthreat-actors-impersonate-email-security-providers-to-steal-user-credentials%2F&tm=gtmv2&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D300721%26time%3D1686616953040%26url%3Dhttps%253A%252F%252Fcofense.com%252Fblog%252Fthreat-actors-impersonate-email-security-providers-to-steal-user-credentials%252F%26tm%3Dgtmv2%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=300721&time=1686616953040&url=https%3A%2F%2Fcofense.com%2Fblog%2Fthreat-actors-impersonate-email-security-providers-to-steal-user-credentials%2F&tm=gtmv2&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=300721&time=1686616953040&url=https%3A%2F%2Fcofense.com%2Fblog%2Fthreat-actors-impersonate-email-security-providers-to-steal-user-credentials%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQJcpir-z-DxPQAAAYiyNFRNEbCD2GRhAgUfa_PRczpjUjSs2wxmqVZQxS1wPEutjlxsV5tz848M

Request Chain 140

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=068E0433B7EA47ECB6B118AE4864FD6D&RedC=c.clarity.ms&MXFR=39222A2659A36348320039095DA36D9B HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=068E0433B7EA47ECB6B118AE4864FD6D&MUID=3A549E14FAC569AA0ED28D3BFB9F68C0

155 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 ne4n9AEAfH
t.co/ 323 B
689 B 200ms
184ms Document
text/html 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/ne4n9AEAfH?twclid=26xzi0j9ozt3w1adoo6y0jdimn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_k /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: private,max-age=300
content-encoding: gzip
content-length: 208
content-type: text/html; charset=utf-8
date: Tue, 13 Jun 2023 00:42:30 GMT
expires: Tue, 13 Jun 2023 00:47:31 GMT
perf: 7626143928
server: tsa_k
strict-transport-security: max-age=0
vary: Origin
x-connection-hash: 8df96f859f9282ba8f34f39cfc17e925fb81ed70940f579dc733cbb7a0cdc3c5
x-response-time: 181
x-transaction-id: ca7080eeeb1ec763
x-xss-protection: 0

GET
H2

200

Primary Request / Show response
cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/
Redirect Chain

https://bit.ly/3Ijxa9W?twclid=26xzi0j9ozt3w1adoo6y0jdimn
https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

142 KB
26 KB

456ms
294ms

Document
text/html

141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/
Requested by: Host: t.co
URL: https://t.co/ne4n9AEAfH?twclid=26xzi0j9ozt3w1adoo6y0jdimn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / WP Engine
Resource Hash: 9cb6c7c26b11dc138503ce04835b48bd49863a2e656c1c0ef9dc75f14033e299

Request headers

Referer: https://t.co/ne4n9AEAfH?twclid=26xzi0j9ozt3w1adoo6y0jdimn
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=2419200, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7d664b4db918899e-SIN
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 13 Jun 2023 00:42:32 GMT
last-modified: Fri, 02 Jun 2023 12:26:30 GMT
link: <https://cofense.com/wp-json/>; rel="https://api.w.org/" <https://cofense.com/wp-json/wp/v2/posts/102425>; rel="alternate"; type="application/json" <https://cofense.com/?p=102425>; rel=shortlink
server: cloudflare
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 41
x-cache-group: normal
x-cacheable: YES:2419200.000
x-pingback: https://cofense.com/xmlrpc.php
x-powered-by: WP Engine

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=90
content-length: 189
content-security-policy: referrer always;
content-type: text/html; charset=utf-8
date: Tue, 13 Jun 2023 00:42:31 GMT
location: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/
referrer-policy: unsafe-url
server: nginx
via: 1.1 google

GET
H2 200 css
fonts.googleapis.com/ 21 KB
1 KB 158ms
65ms Stylesheet
text/css 2404:6800:4017:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Inter%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4017:802::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a021e5ef7022a556c759cca4e248f10383d65a1cd4df600dae57ea37ca481073

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 13 Jun 2023 00:04:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Jun 2023 00:42:32 GMT

GET
H2 200 classic-themes.min.css
ep67mn3zn7v.exactdn.com/wp-content/cache/min/1/wp-includes/css/ 291 B
1 KB 211ms
2ms Stylesheet
text/css 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/cache/min/1/wp-includes/css/classic-themes.min.css?ver=1686602253

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Tue, 11 Jun 2024 20:38:03 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/12/2023 23:00:29
cdn-pullzone: 788245
last-modified: Mon, 12 Jun 2023 20:38:02 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 5e6819642f990b352980bb40517c8cf7
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/cache/min/1/wp-includes/css/classic-themes.min.css?ver=1686602253>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 styles.css
ep67mn3zn7v.exactdn.com/wp-content/cache/min/1/wp-content/plugins/sitepress-multilingual-cms/dist/css/blocks/ 57 KB
9 KB 212ms
3ms Stylesheet
text/css 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/cache/min/1/wp-content/plugins/sitepress-multilingual-cms/dist/css/blocks/styles.css?ver=1686602253

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

2cc15bc3d3dda4e699624aae9727570dd1cb7cfa4535a074a453e1437e279d21

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Tue, 11 Jun 2024 20:38:03 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/12/2023 23:00:29
cdn-pullzone: 788245
last-modified: Mon, 12 Jun 2023 20:38:02 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 3e8f3c33bdeb8d1aa2c2945ce279b74b
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/cache/min/1/wp-content/plugins/sitepress-multilingual-cms/dist/css/blocks/styles.css?ver=1686602253>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 style.min.css
ep67mn3zn7v.exactdn.com/wp-content/cache/min/1/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/ 906 B
1 KB 211ms
3ms Stylesheet
text/css 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/cache/min/1/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/style.min.css?ver=1686602254

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

19fb8fd435c0bce0c7b49c24d128cce686d4a6bba0de63d34d5effa4e1f644f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Tue, 11 Jun 2024 20:38:09 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/12/2023 23:00:29
cdn-pullzone: 788245
last-modified: Mon, 12 Jun 2023 20:37:53 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: bf152397aacd2e3be270f6dd2a565255
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/cache/min/1/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/style.min.css?ver=1686602254>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 style.min.css
ep67mn3zn7v.exactdn.com/wp-content/cache/min/1/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/menu-item/ 258 B
993 B 212ms
5ms Stylesheet
text/css 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/cache/min/1/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/menu-item/style.min.css?ver=1686602254

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

4b9257e3e9c959214ddfab833a69a021ae6557403efe76afcbee259621175274

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Tue, 11 Jun 2024 20:38:03 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/12/2023 23:00:29
cdn-pullzone: 788245
last-modified: Mon, 12 Jun 2023 20:38:02 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 642e7417d9cd02ada6b34afeabef0a89
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/cache/min/1/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/menu-item/style.min.css?ver=1686602254>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 style.css
ep67mn3zn7v.exactdn.com/wp-content/cache/min/1/wp-content/themes/cofense/ 8 KB
4 KB 213ms
5ms Stylesheet
text/css 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/cache/min/1/wp-content/themes/cofense/style.css?ver=1686602254

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

c3dfc3f03106f85ab56ceaadf44433f35cca4209d64922d50a1c650c90aa60ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Tue, 11 Jun 2024 20:38:09 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/12/2023 23:00:29
cdn-pullzone: 788245
last-modified: Mon, 12 Jun 2023 20:38:03 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 70b1c233f28b2e59200bd4ba6f8baaea
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/cache/min/1/wp-content/themes/cofense/style.css?ver=1686602254>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 custom.css
ep67mn3zn7v.exactdn.com/wp-content/cache/min/1/wp-content/themes/cofense/css/ 31 B
828 B 243ms
35ms Stylesheet
text/css 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/cache/min/1/wp-content/themes/cofense/css/custom.css?ver=1686602254

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

8908a8114adb7f7825bc1e2b634946bf87489f37c1c82bc2c38bb49b3dda98e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Tue, 11 Jun 2024 20:38:03 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/12/2023 23:00:29
cdn-pullzone: 788245
content-length: 31
last-modified: Mon, 12 Jun 2023 20:38:02 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: f59384b192dad0b9460f38c3f45031df
link: <https://cofense.com/wp-content/cache/min/1/wp-content/themes/cofense/css/custom.css?ver=1686602254>; rel="canonical"
cdn-requestcountrycode: SG
cdn-status: 200
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullsuccess: True

GET
H2 200 testing.css
ep67mn3zn7v.exactdn.com/wp-content/cache/min/1/wp-content/themes/cofense/css/ 31 B
829 B 222ms
15ms Stylesheet
text/css 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/cache/min/1/wp-content/themes/cofense/css/testing.css?ver=1686602255

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

8908a8114adb7f7825bc1e2b634946bf87489f37c1c82bc2c38bb49b3dda98e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Tue, 11 Jun 2024 20:38:03 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/12/2023 23:00:29
cdn-pullzone: 788245
content-length: 31
last-modified: Mon, 12 Jun 2023 20:38:02 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: bdf776be3be21ec333550b27be38eeab
link: <https://cofense.com/wp-content/cache/min/1/wp-content/themes/cofense/css/testing.css?ver=1686602255>; rel="canonical"
cdn-requestcountrycode: SG
cdn-status: 200
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullsuccess: True

GET
H2 200 elementor-icons.min.css
ep67mn3zn7v.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/eicons/css/ 19 KB
5 KB 214ms
7ms Stylesheet
text/css 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=1686602255

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

d0ee40eedb99bb4fa8be8aa6825dbc436d3b761c7a49c2e36199039a2557a3eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Tue, 11 Jun 2024 20:38:09 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/12/2023 23:00:29
cdn-pullzone: 788245
last-modified: Mon, 12 Jun 2023 20:37:53 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 76c66d5a40e6b84ede79c62c0ca7cc55
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=1686602255>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 frontend-lite.min.css
ep67mn3zn7v.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/css/ 82 KB
13 KB 219ms
12ms Stylesheet
text/css 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=1686602256

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

22fbb5eff578438da0e7dac3f5613495aa7997f245952e11fa24e4ec085a1880

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Tue, 11 Jun 2024 20:38:03 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/12/2023 23:00:29
cdn-pullzone: 788245
last-modified: Mon, 12 Jun 2023 20:38:02 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 17ed560690daa6dff1712c300e251490
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=1686602256>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 swiper.min.css
ep67mn3zn7v.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/swiper/css/ 13 KB
3 KB 220ms
13ms Stylesheet
text/css 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/swiper/css/swiper.min.css?ver=1686602256

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

d622534d53d3ac1095af275f0b30274fcd835785577df2dde6d9398e6f7a2c8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Tue, 11 Jun 2024 20:38:09 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/12/2023 23:00:29
cdn-pullzone: 788245
last-modified: Mon, 12 Jun 2023 20:37:53 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: c05cba91b2562aca7ce238b29e606b25
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/swiper/css/swiper.min.css?ver=1686602256>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-15.css
ep67mn3zn7v.exactdn.com/wp-content/uploads/elementor/css/ 6 KB
2 KB 225ms
18ms Stylesheet
text/css 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/uploads/elementor/css/post-15.css?ver=1686602252

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

0c9b0f01749e04c7edc1d741457bc65ed9a5e0f1555f5c8867f206d66e631231

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Tue, 11 Jun 2024 20:37:52 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/12/2023 23:00:29
cdn-pullzone: 788245
last-modified: Mon, 12 Jun 2023 20:37:52 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 45dae32524a02141afd1dacc83daf97e
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/uploads/elementor/css/post-15.css?ver=1686602252>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 frontend-lite.min.css
ep67mn3zn7v.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/css/ 11 KB
3 KB 221ms
14ms Stylesheet
text/css 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=1686602256

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

f5df288275b5f604b05fec06b5b90ee3e2eee656a3157c65d099be04a941ad73

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Tue, 11 Jun 2024 20:38:09 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/12/2023 23:00:29
cdn-pullzone: 788245
last-modified: Mon, 12 Jun 2023 20:37:53 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: be3712073ef2e9ea22bd111c7e84ad8f
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=1686602256>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-102425.css
ep67mn3zn7v.exactdn.com/wp-content/uploads/elementor/css/ 36 B
823 B 215ms
8ms Stylesheet
text/css 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/uploads/elementor/css/post-102425.css?ver=1686602251

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

ee5d065fca9f5c5f5c983c8d8f448b242790f9254d8b5f3d2e7e966ab1407c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Tue, 11 Jun 2024 20:58:05 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/13/2023 00:16:04
cdn-pullzone: 788245
content-length: 36
last-modified: Mon, 12 Jun 2023 20:40:36 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 78691a7524b68b747163a9295e0a6283
link: <https://cofense.com/wp-content/uploads/elementor/css/post-102425.css?ver=1686602251>; rel="canonical"
cdn-requestcountrycode: SG
cdn-status: 200
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullsuccess: True

GET
H2 200 post-93807.css
ep67mn3zn7v.exactdn.com/wp-content/uploads/elementor/css/ 3 KB
1 KB 238ms
31ms Stylesheet
text/css 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/uploads/elementor/css/post-93807.css?ver=1686602252

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

f4221e726cd903ea62b23099982f627213f319bad4697da681b33ec82d613500

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Tue, 11 Jun 2024 20:37:52 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/12/2023 23:00:29
cdn-pullzone: 788245
last-modified: Mon, 12 Jun 2023 20:37:52 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: a8d90df93630464441f1e20492ce3ecc
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/uploads/elementor/css/post-93807.css?ver=1686602252>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-1266.css
ep67mn3zn7v.exactdn.com/wp-content/uploads/elementor/css/ 18 KB
3 KB 234ms
28ms Stylesheet
text/css 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/uploads/elementor/css/post-1266.css?ver=1686602252

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

6844ea1d998d79155a0763c9946da7c064a293e776d2142c8e91fcacee8542e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Tue, 11 Jun 2024 20:37:52 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/12/2023 23:00:29
cdn-pullzone: 788245
last-modified: Mon, 12 Jun 2023 20:37:52 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 5ab92e2042129a4186e4c9b20210317f
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/uploads/elementor/css/post-1266.css?ver=1686602252>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-1271.css
ep67mn3zn7v.exactdn.com/wp-content/uploads/elementor/css/ 15 KB
3 KB 243ms
36ms Stylesheet
text/css 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/uploads/elementor/css/post-1271.css?ver=1686602252

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

0a828dbd42b518c042d31e8c907ce91c852f06759f79a659341c8c4fa74492b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Tue, 11 Jun 2024 20:37:52 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/12/2023 23:00:29
cdn-pullzone: 788245
last-modified: Mon, 12 Jun 2023 20:37:52 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 80fe0439b2d72b76d3e55346e95358de
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/uploads/elementor/css/post-1271.css?ver=1686602252>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-1386.css
ep67mn3zn7v.exactdn.com/wp-content/uploads/elementor/css/ 11 KB
3 KB 223ms
17ms Stylesheet
text/css 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/uploads/elementor/css/post-1386.css?ver=1686602257

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

c85d22b6f7b34795c2daf7b29430762f7ebb504d5897771ff757f2cf23bac895

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Tue, 11 Jun 2024 20:38:09 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/13/2023 00:16:04
cdn-pullzone: 788245
last-modified: Mon, 12 Jun 2023 20:38:09 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 5791836baef04d7239d4980890f19752
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/uploads/elementor/css/post-1386.css?ver=1686602257>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 widget-styles.css
ep67mn3zn7v.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/css/ 439 KB
63 KB 213ms
6ms Stylesheet
text/css 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css?ver=1686602257

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

e47eb53a564c0ad6494d30bcc29fd05742db5874f11ad8d737fedd5f76b89f34

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Tue, 11 Jun 2024 20:38:03 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/12/2023 23:00:29
cdn-pullzone: 788245
last-modified: Mon, 12 Jun 2023 20:38:02 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 6ede60be4c62e4605c851f2bf5549bd9
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css?ver=1686602257>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 responsive.css
ep67mn3zn7v.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/css/ 30 KB
5 KB 222ms
16ms Stylesheet
text/css 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css?ver=1686602258

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

73b2fdcf25aa909c7b0f072cf791066350ab834ca1d0d01ef096bb5583318213

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Tue, 11 Jun 2024 20:38:09 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/12/2023 23:00:29
cdn-pullzone: 788245
last-modified: Mon, 12 Jun 2023 20:37:53 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: c64a1618e59be957992532f438fe590c
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css?ver=1686602258>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 ecs-style.css
ep67mn3zn7v.exactdn.com/wp-content/cache/min/1/wp-content/plugins/ele-custom-skin/assets/css/ 6 KB
2 KB 214ms
8ms Stylesheet
text/css 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/cache/min/1/wp-content/plugins/ele-custom-skin/assets/css/ecs-style.css?ver=1686602258

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

8cbc49b1385bf29debe95333f04795a6e3a2cf218d88b415b29872d06491fd1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Tue, 11 Jun 2024 20:38:09 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/12/2023 23:00:29
cdn-pullzone: 788245
last-modified: Mon, 12 Jun 2023 20:37:53 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: be537cca45093820d35c7231749c20f5
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/cache/min/1/wp-content/plugins/ele-custom-skin/assets/css/ecs-style.css?ver=1686602258>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-1444.css
ep67mn3zn7v.exactdn.com/wp-content/uploads/elementor/css/ 2 KB
1 KB 223ms
17ms Stylesheet
text/css 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/uploads/elementor/css/post-1444.css?ver=1678361574

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

0800c1bcae9fd7a9ab8bb0fc08bb60392cde06279906b58ba73a9d32c0ef0f8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Fri, 24 May 2024 21:51:23 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 05/26/2023 01:01:02
cdn-pullzone: 788245
last-modified: Thu, 25 May 2023 21:51:23 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: ba4508a35d846758bd6a2b711f65898e
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/uploads/elementor/css/post-1444.css?ver=1678361574>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-1462.css
ep67mn3zn7v.exactdn.com/wp-content/uploads/elementor/css/ 2 KB
1 KB 225ms
19ms Stylesheet
text/css 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/uploads/elementor/css/post-1462.css?ver=1671033592

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

880bd0c057b2118ce8870a412c9bbc9c744ecc1ffc2e0cec852f0822467a5468

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Fri, 24 May 2024 21:34:08 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 05/26/2023 01:01:02
cdn-pullzone: 788245
last-modified: Thu, 25 May 2023 21:34:08 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: fbc3f97529251329c95b3eaf00d60207
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/uploads/elementor/css/post-1462.css?ver=1671033592>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-86702.css
ep67mn3zn7v.exactdn.com/wp-content/uploads/elementor/css/ 878 B
1 KB 259ms
53ms Stylesheet
text/css 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/uploads/elementor/css/post-86702.css?ver=1666612343

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

08d9e28e5a3cf2a632f0a595610c79ae90f8dc50f3dd17914f2e6ef324b100bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Fri, 07 Jun 2024 21:11:28 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/08/2023 22:10:37
cdn-pullzone: 788245
last-modified: Thu, 25 May 2023 21:51:13 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 300acf3056a2663f9924b0fc76b4daf5
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/uploads/elementor/css/post-86702.css?ver=1666612343>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-86773.css
ep67mn3zn7v.exactdn.com/wp-content/uploads/elementor/css/ 2 KB
1 KB 231ms
25ms Stylesheet
text/css 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/uploads/elementor/css/post-86773.css?ver=1666885690

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

06c5b21ed6beb8535987a718d67db031fd8f9658a06e347946420fece8a2d845

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Fri, 24 May 2024 21:51:02 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 05/26/2023 01:01:03
cdn-pullzone: 788245
last-modified: Thu, 25 May 2023 21:51:02 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: d274b43efa90527f153802669e77df4c
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/uploads/elementor/css/post-86773.css?ver=1666885690>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-96442.css
ep67mn3zn7v.exactdn.com/wp-content/uploads/elementor/css/ 2 KB
1 KB 231ms
26ms Stylesheet
text/css 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/uploads/elementor/css/post-96442.css?ver=1680173529

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

5ec0edcab83d68a0bbdaaa014ca2eb993bf8bb3eb9eb5291be25e602a0d50e2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Fri, 24 May 2024 21:51:42 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 05/26/2023 01:01:03
cdn-pullzone: 788245
last-modified: Thu, 25 May 2023 21:51:13 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 637e29329311a45fc9d9ce4c15d40b23
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/uploads/elementor/css/post-96442.css?ver=1680173529>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-96443.css
ep67mn3zn7v.exactdn.com/wp-content/uploads/elementor/css/ 2 KB
1 KB 230ms
24ms Stylesheet
text/css 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/uploads/elementor/css/post-96443.css?ver=1684235063

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

edf0c45100bd76408c47b7a27b7cc7a85d776b1baf46de9e33f5b90bff9d5ea2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Fri, 24 May 2024 21:51:23 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 05/26/2023 01:01:03
cdn-pullzone: 788245
last-modified: Thu, 25 May 2023 21:51:23 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 45792f256d8c532e23775a86df015457
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/uploads/elementor/css/post-96443.css?ver=1684235063>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-96445.css
ep67mn3zn7v.exactdn.com/wp-content/uploads/elementor/css/ 2 KB
1 KB 236ms
31ms Stylesheet
text/css 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/uploads/elementor/css/post-96445.css?ver=1675169689

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

6c64f1f61427b7aff7961cee93a0ee95c454274084a3a9e10aed8496929450d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Fri, 24 May 2024 21:51:42 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 05/26/2023 01:01:03
cdn-pullzone: 788245
last-modified: Thu, 25 May 2023 21:51:23 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: a071d8e80727cdd676bbfd2ca6aef793
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/uploads/elementor/css/post-96445.css?ver=1675169689>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 fontawesome.min.css
ep67mn3zn7v.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 57 KB
14 KB 234ms
29ms Stylesheet
text/css 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=1686602260

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Tue, 11 Jun 2024 20:38:03 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/12/2023 23:00:29
cdn-pullzone: 788245
last-modified: Mon, 12 Jun 2023 20:38:02 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 37231fffe48e1f414281038b76cd4916
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=1686602260>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 solid.min.css
ep67mn3zn7v.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 1 KB
1 KB 240ms
35ms Stylesheet
text/css 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=1686602260

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

ba034b0b907ed77dd3d266f6eca07839a0d25012641f0c4a259daeaa6a324607

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Tue, 11 Jun 2024 20:38:09 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/12/2023 23:00:29
cdn-pullzone: 788245
last-modified: Mon, 12 Jun 2023 20:38:03 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 1d649b29315366e18a95e08fedb7e0e1
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=1686602260>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 brands.min.css
ep67mn3zn7v.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 1 KB
1 KB 228ms
23ms Stylesheet
text/css 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=1686602260

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

667a6ffd7d93f5b62649f4d7debde5d609ac1d1a7696cf0773365284d4ed6b83

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Tue, 11 Jun 2024 20:58:05 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/12/2023 23:00:29
cdn-pullzone: 788245
last-modified: Mon, 12 Jun 2023 20:37:53 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: ce11811defb05eadeea94c5bc543ebe7
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=1686602260>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ep67mn3zn7v.exactdn.com/wp-includes/js/jquery/ 88 KB
35 KB 243ms
38ms Script
text/javascript 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.4

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Fri, 07 Jun 2024 21:11:28 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/08/2023 22:10:37
cdn-pullzone: 788245
last-modified: Thu, 08 Jun 2023 21:11:28 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: d285c6acb43bdbc16aaef5237a3634aa
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.4>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 jquery-migrate.min.js Show response
ep67mn3zn7v.exactdn.com/wp-includes/js/jquery/ 13 KB
6 KB 251ms
47ms Script
text/javascript 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Fri, 24 May 2024 21:32:46 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 05/26/2023 01:01:05
cdn-pullzone: 788245
last-modified: Thu, 25 May 2023 21:32:03 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 3af6dd9980992e3fc7bef951e1a2d217
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 language-cookie.js Show response
ep67mn3zn7v.exactdn.com/wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/ 183 B
965 B 243ms
39ms Script
text/javascript 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/language-cookie.js?ver=4.6.3

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

c1b5e18239636e9eb0b3f7affcfc7e65a5122e67cb56c3711af6258545a93b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Fri, 07 Jun 2024 21:11:28 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/08/2023 22:10:37
cdn-pullzone: 788245
last-modified: Thu, 25 May 2023 21:32:04 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 6e5c2372214e95c3fca27d403be014f4
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/language-cookie.js?ver=4.6.3>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 ecs_ajax_pagination.js Show response
ep67mn3zn7v.exactdn.com/wp-content/plugins/ele-custom-skin/assets/js/ 3 KB
2 KB 251ms
48ms Script
text/javascript 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/plugins/ele-custom-skin/assets/js/ecs_ajax_pagination.js?ver=3.1.7

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

2660d715c056a722efa81ed0e917bdad770738e5ac8fe1296cc71a16b053b2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Fri, 07 Jun 2024 21:14:36 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/08/2023 22:10:37
cdn-pullzone: 788245
last-modified: Thu, 25 May 2023 21:32:03 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: f4b0b8937b41b1b3a36897f6d4643c62
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/plugins/ele-custom-skin/assets/js/ecs_ajax_pagination.js?ver=3.1.7>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 ecs.js Show response
ep67mn3zn7v.exactdn.com/wp-content/plugins/ele-custom-skin/assets/js/ 250 B
965 B 241ms
38ms Script
text/javascript 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/plugins/ele-custom-skin/assets/js/ecs.js?ver=3.1.7

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

cba788c91ad01b850dc3ff5689cf4234757080a656044ec8757dc51c229440ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Fri, 07 Jun 2024 21:14:37 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/08/2023 22:10:37
cdn-pullzone: 788245
last-modified: Thu, 25 May 2023 21:32:03 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: a3f36384cbc00f94c369737f3f8c89fc
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/plugins/ele-custom-skin/assets/js/ecs.js?ver=3.1.7>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 zlo5wor.css
ep67mn3zn7v.exactdn.com/wp-content/cache/min/1/ 816 B
1 KB 227ms
24ms Stylesheet
text/css 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/cache/min/1/zlo5wor.css?ver=1686602260

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

3c1a5c4b5574a4104a92b2e700e6f0fc5b001c4297ebc5a1e76d67b1fbeb1c2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Tue, 11 Jun 2024 20:38:03 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/12/2023 23:00:29
cdn-pullzone: 788245
last-modified: Mon, 12 Jun 2023 20:38:02 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: d0c5ee18fdb5305761586f3dd7057821
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/cache/min/1/zlo5wor.css?ver=1686602260>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 qualified.js Show response
js.qualified.com/ 599 KB
146 KB 1110ms
1091ms Script
text/javascript 2606:4700::6812:1005
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.qualified.com/qualified.js?token=H3wWDXLUxD4irieG

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1005 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eaa5d844ec16829d602a7e6f48a0570bcd0e0c40a5bf649b5710ecad428dd6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 00:42:33 GMT
content-encoding: gzip
via: 1.1 spaces-router (devel)
strict-transport-security: max-age=63072000; includeSubDomains
cf-cache-status: MISS
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 0ff3dc2b-213e-3409-34ae-b8beb18fbae5
pragma: no-cache
x-runtime: 0.024874
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"3eaa5d844ec16829d602a7e6f48a0570"
x-download-options: noopen
vary: Accept,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 7d664b527c399fe3-SIN
expires: Tue, 13 Jun 2023 04:42:33 GMT

GET
H2 200 widget-nav-menu.min.css
ep67mn3zn7v.exactdn.com/wp-content/plugins/elementor-pro/assets/css/ 26 KB
4 KB 236ms
33ms Stylesheet
text/css 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/plugins/elementor-pro/assets/css/widget-nav-menu.min.css

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

98207c61fcf676e67a06d6cf9484f341d09c5f23a0ca219529c40c85fae7c319

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Fri, 07 Jun 2024 21:11:28 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/08/2023 22:10:37
cdn-pullzone: 788245
last-modified: Thu, 25 May 2023 21:32:03 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 85aa054f09545c71ad4d00500a6eb663
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/plugins/elementor-pro/assets/css/widget-nav-menu.min.css>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 widget-icon-list.min.css
ep67mn3zn7v.exactdn.com/wp-content/plugins/elementor/assets/css/ 10 KB
2 KB 214ms
20ms Stylesheet
text/css 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

76165601b100d2a490189d0521eb1fd9729f7008a75e359170b4b699c06c7d59

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Fri, 07 Jun 2024 21:14:37 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/08/2023 22:10:37
cdn-pullzone: 788245
last-modified: Thu, 25 May 2023 21:32:04 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 94616ae51dd9b3232f1df3359a51ac8b
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 widget-theme-elements.min.css
ep67mn3zn7v.exactdn.com/wp-content/plugins/elementor-pro/assets/css/ 10 KB
3 KB 215ms
21ms Stylesheet
text/css 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/plugins/elementor-pro/assets/css/widget-theme-elements.min.css

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

60e5576a3b8eca0a64ee5fe9e79e3c785480d7b124bc2a6738d0b187e97db017

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Fri, 24 May 2024 21:32:13 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 05/26/2023 01:01:04
cdn-pullzone: 788245
last-modified: Thu, 25 May 2023 21:32:13 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: f054a918bd5e0583cb755ba20e7f1aa4
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/plugins/elementor-pro/assets/css/widget-theme-elements.min.css>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 widget-share-buttons.min.css
ep67mn3zn7v.exactdn.com/wp-content/plugins/elementor-pro/assets/css/ 30 KB
3 KB 226ms
32ms Stylesheet
text/css 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/plugins/elementor-pro/assets/css/widget-share-buttons.min.css

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

47ecfe99feb398d42a29187409ece9ab4bff0b7c65fd64475eb29edc49898eef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Fri, 24 May 2024 21:32:46 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 05/26/2023 01:01:04
cdn-pullzone: 788245
last-modified: Thu, 25 May 2023 21:32:46 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: bd8485e8990c2c99186dcaa46d44e695
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/plugins/elementor-pro/assets/css/widget-share-buttons.min.css>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 widget-posts.min.css
ep67mn3zn7v.exactdn.com/wp-content/plugins/elementor-pro/assets/css/ 14 KB
3 KB 240ms
46ms Stylesheet
text/css 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/plugins/elementor-pro/assets/css/widget-posts.min.css

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

50f7e438bddecb1aad132731a0ea9a014007cdfcc9915a26ed46afb8e8c2a76c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Fri, 07 Jun 2024 21:15:06 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/08/2023 22:10:37
cdn-pullzone: 788245
last-modified: Thu, 25 May 2023 21:32:36 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: ab436a9adfb2244ebe9837e2cd198775
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/plugins/elementor-pro/assets/css/widget-posts.min.css>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-9276.css
ep67mn3zn7v.exactdn.com/wp-content/uploads/elementor/css/ 4 KB
2 KB 220ms
26ms Stylesheet
text/css 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/uploads/elementor/css/post-9276.css?ver=1686602252

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

8f9de5ce0bd559fccdcf15f73bef8d60af03428ea4c33222985a6644d1351b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Tue, 11 Jun 2024 20:37:53 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/12/2023 23:00:29
cdn-pullzone: 788245
last-modified: Mon, 12 Jun 2023 20:37:52 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: f9174fa66e2585792e330ba85aeb666c
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/uploads/elementor/css/post-9276.css?ver=1686602252>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-9277.css
ep67mn3zn7v.exactdn.com/wp-content/uploads/elementor/css/ 5 KB
2 KB 215ms
22ms Stylesheet
text/css 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/uploads/elementor/css/post-9277.css?ver=1686602252

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

80ae295e1e684f6903ca3b3896fb69550a5051c018482eae7d601f5a270c5f83

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Tue, 11 Jun 2024 20:38:02 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/12/2023 23:00:29
cdn-pullzone: 788245
last-modified: Mon, 12 Jun 2023 20:37:43 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: e9bb5f22213544bac98e433a8e8a6042
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/uploads/elementor/css/post-9277.css?ver=1686602252>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-9907.css
ep67mn3zn7v.exactdn.com/wp-content/uploads/elementor/css/ 2 KB
1 KB 239ms
46ms Stylesheet
text/css 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/uploads/elementor/css/post-9907.css?ver=1686602252

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

b4d6f31b12061ce5f7eb43054704209c45634f84c8dcfd0666907f33fa527401

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Tue, 11 Jun 2024 20:38:03 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/12/2023 23:00:29
cdn-pullzone: 788245
last-modified: Mon, 12 Jun 2023 20:37:43 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 394cdbba85e1729f28fc73ea8eac132d
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/uploads/elementor/css/post-9907.css?ver=1686602252>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-94175.css
ep67mn3zn7v.exactdn.com/wp-content/uploads/elementor/css/ 2 KB
1 KB 213ms
20ms Stylesheet
text/css 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/uploads/elementor/css/post-94175.css?ver=1686602252

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

f18d03ea1db25769e0297f023bbb4f700a35027e4b26c8ce2cea90dd91956cef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Tue, 11 Jun 2024 20:37:53 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/12/2023 23:00:29
cdn-pullzone: 788245
last-modified: Mon, 12 Jun 2023 20:37:52 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 46f90f8d2175a3b29e88dbe277914986
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/uploads/elementor/css/post-94175.css?ver=1686602252>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-94173.css
ep67mn3zn7v.exactdn.com/wp-content/uploads/elementor/css/ 2 KB
1 KB 227ms
34ms Stylesheet
text/css 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/uploads/elementor/css/post-94173.css?ver=1686602253

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

ff0ef2b4514a9a824e24181bd336b7b282a0ff614b16dcc9484470aa337c15a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Tue, 11 Jun 2024 20:37:53 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/12/2023 23:00:29
cdn-pullzone: 788245
last-modified: Mon, 12 Jun 2023 20:37:52 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 1fc5baa3efd0cf221667285724fc41b6
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/uploads/elementor/css/post-94173.css?ver=1686602253>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 regular.min.css
ep67mn3zn7v.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 1 KB
1 KB 220ms
27ms Stylesheet
text/css 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=1686602288

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

7ecfcb6364417265a3fe2b85356392477258f5c6c9814085501cba10537b92e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Tue, 11 Jun 2024 20:38:10 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/13/2023 00:16:04
cdn-pullzone: 788245
last-modified: Mon, 12 Jun 2023 20:37:59 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 03849c326cde8af5f1713d42a5c0fe2e
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=1686602288>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-96724.css
ep67mn3zn7v.exactdn.com/wp-content/uploads/elementor/css/ 6 KB
2 KB 239ms
46ms Stylesheet
text/css 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/uploads/elementor/css/post-96724.css?ver=1686602253

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

a6dc3ba048207f5858574b196a46bbd908c150589d97855f074f567b3af8d43b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Tue, 11 Jun 2024 20:37:53 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/12/2023 23:00:29
cdn-pullzone: 788245
last-modified: Mon, 12 Jun 2023 20:37:52 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 5b88fd0b467b5aaa0505ff4fc6cf0ba1
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/uploads/elementor/css/post-96724.css?ver=1686602253>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 animations.min.css
ep67mn3zn7v.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/animations/ 18 KB
4 KB 229ms
37ms Stylesheet
text/css 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=1686602261

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

a144b7eb90f5589866d0546b15df7c4473c9ff44b079490e449c0ad96bb82511

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Tue, 11 Jun 2024 20:38:09 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/12/2023 23:00:29
cdn-pullzone: 788245
last-modified: Mon, 12 Jun 2023 20:37:53 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 4dcf7d0f859eaca3b4cd72a4eb5f66cf
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=1686602261>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 lazysizes.min.js Show response
ep67mn3zn7v.exactdn.com/wp-content/plugins/ewww-image-optimizer/includes/ 14 KB
6 KB 232ms
40ms Script
text/javascript 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/plugins/ewww-image-optimizer/includes/lazysizes.min.js?ver=702

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

c05a1108c176130e9dff2f6a5ebdb60be1c3e17b5a8f83de35b29f44fb109434

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Fri, 07 Jun 2024 21:14:36 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/08/2023 22:10:37
cdn-pullzone: 788245
last-modified: Thu, 08 Jun 2023 21:11:29 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: bfb78e54757e692aba9865d2dcda1e43
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/plugins/ewww-image-optimizer/includes/lazysizes.min.js?ver=702>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 navigation.js Show response
ep67mn3zn7v.exactdn.com/wp-content/themes/cofense/js/ 2 KB
1 KB 234ms
42ms Script
text/javascript 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/themes/cofense/js/navigation.js?ver=1.0.0

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

3c60f28ac63eb4fed3d219aba2496cb5da8b96a1db54a8d9b5c87ada17e42c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Tue, 11 Jun 2024 20:38:03 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/12/2023 23:00:29
cdn-pullzone: 788245
last-modified: Thu, 25 May 2023 21:32:03 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 24c27b635da58ceacf4f7be9a7b86770
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/themes/cofense/js/navigation.js?ver=1.0.0>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 frontend-script.js Show response
ep67mn3zn7v.exactdn.com/wp-content/plugins/elementskit-lite/libs/framework/assets/js/ 39 B
850 B 232ms
40ms Script
text/javascript 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js?ver=2.8.8

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

89b87d53f74bf77c35b63352937c490fa8e07f70eb549d9307ea8e945fc00bc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Fri, 07 Jun 2024 21:14:36 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/08/2023 22:10:37
cdn-pullzone: 788245
content-length: 39
last-modified: Thu, 25 May 2023 21:32:03 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 35014b7ae599993ddf187f22ba3e0f76
link: <https://cofense.com/wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js?ver=2.8.8>; rel="canonical"
cdn-requestcountrycode: SG
cdn-status: 200
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullsuccess: True

GET
H2 200 widget-scripts.js Show response
ep67mn3zn7v.exactdn.com/wp-content/plugins/elementskit-lite/widgets/init/assets/js/ 134 KB
40 KB 236ms
44ms Script
text/javascript 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js?ver=2.8.8

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

f73a370f3d0a4f11a2388b9d5d876f979c921d2d5290460ee6b25b289e63ca8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Fri, 07 Jun 2024 21:11:29 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/08/2023 22:10:37
cdn-pullzone: 788245
last-modified: Thu, 25 May 2023 21:32:04 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: c159d27f62862ad80bf3d14b9799674c
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js?ver=2.8.8>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 204 heartbeat.js Show response
ep67mn3zn7v.exactdn.com/wp-content/plugins/wp-rocket/assets/js/ 0
548 B 525ms
333ms Script
text/plain 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ep67mn3zn7v.exactdn.com/wp-content/plugins/wp-rocket/assets/js/heartbeat.js?ver=3.13.4
Requested by: Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-SG1-868 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 00:42:32 GMT
cdn-edgestorageid: 868
cdn-cachedat: 06/13/2023 00:42:32
cdn-pullzone: 788245
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 204
vary: Accept-Encoding
access-control-allow-origin: *
cdn-cache: MISS
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestid: 092040727c57ade91ca4908248704a85
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 204
cdn-requestpullsuccess: True

GET
H2 200 jquery.smartmenus.min.js Show response
ep67mn3zn7v.exactdn.com/wp-content/plugins/elementor-pro/assets/lib/smartmenus/ 25 KB
9 KB 231ms
39ms Script
text/javascript 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

533e264cc615ee4601da8d2c1dee4a8987319e53d4d7162272f067fbbf250020

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Fri, 07 Jun 2024 21:11:29 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/08/2023 22:10:37
cdn-pullzone: 788245
last-modified: Thu, 25 May 2023 21:32:03 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: bf5dd2a4a013d29e2d4c1b40f6966102
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 imagesloaded.min.js Show response
ep67mn3zn7v.exactdn.com/wp-includes/js/ 5 KB
3 KB 233ms
41ms Script
text/javascript 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Fri, 07 Jun 2024 21:11:29 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/08/2023 22:10:37
cdn-pullzone: 788245
last-modified: Thu, 25 May 2023 21:32:03 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 25be1c3c028be617d0438d6f06405d18
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 webpack-pro.runtime.min.js Show response
ep67mn3zn7v.exactdn.com/wp-content/plugins/elementor-pro/assets/js/ 5 KB
3 KB 235ms
43ms Script
text/javascript 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.13.2

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

afc24dfed8f3f2749e5cbe4a86053b55e5c063c23ea09ddf40544a0bfe03ae0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Fri, 24 May 2024 21:32:13 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 05/26/2023 01:01:07
cdn-pullzone: 788245
last-modified: Thu, 25 May 2023 21:32:13 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 580678c475d921b638d68b89764a4780
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.13.2>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 webpack.runtime.min.js Show response
ep67mn3zn7v.exactdn.com/wp-content/plugins/elementor/assets/js/ 5 KB
3 KB 232ms
41ms Script
text/javascript 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.13.4

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

5565d96a4b66a49049a7fca5dfc8d26ebe0336778006052124283abb0347be8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Fri, 07 Jun 2024 21:14:36 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/08/2023 22:10:37
cdn-pullzone: 788245
last-modified: Thu, 08 Jun 2023 21:11:29 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 9cdb38b0970bfdf630bf59017d34c3b1
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.13.4>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 frontend-modules.min.js Show response
ep67mn3zn7v.exactdn.com/wp-content/plugins/elementor/assets/js/ 45 KB
16 KB 238ms
47ms Script
text/javascript 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.13.4

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

c478a21227c8c63ed9b7ecb07c06e3a99cb6e4a253aeed7687fe43d5b0aa13d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Fri, 07 Jun 2024 21:11:29 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/08/2023 22:10:37
cdn-pullzone: 788245
last-modified: Thu, 08 Jun 2023 21:11:29 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 0b914d41518d18d267122216979e6604
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.13.4>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 wp-polyfill-inert.min.js Show response
ep67mn3zn7v.exactdn.com/wp-includes/js/dist/vendor/ 8 KB
3 KB 230ms
39ms Script
text/javascript 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Fri, 24 May 2024 21:32:13 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 05/26/2023 01:01:07
cdn-pullzone: 788245
last-modified: Thu, 25 May 2023 21:32:13 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 93e590d18ec505775e867a6316fcf368
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 regenerator-runtime.min.js Show response
ep67mn3zn7v.exactdn.com/wp-includes/js/dist/vendor/ 6 KB
3 KB 233ms
42ms Script
text/javascript 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.11

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Fri, 24 May 2024 21:32:13 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 05/26/2023 01:01:07
cdn-pullzone: 788245
last-modified: Thu, 25 May 2023 21:32:13 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: cf0e5bb1d9d0033116b1129ca828ab08
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.11>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 wp-polyfill.min.js Show response
ep67mn3zn7v.exactdn.com/wp-includes/js/dist/vendor/ 17 KB
8 KB 229ms
38ms Script
text/javascript 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Fri, 07 Jun 2024 21:11:29 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/08/2023 22:10:37
cdn-pullzone: 788245
last-modified: Thu, 25 May 2023 21:32:03 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 9a99187e94d95d9ee8fca052b9cdbba2
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 hooks.min.js Show response
ep67mn3zn7v.exactdn.com/wp-includes/js/dist/ 5 KB
3 KB 239ms
48ms Script
text/javascript 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Fri, 07 Jun 2024 21:14:37 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/08/2023 22:10:37
cdn-pullzone: 788245
last-modified: Thu, 25 May 2023 21:32:03 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 21df2f71e12645d6681a334eaa25ba76
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 i18n.min.js Show response
ep67mn3zn7v.exactdn.com/wp-includes/js/dist/ 10 KB
5 KB 228ms
37ms Script
text/javascript 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

01c3955df67a9b9d1367957e2c187729eae46b72e92c2b52bdb217b14a8fc874

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Fri, 07 Jun 2024 21:14:36 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/08/2023 22:10:37
cdn-pullzone: 788245
last-modified: Thu, 25 May 2023 21:32:03 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 2b65cd7ec1945d5c1520549c647535c5
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 frontend.min.js Show response
ep67mn3zn7v.exactdn.com/wp-content/plugins/elementor-pro/assets/js/ 24 KB
8 KB 233ms
42ms Script
text/javascript 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.13.2

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

51f36864e3fb5b3479d50de93d44403cee100c743cb5c97a1da0b924ca671a86

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Fri, 24 May 2024 21:32:13 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 05/26/2023 01:01:08
cdn-pullzone: 788245
last-modified: Thu, 25 May 2023 21:32:13 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 79965e11de969afc7ccb0363452a7c09
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.13.2>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 waypoints.min.js Show response
ep67mn3zn7v.exactdn.com/wp-content/plugins/elementor/assets/lib/waypoints/ 12 KB
4 KB 231ms
40ms Script
text/javascript 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Fri, 07 Jun 2024 21:14:37 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/08/2023 22:10:37
cdn-pullzone: 788245
last-modified: Thu, 25 May 2023 21:32:03 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 820f41fc36a617ed7ddfcf75df3caa1e
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 core.min.js Show response
ep67mn3zn7v.exactdn.com/wp-includes/js/jquery/ui/ 21 KB
8 KB 236ms
45ms Script
text/javascript 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Fri, 24 May 2024 21:32:13 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 05/26/2023 01:01:08
cdn-pullzone: 788245
last-modified: Thu, 25 May 2023 21:32:13 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 49c3837cb8203e232656292f755ba7b4
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 frontend.min.js Show response
ep67mn3zn7v.exactdn.com/wp-content/plugins/elementor/assets/js/ 40 KB
14 KB 231ms
41ms Script
text/javascript 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.13.4

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

3f5eb651e087476c3214a5fbb8b77346f7f0dff068c3d961c6070424746fb9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Fri, 07 Jun 2024 21:11:29 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/08/2023 22:10:37
cdn-pullzone: 788245
last-modified: Thu, 08 Jun 2023 21:11:29 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 362dd865439f92f3602f0bc42896f72f
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.13.4>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 elements-handlers.min.js Show response
ep67mn3zn7v.exactdn.com/wp-content/plugins/elementor-pro/assets/js/ 29 KB
8 KB 233ms
43ms Script
text/javascript 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.13.2

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

c77732d85f58d3043711126b16c097d4b56bb2a0da1a75d526633a6b34c10427

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Fri, 07 Jun 2024 21:11:29 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/08/2023 22:10:37
cdn-pullzone: 788245
last-modified: Thu, 25 May 2023 21:32:03 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 61e01e3d4354264238a2390cb1b96a53
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.13.2>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 animate-circle.js Show response
ep67mn3zn7v.exactdn.com/wp-content/plugins/elementskit-lite/widgets/init/assets/js/ 809 B
1 KB 238ms
47ms Script
text/javascript 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/plugins/elementskit-lite/widgets/init/assets/js/animate-circle.js?ver=2.8.8

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

38c0429f151c63509ad519a07d59304a62c2d72e3ae31ec9557bc7bd60c5e1d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Tue, 11 Jun 2024 20:38:03 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/12/2023 23:00:29
cdn-pullzone: 788245
last-modified: Thu, 25 May 2023 21:32:03 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 0626a81fd3a778bccc2bd97bf7fafaad
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/plugins/elementskit-lite/widgets/init/assets/js/animate-circle.js?ver=2.8.8>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 elementor.js Show response
ep67mn3zn7v.exactdn.com/wp-content/plugins/elementskit-lite/widgets/init/assets/js/ 18 KB
6 KB 235ms
45ms Script
text/javascript 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/plugins/elementskit-lite/widgets/init/assets/js/elementor.js?ver=2.8.8

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

cce09b94f024a9f454d77ef89ce7eaf3dc4e54efa358ad7bbbc0f24fed038b3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Fri, 07 Jun 2024 21:11:29 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/08/2023 22:10:37
cdn-pullzone: 788245
last-modified: Thu, 25 May 2023 21:32:03 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 6b9d5ee4415f3caebc140d95d7995597
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/plugins/elementskit-lite/widgets/init/assets/js/elementor.js?ver=2.8.8>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 jquery.sticky.min.js Show response
ep67mn3zn7v.exactdn.com/wp-content/plugins/elementor-pro/assets/lib/sticky/ 4 KB
2 KB 235ms
45ms Script
text/javascript 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.13.2

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

34bbd1c367ffc7d80fcff86c7e5f8777e70f4911bb324e8ecfc7dd3604a96e68

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Fri, 24 May 2024 21:32:13 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 05/26/2023 01:01:08
cdn-pullzone: 788245
last-modified: Thu, 25 May 2023 21:32:13 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: d54dc51ef69e2677a3209f0225e39a63
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.13.2>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 lazyload.min.js Show response
ep67mn3zn7v.exactdn.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/ 9 KB
4 KB 6ms
6ms Script
text/javascript 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Fri, 24 May 2024 21:32:14 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 05/26/2023 01:01:09
cdn-pullzone: 788245
last-modified: Thu, 25 May 2023 21:32:14 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 29e631059058f7ba45bed34ce9701cf8
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 34ms
6ms Stylesheet
text/css 2600:1413:1::17d3:8c60
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=zlo5wor&ht=tk&f=26014&a=103167865&app=typekit&e=css
Requested by: Host: ep67mn3zn7v.exactdn.com
URL: https://ep67mn3zn7v.exactdn.com/wp-content/cache/min/1/zlo5wor.css?ver=1686602260
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1413:1::17d3:8c60 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ep67mn3zn7v.exactdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 00:42:32 GMT
last-modified: Fri, 21 Apr 2023 14:12:02 GMT
server: nginx
etag: "644299b2-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 319 KB
104 KB 33ms
20ms Script
application/javascript 2404:6800:4003:c02::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5RQ37KH

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9c8637008804212fea22b7d86cc3fe552978c2f26e3409ee1937bffbd27111cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 105964
x-xss-protection: 0
last-modified: Tue, 13 Jun 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 13 Jun 2023 00:42:32 GMT

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13ba7d85cedf2d5b14f9091119f9067689bdc33edde1d37a654787d416fbca34

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a6066a6d31e78435df4062a26c6f87e325ec23de535b95c65cb90e0ea570038

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c775a362bb8cfcb1f31682b2a1a017a05ea83016e5848a6ab3ae6c1de152ce94

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 70 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d7cc8b6dd2abcbafc61918a074f96bef0698f9382e157d26ac719fbf36f1188

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 70 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86e5f383c43482b102b2dca93faab32637c7ccdbd5455e7840bbca7d8f57e0ee

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4604ed4eb3e25b2aeb907e4ea907f2a44152ff2e7a867895b78018419ac26c0f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 39eeb47a5d22f99100deb70fc52831d17942755c4e48e1b41f69274c924f3128

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5be99a090bad0d26720d462cd38bd7c05ce834fe1d3f886f619903ece0bde331

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 NETWORKHEADERBG-1.png
ep67mn3zn7v.exactdn.com/wp-content/uploads/2022/06/ 40 KB
40 KB 5ms
5ms Image
image/webp 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/uploads/2022/06/NETWORKHEADERBG-1.png?strip=all&lossy=1&ssl=1

Requested by

Host: ep67mn3zn7v.exactdn.com
URL: https://ep67mn3zn7v.exactdn.com/wp-content/uploads/elementor/css/post-1386.css?ver=1686602257

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

2cb2dbcaef23560aab640aaa379e55b607c905a3f8f41b813679e5e503ecdf17

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ep67mn3zn7v.exactdn.com/wp-content/uploads/elementor/css/post-1386.css?ver=1686602257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Fri, 07 Jun 2024 21:19:25 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/08/2023 22:10:38
cdn-pullzone: 788245
content-length: 40664
last-modified: Thu, 25 May 2023 21:32:37 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
content-type: image/webp
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: d960a5af4fd1ff7735833b6e1ac16a14
link: <https://cofense.com/wp-content/uploads/2022/06/NETWORKHEADERBG-1.png>; rel="canonical"
cdn-requestcountrycode: SG
cdn-status: 200
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullsuccess: True

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 37 KB
38 KB 134ms
31ms Font
font/woff2 2404:6800:4017:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4017:803::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cofense.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 03:21:12 GMT
x-content-type-options: nosniff
age: 163280
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37924
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 10 Jun 2024 03:21:12 GMT

GET
H2 404 Inter-Medium.ttf
ep67mn3zn7v.exactdn.com/wp-content/uploads/2022/05/ 0
0 293ms
279ms Font
text/html 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ep67mn3zn7v.exactdn.com/wp-content/uploads/2022/05/Inter-Medium.ttf
Requested by: Host: ep67mn3zn7v.exactdn.com
URL: https://ep67mn3zn7v.exactdn.com/wp-content/uploads/elementor/css/post-15.css?ver=1686602252
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-SG1-868 /
Resource Hash

Request headers

Referer: https://ep67mn3zn7v.exactdn.com/wp-content/uploads/elementor/css/post-15.css?ver=1686602252
Origin: https://cofense.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 00:42:33 GMT
content-encoding: br
cdn-edgestorageid: 868
cdn-cachedat: 06/13/2023 00:42:33
cdn-pullzone: 788245
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 404
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cdn-cache: MISS
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: no-cache
cdn-requestid: ee97ac65a951e3b73b39993f3ce9ea1e
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 404
cdn-requestpullsuccess: True

GET
H2 200 fa-solid-900.woff2
ep67mn3zn7v.exactdn.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 76 KB
77 KB 29ms
15ms Font
font/woff2 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2

Requested by

Host: ep67mn3zn7v.exactdn.com
URL: https://ep67mn3zn7v.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=1686602260

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ep67mn3zn7v.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=1686602260
Origin: https://cofense.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Fri, 07 Jun 2024 21:15:07 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/08/2023 22:10:38
cdn-pullzone: 788245
content-length: 78196
last-modified: Thu, 25 May 2023 21:32:04 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: abf25e2d905db01cef24c6208dd9baba
link: <https://cofense.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2>; rel="canonical"
cdn-requestcountrycode: SG
cdn-status: 200
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullsuccess: True

GET
H2 200 fa-brands-400.woff2
ep67mn3zn7v.exactdn.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 75 KB
76 KB 21ms
9ms Font
font/woff2 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2

Requested by

Host: ep67mn3zn7v.exactdn.com
URL: https://ep67mn3zn7v.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=1686602260

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ep67mn3zn7v.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=1686602260
Origin: https://cofense.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Fri, 24 May 2024 21:32:14 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 05/26/2023 01:01:06
cdn-pullzone: 788245
content-length: 76764
last-modified: Thu, 25 May 2023 21:32:14 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 60746bb4a708039b93506ecad165cc17
link: <https://cofense.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2>; rel="canonical"
cdn-requestcountrycode: SG
cdn-status: 200
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullsuccess: True

GET
H2 200 6si.min.js Show response
j.6sc.co/ 35 KB
11 KB 244ms
6ms Script
application/javascript 96.17.96.30
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: t.co
URL: https://t.co/ne4n9AEAfH?twclid=26xzi0j9ozt3w1adoo6y0jdimn

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.17.96.30 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a96-17-96-30.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

4aec96eddab69454e554bb60664da2e5043c363ebef6921644f619523e7274d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Jun 2023 00:42:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 17 May 2023 00:27:16 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "64641f64-8a3f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 11052
expires: Tue, 13 Jun 2023 00:42:33 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 45ms
6ms Script
application/x-javascript 2600:1413:1::17d3:8c70
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5RQ37KH

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1413:1::17d3:8c70 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=74212
accept-ranges: bytes
content-length: 4777

GET
H2 403 lt-v3.js
lltrck.com/scripts/ 0
0 861ms
238ms Script
text/html 52.206.79.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://lltrck.com/scripts/lt-v3.js?llid=19612
Requested by: Host: t.co
URL: https://t.co/ne4n9AEAfH?twclid=26xzi0j9ozt3w1adoo6y0jdimn
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.79.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-79-35.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H2 200 2Uq3HoQoVZEHgHXXf288 Show response
ws.zoominfo.com/pixel/ 3 KB
2 KB 388ms
374ms Script
text/javascript 2606:4700::6810:650c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/2Uq3HoQoVZEHgHXXf288

Requested by

Host: t.co
URL: https://t.co/ne4n9AEAfH?twclid=26xzi0j9ozt3w1adoo6y0jdimn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:650c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

8883dd467afa3bb47df040808f726f0608b48c35279e0231815d2297b4717505

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 00:42:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7d664b53db2e3e42-SIN
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 242ms
3ms Script
application/x-javascript 23.50.91.74
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: t.co
URL: https://t.co/ne4n9AEAfH?twclid=26xzi0j9ozt3w1adoo6y0jdimn
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.50.91.74 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-50-91-74.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Tue, 13 Jun 2023 00:42:33 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H2 200 oktrk.js Show response
static.oktopost.com/ 9 KB
4 KB 904ms
260ms Script
application/javascript 108.138.189.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.oktopost.com/oktrk.js
Requested by: Host: t.co
URL: https://t.co/ne4n9AEAfH?twclid=26xzi0j9ozt3w1adoo6y0jdimn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.189.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-189-68.mxp64.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 09016600a13dd4825b72516765a8da53d1ab896f7582c4619d014e8ee147ea84

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 15:02:17 GMT
content-encoding: gzip
via: 1.1 e502901885892afe656ee1a0e9f33d48.cloudfront.net (CloudFront)
last-modified: Mon, 27 Jan 2020 09:47:41 GMT
server: AmazonS3
x-amz-cf-pop: MXP64-P1
age: 34824
etag: W/"57315c24d6fec75c4d46a8cc3fa6e0d5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: PFOxYDXixVBOx9rE0pLIoxWY7dff-kKt9flfbDIcp-rcCuwkf6dcyA==

GET
H2 200 tracking.js Show response
trk.techtarget.com/ 3 KB
2 KB 66ms
33ms Script
text/javascript 2606:4700::6812:d9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trk.techtarget.com/tracking.js
Requested by: Host: t.co
URL: https://t.co/ne4n9AEAfH?twclid=26xzi0j9ozt3w1adoo6y0jdimn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d9f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 15:01:39 GMT
server: cloudflare
age: 74381
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=1200
cf-ray: 7d664b53fd70496f-SIN
expires: Tue, 13 Jun 2023 01:02:32 GMT

GET
H2 200 ed9ggbnvvo Show response
www.clarity.ms/tag/ 1 KB
2 KB 273ms
233ms Script
application/x-javascript 2620:1ec:bdf::59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/ed9ggbnvvo?ref=gtm2
Requested by: Host: t.co
URL: https://t.co/ne4n9AEAfH?twclid=26xzi0j9ozt3w1adoo6y0jdimn
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::59 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4fb9a83d48d26f707a6de17e03f8d0fa8c127ae754583ecce65d7720d4bc819b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
date: Tue, 13 Jun 2023 00:42:32 GMT
x-azure-ref: 0eLuHZAAAAAASvs/cEL7CSZ5yvqeu5uCfU0lOMzBFREdFMDIxMwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
content-length: 1213
expires: -1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 276 KB
91 KB 19ms
18ms Script
application/javascript 2404:6800:4003:c02::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3G76T4W3LR&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5RQ37KH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

048adc90c4557d0f23a5cdb42ff2bb79ea8ba1086f4ac45835e0f4d432d40d16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92929
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 13 Jun 2023 00:42:32 GMT

GET
H2 200 cofense.png
ep67mn3zn7v.exactdn.com/wp-content/uploads/2022/06/ 3 KB
4 KB 4ms
4ms Image
image/webp 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/uploads/2022/06/cofense.png?strip=all&lossy=1&ssl=1

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

c45f781964e97c179059fb620032eddab4a86bf8af6cd3f7460b2fa839fedb10

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Fri, 24 May 2024 21:34:12 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 05/25/2023 22:06:57
cdn-pullzone: 788245
content-length: 3568
last-modified: Thu, 25 May 2023 21:32:05 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
content-type: image/webp
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 3d1453eb4586c55c91300a1b2b24321f
link: <https://cofense.com/wp-content/uploads/2022/06/cofense.png>; rel="canonical"
cdn-requestcountrycode: SG
cdn-status: 200
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullsuccess: True

GET
H2 200 Figure-1.jpg
ep67mn3zn7v.exactdn.com/wp-content/uploads/2023/05/ 58 KB
59 KB 5ms
5ms Image
image/webp 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/uploads/2023/05/Figure-1.jpg?strip=all&lossy=1&resize=1920%2C918&ssl=1

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

4cf7ad6c18aea20fad38d22db5b87bf5c1f0d8c450eb0a786e31c4594d2a8853

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Tue, 11 Jun 2024 20:40:47 GMT
date: Tue, 13 Jun 2023 00:42:32 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/13/2023 00:16:09
cdn-pullzone: 788245
content-length: 59322
last-modified: Thu, 25 May 2023 21:51:35 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
content-type: image/webp
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 9f4f36a7dc2890c1f18a110813f9d0b7
link: <https://cofense.com/wp-content/uploads/2023/05/Figure-1.jpg>; rel="canonical"
cdn-requestcountrycode: SG
cdn-status: 200
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullsuccess: True

GET
H2 200 9017396.js Show response
extend.vimeocdn.com/ga/ 17 KB
6 KB 230ms
5ms Script
text/javascript 199.232.46.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://extend.vimeocdn.com/ga/9017396.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5RQ37KH
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.46.109 , Singapore, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 6c649cc3d4aee7683250622541a6045ad4ac3beb93df1fcdd3ec1f7f12a1ff44

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-cache-hits: 185643
date: Tue, 13 Jun 2023 00:42:33 GMT
content-encoding: gzip
via: 1.1 varnish
age: 24556228
x-cache: HIT
content-length: 5579
x-served-by: cache-qpg1266-QPG
last-modified: Thu, 01 Sep 2022 18:23:26 GMT
server: Apache
x-timer: S1686616953.149159,VS0,VE0
etag: "421e-5e7a1b598e380-gzip"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
x-vimeo-dc: ge
x-bapp-server: assets-67ff759c65-d4s6p
cache-control: max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Aug 2032 19:32:06 GMT

GET
H2 200 dialog.min.js Show response
cofense.com/wp-content/plugins/elementor/assets/lib/dialog/ 10 KB
4 KB 302ms
302ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
Requested by: Host: ep67mn3zn7v.exactdn.com
URL: https://ep67mn3zn7v.exactdn.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.13.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9ba3d0c5d5408e00becd36ad394fa9ad9c0616741ebdd6dddc8e837db3605ba

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 00:42:33 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Apr 2023 20:42:16 GMT
server: cloudflare
etag: W/"64405228-29fd"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7d664b53fe0b899e-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 226ms
31ms Script
text/javascript 2404:6800:4017:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5RQ37KH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4017:805::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 12 Jun 2023 23:13:25 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 5348
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Tue, 13 Jun 2023 01:13:25 GMT

GET
H2 200 nav-menu.3347cc64f9b3d71f7f0c.bundle.min.js Show response
cofense.com/wp-content/plugins/elementor-pro/assets/js/ 5 KB
2 KB 303ms
301ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/elementor-pro/assets/js/nav-menu.3347cc64f9b3d71f7f0c.bundle.min.js
Requested by: Host: ep67mn3zn7v.exactdn.com
URL: https://ep67mn3zn7v.exactdn.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.13.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8ca05b79f50f584d7d9da9273bd20c241ec7eadf0c8592cd37cb3c1afbc7ed6

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 00:42:33 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 23 May 2023 20:21:21 GMT
server: cloudflare
etag: W/"646d2041-1231"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7d664b540e16899e-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 text-editor.2c35aafbe5bf0e127950.bundle.min.js Show response
cofense.com/wp-content/plugins/elementor/assets/js/ 1 KB
893 B 281ms
281ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
Requested by: Host: ep67mn3zn7v.exactdn.com
URL: https://ep67mn3zn7v.exactdn.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.13.4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dd40c1df9167d9d73fb014f4d1b4317e9455e08deb5738e7914e579e7662c78

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 00:42:33 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 30 May 2023 20:35:21 GMT
server: cloudflare
etag: W/"64765e09-550"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7d664b542fab48d0-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 share-buttons.0bdd88c45462dfb2b073.bundle.min.js Show response
cofense.com/wp-content/plugins/elementor-pro/assets/js/ 1 KB
786 B 284ms
283ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/elementor-pro/assets/js/share-buttons.0bdd88c45462dfb2b073.bundle.min.js
Requested by: Host: ep67mn3zn7v.exactdn.com
URL: https://ep67mn3zn7v.exactdn.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.13.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 198905bddb47215ef14ccde8955cacd96f6b9170681ded0d57305601642da798

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 00:42:33 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 23 May 2023 20:21:22 GMT
server: cloudflare
etag: W/"646d2042-4bd"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7d664b543fc148d0-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 load-more.c9f6aac03af905f4e206.bundle.min.js Show response
cofense.com/wp-content/plugins/elementor-pro/assets/js/ 5 KB
2 KB 279ms
279ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/elementor-pro/assets/js/load-more.c9f6aac03af905f4e206.bundle.min.js
Requested by: Host: ep67mn3zn7v.exactdn.com
URL: https://ep67mn3zn7v.exactdn.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.13.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60c30c30b2994c53ef3cabd89167d58914408912f4e7ebefa163997f1603f8f2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 00:42:33 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 23 May 2023 20:21:21 GMT
server: cloudflare
etag: W/"646d2041-15eb"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7d664b544fc448d0-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 posts.e33113a212454e383747.bundle.min.js Show response
cofense.com/wp-content/plugins/elementor-pro/assets/js/ 3 KB
1 KB 300ms
299ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/elementor-pro/assets/js/posts.e33113a212454e383747.bundle.min.js
Requested by: Host: ep67mn3zn7v.exactdn.com
URL: https://ep67mn3zn7v.exactdn.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.13.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f02bfc3bc0b8301eb6099b0af18bf0a90a11a50891564a4a6f3697625b3167e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 00:42:33 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 23 May 2023 20:21:22 GMT
server: cloudflare
etag: W/"646d2042-cfd"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7d664b544fc548d0-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 Figure-2.png
ep67mn3zn7v.exactdn.com/wp-content/uploads/2023/05/ 9 KB
10 KB 4ms
4ms Image
image/webp 2400:52e0:1500::868:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ep67mn3zn7v.exactdn.com/wp-content/uploads/2023/05/Figure-2.png?strip=all&lossy=1&resize=980%2C262&ssl=1

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1500::868:1 , Singapore, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-SG1-868 /

Resource Hash

baa86679ca6a270b4c8ac4f17ffe54da6fbe6c60543b0cd49a720611c66f1694

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Tue, 11 Jun 2024 20:40:59 GMT
date: Tue, 13 Jun 2023 00:42:33 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 868
cdn-cachedat: 06/13/2023 00:16:22
cdn-pullzone: 788245
content-length: 9216
last-modified: Thu, 25 May 2023 21:51:35 GMT
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 200
content-type: image/webp
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: c3cb5870d126661c04b2164d1c882059
link: <https://cofense.com/wp-content/uploads/2023/05/Figure-2.png>; rel="canonical"
cdn-requestcountrycode: SG
cdn-status: 200
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullsuccess: True

GET
H2 200 gif.gif Show response
ibc-flow.techtarget.com/a/ 43 B
466 B 235ms
234ms XHR
image/gif 34.111.208.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=17654763&r=1686616953037&ref=https%3A%2F%2Fcofense.com%2Fblog%2Fthreat-actors-impersonate-email-security-providers-to-steal-user-credentials%2F&version=2.4
Requested by: Host: trk.techtarget.com
URL: https://trk.techtarget.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.208.111.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

ibc_rate_tier: 17654763
Referer: https://cofense.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 00:42:33 GMT
via: 1.1 google
x-guploader-uploadid: ADPycdu5JYz-DFZ3ffhk4WzMo3Sn5UqWPL-XnADQm3g6SFg9K4KoYLjPaVLFY-1dVEw_QiufCMPHA5tTL1LRMYetkps7Rg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
last-modified: Thu, 08 Dec 2022 21:19:29 GMT
server: nginx/1.20.2
etag: "fc94fb0c3ed8a8f909dbc7630a0987ff"
vary: Origin
x-goog-generation: 1670534369365034
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=7uenZA==, md5=/JT7DD7YqPkJ28djCgmH/w==
cache-control: public, max-age=3600
access-control-allow-methods: GET, POST, OPTIONS
x-goog-stored-content-length: 43
accept-ranges: bytes
access-control-allow-headers: ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
expires: Tue, 13 Jun 2023 01:42:33 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/300721/domain/cofense.com/ 36 B
375 B 117ms
5ms XHR
application/json 2600:9000:20c7:6200:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/300721/domain/cofense.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c7:6200:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://cofense.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 23:44:26 GMT
content-encoding: gzip
via: 1.1 ae495479ab117e6473f411eb6dd0ba98.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN5-C1
age: 3487
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: Mw_TtJDnLTzoE6-M56EZ-gcDxiS1VTV-rQXV3i0g9AypXDcD5FiPvw==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=300721&time=1686616953040&url=https%3A%2F%2Fcofense.com%2Fblog%2Fthreat-actors-impersonate-email-security-providers-to-steal-user-credentials%2F&t...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=300721&time=1686616953040&url=https%3A%2F%2Fcofense.com%2Fblog%2Fthreat-actors-impersonate-email-security-providers-to-steal-user-credentials%2F&t...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D300721%26time%3D1686616953040%26url%3Dhttps%253A%252F%252Fcofense.com%252Fblog%25...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=300721&time=1686616953040&url=https%3A%2F%2Fcofense.com%2Fblog%2Fthreat-actors-impersonate-email-security-providers-to-steal-user-credentials%2F&t...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=300721&time=1686616953040&url=https%3A%2F%2Fcofense.com%2Fblog%2Fthreat-actors-impersonate-email-security-providers-to-steal-user-credentials%2F&...

0
488 B

665ms
210ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=300721&time=1686616953040&url=https%3A%2F%2Fcofense.com%2Fblog%2Fthreat-actors-impersonate-email-security-providers-to-steal-user-credentials%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQJcpir-z-DxPQAAAYiyNFRNEbCD2GRhAgUfa_PRczpjUjSs2wxmqVZQxS1wPEutjlxsV5tz848M
Requested by: Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 00:42:34 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 119D7909136C47D0861536D6848DA85A Ref B: SIN30EDGE0822 Ref C: 2023-06-13T00:42:34Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX9+Bxzah6goT3QWFirNQ==

Redirect headers

date: Tue, 13 Jun 2023 00:42:33 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 2B524A763CE547A2BDC8E87A70D21863 Ref B: SIN30EDGE0717 Ref C: 2023-06-13T00:42:33Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=300721&time=1686616953040&url=https%3A%2F%2Fcofense.com%2Fblog%2Fthreat-actors-impersonate-email-security-providers-to-steal-user-credentials%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQJcpir-z-DxPQAAAYiyNFRNEbCD2GRhAgUfa_PRczpjUjSs2wxmqVZQxS1wPEutjlxsV5tz848M
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX9+BxpNLA3sma3Xpt5eQ==

POST
H2 204 collect
analytics.google.com/g/ 0
242 B 16ms
5ms Ping
text/plain 2001:4860:4802:32::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-3G76T4W3LR&gtm=45je36c0&_p=1714881797&_gaz=1&cid=1048073745.1686616953&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1686616953&sct=1&seg=0&dl=https%3A%2F%2Fcofense.com%2Fblog%2Fthreat-actors-impersonate-email-security-providers-to-steal-user-credentials%2F&dr=https%3A%2F%2Ft.co%2F&dt=Threat%20Actors%20Impersonate%20Email%20Security%20Providers%20%7C%20Cofense&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3G76T4W3LR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Jun 2023 00:42:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cofense.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 16ms
4ms Ping
text/plain 2404:6800:4003:c01::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3G76T4W3LR&cid=1048073745.1686616953&gtm=45je36c0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3G76T4W3LR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c01::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Jun 2023 00:42:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cofense.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.sg/ads/ 42 B
408 B 167ms
65ms Image
image/gif 2404:6800:4017:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3G76T4W3LR&cid=1048073745.1686616953&gtm=45je36c0&aip=1&z=736674535

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4017:804::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Jun 2023 00:42:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 gif.gif
ibc-flow.techtarget.com/a/ Frame 0
0 340ms
229ms Preflight
text/html 34.111.208.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=17654763&r=1686616953037&ref=https%3A%2F%2Fcofense.com%2Fblog%2Fthreat-actors-impersonate-email-security-providers-to-steal-user-credentials%2F&version=2.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.208.111.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: ibc_rate_tier
Access-Control-Request-Method: GET
Origin: https://cofense.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-headers: ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 13 Jun 2023 00:42:33 GMT
expires: Tue, 13 Jun 2023 00:42:33 GMT
server: nginx/1.20.2
vary: Origin
via: 1.1 google
x-guploader-uploadid: ADPycdutEPqHdO25-L4sVzd0BJYDB134RKtUUFbpc-1VGoWcsMBUL1lz4CbzyCOgRfhySGs2DAQEDG7JoKlhDLRbwzMnkkdlbO3n

GET
H/1.1 200
OK getuidj Show response
secure.adnxs.com/ 11 B
815 B 347ms
3ms XHR
application/json 103.43.90.117
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.117 , Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Jun 2023 00:42:33 GMT
AN-X-Request-Uuid: 4c195292-640a-4973-b63a-aca092f428d2
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://cofense.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 209.58.162.239; 209.58.162.239; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
190 B 152ms
8ms XHR
text/html 96.17.96.30
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.17.96.30 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a96-17-96-30.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 00:42:33 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://cofense.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 23 B
305 B 130ms
7ms XHR
text/html 2600:1413:1::1734:abe3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1413:1::1734:abe3 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 90ba6df4a03d5cf38eefa0c0239f20da47e5903f77f54759f2051ac73b2c9d26

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Jun 2023 00:42:33 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://cofense.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2001:df1:800:a00a:12::9
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468504_389327839_528109122_124_746_2_0_-";dur=1
content-length: 23
expires: Tue, 13 Jun 2023 00:42:33 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
190 B 149ms
8ms XHR
text/html 96.17.96.30
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.17.96.30 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a96-17-96-30.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 00:42:33 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://cofense.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 23 B
305 B 127ms
7ms XHR
text/html 2600:1413:1::1734:abe3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1413:1::1734:abe3 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 90ba6df4a03d5cf38eefa0c0239f20da47e5903f77f54759f2051ac73b2c9d26

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Jun 2023 00:42:33 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://cofense.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2001:df1:800:a00a:12::9
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468504_389327839_528109123_24_1017_2_0_-";dur=1
content-length: 23
expires: Tue, 13 Jun 2023 00:42:33 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ 11 KB
5 KB 10ms
9ms Script
application/x-javascript 23.50.91.74
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.50.91.74 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-50-91-74.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Tue, 13 Jun 2023 00:42:33 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Thu, 21 Sep 2023 00:42:33 GMT

POST
H/1.1 200
OK visitWebPage
404-jhu-612.mktoresp.com/webevents/ 2 B
318 B 1145ms
244ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://404-jhu-612.mktoresp.com/webevents/visitWebPage?_mchNc=1686616953182&_mchCn=&_mchId=404-JHU-612&_mchTk=_mch-cofense.com-1686616953182-21190&_mchHo=cofense.com&_mchPo=&_mchRu=%2Fblog%2Fthreat-actors-impersonate-email-security-providers-to-steal-user-credentials%2F&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=https%3A%2F%2Ft.co%2F&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Tue, 13 Jun 2023 00:42:34 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 13e61721-4c51-4a87-bdf9-91f570aec824

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.8/ 57 KB
20 KB 7ms
6ms Script
application/javascript 2620:1ec:bdf::59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.8/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/ed9ggbnvvo?ref=gtm2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::59 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 00:42:32 GMT
content-encoding: br
last-modified: Sun, 11 Jun 2023 14:39:28 GMT
x-azure-ref-originshield: 0JqSHZAAAAADLSbLI/r18TbKPTjYIt3WbU0lOMjIxMDgwNzE3MDI5ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag: "0x8DB6A89A97D1146"
x-azure-ref: 0ebuHZAAAAACn7lhhg4dxTrFKfGG+17zKU0lOMzBFREdFMDIxMwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: TCP_HIT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: e85ffbf5-401e-0068-29ee-9c484b000000
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
accept-ranges: bytes

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 8 B
155 B 8ms
6ms XHR
text/plain 2404:6800:4003:c01::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-114787942-1&cid=1048073745.1686616953&jid=414665372&gjid=1811066124&_gid=2141793125.1686616953&_u=YCDAgUABAAAAAEAAI~&z=308455106

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

17bd1c297a7fd1221272d080053f887bb97c03bfc16d6f96bdd7f08bf87dbbd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cofense.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 13 Jun 2023 00:42:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cofense.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 34ms
33ms Image
image/gif 2404:6800:4017:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&aip=1&a=1714881797&t=pageview&_s=1&dl=https%3A%2F%2Fcofense.com%2Fblog%2Fthreat-actors-impersonate-email-security-providers-to-steal-user-credentials%2F&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Threat%20Actors%20Impersonate%20Email%20Security%20Providers%20%7C%20Cofense&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgUABAAAAAAAAI~&jid=414665372&gjid=1811066124&cid=1048073745.1686616953&tid=UA-114787942-1&_gid=2141793125.1686616953&gtm=45He36c0n815RQ37KH&z=2007649115

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4017:805::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 15:22:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 33620
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 164ms
65ms Image
image/gif 2404:6800:4017:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-114787942-1&cid=1048073745.1686616953&jid=414665372&_u=YCDAgUABAAAAAEAAI~&z=838557584

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4017:803::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Jun 2023 00:42:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.sg/ads/ 42 B
107 B 65ms
64ms Image
image/gif 2404:6800:4017:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-114787942-1&cid=1048073745.1686616953&jid=414665372&_u=YCDAgUABAAAAAEAAI~&z=838557584

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4017:804::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Jun 2023 00:42:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 471ms
463ms Image
image/gif 96.17.96.30
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=b253130e4accad98012a3abe3f4b4c7a&svisitor=null&visitor=8365ef44-ff26-403d-83c9-d49ca5a50ee4&session=8b678e3b-c4a9-449a-88c3-d3c03640d4e8&event=ipv6&q=%7B%22address%22%3A%222001%3Adf1%3A800%3Aa00a%3A12%3A%3A9%22%7D&isIframe=false&m=%7B%22description%22%3A%22Find%20out%20how%20threat%20actors%20use%20malicious%20attachments%20to%20impersonate%20email%20security%20providers%20%26%20steal%20user%20credentials.%20Learn%20more%20about%20this%20alarming%20trend%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Threat%20Actors%20Impersonate%20Email%20Security%20Providers%20%7C%20Cofense%22%7D&cb=&r=https%3A%2F%2Ft.co%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fcofense.com%2Fblog%2Fthreat-actors-impersonate-email-security-providers-to-steal-user-credentials%2F&pageViewId=397735c8-e987-414a-8c10-c3e278b57e31

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.17.96.30 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a96-17-96-30.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 00:42:33 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H3 200 share-link.min.js Show response
cofense.com/wp-content/plugins/elementor/assets/lib/share-link/ 3 KB
1 KB 949ms
949ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.13.4
Requested by: Host: ep67mn3zn7v.exactdn.com
URL: https://ep67mn3zn7v.exactdn.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.13.4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 138154c0deed3326477b9b4909175101070a5a3a95342291b53d8cc9879a5f47

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 00:42:34 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Apr 2023 20:42:16 GMT
server: cloudflare
etag: W/"64405228-a3c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7d664b56692d48d0-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 details Show response
epsilon.6sense.com/v3/company/ 758 B
572 B 415ms
256ms XHR
application/json 18.180.44.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.180.44.215 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-180-44-215.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 44f88db6af9c507b2a85cd509a64018e574fb3455aa672d84be2ff3dfba6a2e3

Request headers

Referer: https://cofense.com/
accept-language: zh-SG,zh;q=0.9
Authorization: Token a9e769d7d96a596f969b9dc5023033e21a69bf40
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 00:42:34 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://cofense.com
access-control-allow-credentials: true
content-length: 390

OPTIONS
H2 200 details
epsilon.6sense.com/v3/company/ Frame 0
0 375ms
75ms Preflight 18.180.44.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.180.44.215 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-180-44-215.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://cofense.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://cofense.com
access-control-max-age: 1800
date: Tue, 13 Jun 2023 00:42:33 GMT
server: nginx

POST
H/1.1 204
No Content collect Show response
s.clarity.ms/ 0
291 B 738ms
235ms XHR
text/plain 23.96.124.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.68 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://cofense.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://cofense.com
Date: Tue, 13 Jun 2023 00:42:33 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 467ms
467ms Image
image/gif 96.17.96.30
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=b253130e4accad98012a3abe3f4b4c7a&svisitor=null&visitor=8365ef44-ff26-403d-83c9-d49ca5a50ee4&session=8b678e3b-c4a9-449a-88c3-d3c03640d4e8&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Tue%2C%2013%20Jun%202023%2000%3A42%3A33%20GMT%22%2C%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2013%20Jun%202023%2000%3A42%3A33%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22b253130e4accad98012a3abe3f4b4c7a%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2013%20Jun%202023%2000%3A42%3A33%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableRetargeting%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2013%20Jun%202023%2000%3A42%3A33%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2013%20Jun%202023%2000%3A42%3A33%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2013%20Jun%202023%2000%3A42%3A33%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22b253130e4accad98012a3abe3f4b4c7a%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2013%20Jun%202023%2000%3A42%3A33%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2013%20Jun%202023%2000%3A42%3A33%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%22a9e769d7d96a596f969b9dc5023033e21a69bf40%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2013%20Jun%202023%2000%3A42%3A33%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22%5Btrue%2Cnull%2C3%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2013%20Jun%202023%2000%3A42%3A33%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22Find%20out%20how%20threat%20actors%20use%20malicious%20attachments%20to%20impersonate%20email%20security%20providers%20%26%20steal%20user%20credentials.%20Learn%20more%20about%20this%20alarming%20trend%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Threat%20Actors%20Impersonate%20Email%20Security%20Providers%20%7C%20Cofense%22%7D&cb=&r=https%3A%2F%2Ft.co%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fcofense.com%2Fblog%2Fthreat-actors-impersonate-email-security-providers-to-steal-user-credentials%2F&pageViewId=397735c8-e987-414a-8c10-c3e278b57e31

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.17.96.30 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a96-17-96-30.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 00:42:33 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
BLOB 200
OK 2bd1538a-f264-47a9-b4c5-3d704250c80c
https://cofense.com/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://cofense.com/2bd1538a-f264-47a9-b4c5-3d704250c80c
Requested by: Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Length: 43
Content-Type: image/gif

POST
H/1.1 204
No Content collect Show response
s.clarity.ms/ 0
291 B 831ms
507ms XHR
text/plain 23.96.124.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.68 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://cofense.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://cofense.com
Date: Tue, 13 Jun 2023 00:42:34 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H2 200 ping Show response
okt.to/ 0
100 B 933ms
262ms Script
text/javascript 52.20.195.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://okt.to/ping?uri=%2Fblog%2Fthreat-actors-impersonate-email-security-providers-to-steal-user-credentials%2F&aid=001shx33p56dsdg&ts=1686616953822

Requested by

Host: static.oktopost.com
URL: https://static.oktopost.com/oktrk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.20.195.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-20-195-32.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 00:42:34 GMT
strict-transport-security: max-age=31536000;
content-type: text/javascript;charset=UTF-8

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
486 B 451ms
451ms Image
image/gif 96.17.96.30
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: cofense.com
URL: https://cofense.com/blog/threat-actors-impersonate-email-security-providers-to-steal-user-credentials/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.17.96.30 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a96-17-96-30.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 00:42:34 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=068E0433B7EA47ECB6B118AE4864FD6D&RedC=c.clarity.ms&MXFR=39222A2659A36348320039095DA36D9B
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=068E0433B7EA47ECB6B118AE4864FD6D&MUID=3A549E14FAC569AA0ED28D3BFB9F68C0

42 B
467 B

41ms
40ms

Image
image/gif

20.205.115.81
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=068E0433B7EA47ECB6B118AE4864FD6D&MUID=3A549E14FAC569AA0ED28D3BFB9F68C0
Protocol: H2
Server: 20.205.115.81 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Jun 2023 00:42:34 GMT
last-modified: Tue, 06 Jun 2023 16:36:02 GMT
server: Microsoft-IIS/10.0
etag: "7b637fb9498d91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 13 Jun 2023 00:42:33 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6F051B184B0D40F1A25A9E0EFE14040B Ref B: SIN30EDGE0820 Ref C: 2023-06-13T00:42:34Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=068E0433B7EA47ECB6B118AE4864FD6D&MUID=3A549E14FAC569AA0ED28D3BFB9F68C0
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 453ms
453ms Image
image/gif 96.17.96.30
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.17.96.30 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a96-17-96-30.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 00:42:35 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK messenger Show response
app.qualified.com/w/1/H3wWDXLUxD4irieG/ Frame F0C2 6 KB
3 KB 783ms
267ms Document
text/html 34.196.185.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.qualified.com/w/1/H3wWDXLUxD4irieG/messenger?uuid=890511f4-6d8f-47e6-a50b-b777a686cec8

Requested by

Host: js.qualified.com
URL: https://js.qualified.com/qualified.js?token=H3wWDXLUxD4irieG

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.196.185.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-196-185-66.compute-1.amazonaws.com

Software

nginx /

Resource Hash

efa63d0594b48edc92d2f0934b76d85bc22a8de8a2f40bb0f1712fe2ea7c6b84

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cofense.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

Cache-Control: max-age=0, private, must-revalidate
Content-Encoding: gzip
Content-Length: 1716
Content-Security-Policy
Content-Type: text/html; charset=utf-8
Date: Tue, 13 Jun 2023 00:42:36 GMT
Etag: W/"efa63d0594b48edc92d2f0934b76d85b"
Link: <https://assets.qualified.com/packs/css/vendors~widget/sandboxed/messenger-94e6eccc.chunk.css>; rel=preload; as=style; nopush,<https://assets.qualified.com/packs/css/widget/sandboxed/messenger-84a66aeb.chunk.css>; rel=preload; as=style; nopush
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx
Strict-Transport-Security: max-age=63072000; includeSubDomains
Vary: Accept-Encoding
Via: 1.1 spaces-router (devel)
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: f8e9918e-7159-c3f5-a02b-0eb02c215d52
X-Runtime: 0.018816
X-Xss-Protection: 1; mode=block

POST
H/1.1 204
No Content collect Show response
s.clarity.ms/ 0
291 B 234ms
234ms XHR
text/plain 23.96.124.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.68 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://cofense.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://cofense.com
Date: Tue, 13 Jun 2023 00:42:36 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 451ms
450ms Image
image/gif 96.17.96.30
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.17.96.30 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a96-17-96-30.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 00:42:36 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 messenger-94e6eccc.chunk.css
assets.qualified.com/packs/css/vendors~widget/sandboxed/ Frame F0C2 35 KB
7 KB 24ms
16ms Stylesheet
text/css 2606:4700::6812:1005
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/css/vendors~widget/sandboxed/messenger-94e6eccc.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1005 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb3487cae40a55bf31dc6e6191ab0d88ec8c8f85c62bf28ad25ad0a40c16a611

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app.qualified.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 00:42:36 GMT
x-amz-version-id: BeCt0o6W_sJpQKXU6NerIHESFvUKg3Xm
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: H0AW26HJFVHC3SEC
age: 403
x-amz-server-side-encryption: AES256
x-amz-id-2: 9SXEq1OM3nU4CHp8MpGFZYIMm1lDEXIkHmiGPXV6bp8ErJSyRGYkHM77lhEU474cPlRmzFc5iDS5S/8klvv8ew==
last-modified: Wed, 08 Mar 2023 02:43:32 GMT
server: cloudflare
etag: W/"a788ecf510f83ee517cbaf79306145dd"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 7d664b6a0cfa9fe3-SIN
expires: Tue, 13 Jun 2023 04:42:36 GMT

GET
H2 200 messenger-84a66aeb.chunk.css
assets.qualified.com/packs/css/widget/sandboxed/ Frame F0C2 5 KB
1 KB 18ms
11ms Stylesheet
text/css 2606:4700::6812:1005
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/css/widget/sandboxed/messenger-84a66aeb.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1005 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ec35ab99388f6afab345622a22772619b83b7d63705d98df3c404da782fcabb

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app.qualified.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 00:42:36 GMT
x-amz-version-id: 5Ydu6k4rPSG3QXcV_n2ryczMueyoFhYW
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Jan 2023 23:05:35 GMT
server: cloudflare
x-amz-request-id: 0SCJY3TRZB1DMV1C
age: 304
etag: W/"22d5f23e695250d3c5a5b1e76a015c5e"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 7d664b6a0cf99fe3-SIN
x-amz-id-2: jPbc2KXKgvE3F8RiFIl7pNnyoG9k2pI7l8wm5yy3ngc+XHSSkeJOfRPZJNQiLxpXveWnCt/yJek=
expires: Tue, 13 Jun 2023 04:42:36 GMT

GET
H2 200 messenger~runtime-e3d32b4e1ac9705dcd9c.js Show response
assets.qualified.com/packs/js/widget/sandboxed/ Frame F0C2 2 KB
2 KB 11ms
10ms Script
application/javascript 2606:4700::6812:1005
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/js/widget/sandboxed/messenger~runtime-e3d32b4e1ac9705dcd9c.js
Requested by: Host: app.qualified.com
URL: https://app.qualified.com/w/1/H3wWDXLUxD4irieG/messenger?uuid=890511f4-6d8f-47e6-a50b-b777a686cec8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1005 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f42783ad0d1bd53baf306b3660babf8183fc4e0379670e995afc98e1894848d7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app.qualified.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 00:42:36 GMT
x-amz-version-id: 0r1P.8uXVR7LaUjvwMoVKUIPrGF7YDsZ
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: SMRWWN11G32QHB1X
age: 4359
x-amz-server-side-encryption: AES256
x-amz-id-2: BIh7/V+sda2A+Y5TeB7eLg2SahwrFk/lr1FybwsT1em2/bVJwbI/T5P3/ajwFVB9JA8g3tHjFyk=
last-modified: Mon, 12 Jun 2023 23:27:50 GMT
server: cloudflare
etag: W/"762861a88ec2598462ef51836c4b9806"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 7d664b6a0cfb9fe3-SIN
expires: Tue, 13 Jun 2023 04:42:36 GMT

GET
H2 200 messenger-d0f79f48564dd7163469.chunk.js Show response
assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/ Frame F0C2 1 MB
344 KB 15ms
14ms Script
application/javascript 2606:4700::6812:1005
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-d0f79f48564dd7163469.chunk.js
Requested by: Host: app.qualified.com
URL: https://app.qualified.com/w/1/H3wWDXLUxD4irieG/messenger?uuid=890511f4-6d8f-47e6-a50b-b777a686cec8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1005 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f59a29fec29f623f2dbb2e96b3fd36aef041bbe8ea187832822d3de57ec493c6

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app.qualified.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 00:42:36 GMT
x-amz-version-id: Up_zal5wS1_McHSQMomuda.ppgrmh7h2
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: AJYF00DJKW5BA21Q
age: 403
x-amz-server-side-encryption: AES256
x-amz-id-2: lhEAu02Ib+Op0ET5uLCMFdTrpZiyMM6+Sl+lGGoHWRs8xs96Ge8HVUf2/r/7+1nfcguGg1IdEJY=
last-modified: Thu, 08 Jun 2023 00:03:38 GMT
server: cloudflare
etag: W/"2e46f6fc75cea3f880477d19a714a367"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 7d664b6a0cfc9fe3-SIN
expires: Tue, 13 Jun 2023 04:42:36 GMT

GET
H2 200 messenger-2522387b1c3184ec1ff5.chunk.js Show response
assets.qualified.com/packs/js/widget-sandboxed-chunks/widget/sandboxed/ Frame F0C2 604 KB
159 KB 29ms
29ms Script
application/javascript 2606:4700::6812:1005
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/widget/sandboxed/messenger-2522387b1c3184ec1ff5.chunk.js
Requested by: Host: app.qualified.com
URL: https://app.qualified.com/w/1/H3wWDXLUxD4irieG/messenger?uuid=890511f4-6d8f-47e6-a50b-b777a686cec8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1005 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f44ed9078d0e113115607ec3be84946a4b469b9edfdd78982ad61dc71dcc470

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app.qualified.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 00:42:36 GMT
x-amz-version-id: UPkRYPKTnNdxiL7XhTBgft6IcaLu_nKB
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: SMRMNAKG8NTNDD2Q
age: 4358
x-amz-server-side-encryption: AES256
x-amz-id-2: udWu7bmwgiiOqMkgzBAUKR2jiVNYDBFEDPKx659EnT/cBk0Q+YCg4qivAX3WxDHXH1uP6RL7n0g=
last-modified: Mon, 12 Jun 2023 23:27:50 GMT
server: cloudflare
etag: W/"addaaa487d784004762cde4b6f086532"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 7d664b6a1d089fe3-SIN
expires: Tue, 13 Jun 2023 04:42:36 GMT

GET
H2 200 Inter-Regular-c8ba52b05a9ef10f47584d08ece2ec5c.woff2
assets.qualified.com/packs/media/fonts/inter/ Frame F0C2 97 KB
97 KB 32ms
18ms Font
font/woff2 2606:4700::6812:1105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/media/fonts/inter/Inter-Regular-c8ba52b05a9ef10f47584d08ece2ec5c.woff2
Requested by: Host: app.qualified.com
URL: https://app.qualified.com/w/1/H3wWDXLUxD4irieG/messenger?uuid=890511f4-6d8f-47e6-a50b-b777a686cec8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6

Request headers

Referer: https://app.qualified.com/
Origin: https://app.qualified.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 00:42:36 GMT
x-amz-version-id: Ts0p7fbKsZIFu_VEk6HOvm9iYpTRKuos
cf-cache-status: HIT
x-amz-request-id: B6A368X96BCBCCRV
age: 16066820
content-length: 98868
x-amz-id-2: wZhbknhuROrJb6NtkTnQRns9wsjst/PLGd0T1p7Lkz7uHWvJRTiE1GUz+y5rmqtbvCAtWq1OiB0=
last-modified: Thu, 08 Dec 2022 23:17:25 GMT
server: cloudflare
etag: "dc131113894217b5031000575d9de002"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 7d664b6a2e7b9e41-SIN
expires: Wed, 12 Jun 2024 06:42:36 GMT

GET
H2 200 Inter-SemiBold-b5f0f109bc88052d4000c58ca615671d.woff2
assets.qualified.com/packs/media/fonts/inter/ Frame F0C2 103 KB
104 KB 68ms
54ms Font
font/woff2 2606:4700::6812:1105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/media/fonts/inter/Inter-SemiBold-b5f0f109bc88052d4000c58ca615671d.woff2
Requested by: Host: app.qualified.com
URL: https://app.qualified.com/w/1/H3wWDXLUxD4irieG/messenger?uuid=890511f4-6d8f-47e6-a50b-b777a686cec8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 152261291c938aa5aad6a56d52b47ffcb893d1c0387e76d7f270a7382ff786d5

Request headers

Referer: https://app.qualified.com/
Origin: https://app.qualified.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 00:42:36 GMT
x-amz-version-id: ePBeoMCujYBxKBCWHO9COs36tHcpJSw9
cf-cache-status: HIT
x-amz-request-id: B6AC42EK4DAY5VCW
age: 16066820
content-length: 105804
x-amz-id-2: SMj6Rlv9/lCY5CtKN8l2e5O6/dk//wybgMui0kNIconIoK3p8VL1ra/nhnGeE+Hzb9P8rjEQEIE=
last-modified: Thu, 08 Dec 2022 23:17:25 GMT
server: cloudflare
etag: "007ad31a53f4ab3f58ee74f2308482ce"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 7d664b6a2e7d9e41-SIN
expires: Wed, 12 Jun 2024 06:42:36 GMT

POST
H/1.1 200
OK / Show response
sentry.io/api/1332833/envelope/ Frame F0C2 2 B
442 B 869ms
216ms Fetch
application/json 35.188.42.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1332833/envelope/?sentry_key=b5158ee3382d49b28a864fb2b91bcaaf&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.11.1

Requested by

Host: assets.qualified.com
URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-d0f79f48564dd7163469.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.qualified.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 13 Jun 2023 00:42:37 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: nginx
vary: origin,access-control-request-method,access-control-request-headers
Content-Type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 2

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 511ms
511ms Image
image/gif 96.17.96.30
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.17.96.30 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a96-17-96-30.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 00:42:37 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 5ms
4ms Ping
text/plain 2001:4860:4802:32::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-3G76T4W3LR&gtm=45je36c0&_p=1714881797&cid=1048073745.1686616953&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1686616953&sct=1&seg=0&dl=https%3A%2F%2Fcofense.com%2Fblog%2Fthreat-actors-impersonate-email-security-providers-to-steal-user-credentials%2F&dr=https%3A%2F%2Ft.co%2F&dt=Threat%20Actors%20Impersonate%20Email%20Security%20Providers%20%7C%20Cofense&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3G76T4W3LR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cofense.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Jun 2023 00:42:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cofense.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 483ms
483ms Image
image/gif 96.17.96.30
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.17.96.30 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a96-17-96-30.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 00:42:38 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK 976848be5d3705f67929c776e7c981f073674577458bffa4c5df2500b43cc5d1.png
qualified-production.s3.us-east-1.amazonaws.com/uploads/ Frame F0C2 7 KB
7 KB 1162ms
251ms Image
image/png 52.217.134.50

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qualified-production.s3.us-east-1.amazonaws.com/uploads/976848be5d3705f67929c776e7c981f073674577458bffa4c5df2500b43cc5d1.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.134.50 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 35f2fd2da69d4fb87275d7ce76117c573c18ab9c6dbbd08429712af6346c26a3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://app.qualified.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Tue, 13 Jun 2023 00:42:40 GMT
Last-Modified: Thu, 20 Apr 2023 21:32:06 GMT
Server: AmazonS3
x-amz-request-id: ZB637N0ZVETCC2SC
ETag: "28067073f437880b9148c0ab27de6900"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Cache-Control: Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Length: 6908
x-amz-id-2: bTAraOMpcw66TRtp1pcGSF8mF16iJRJ6s2dT99tmu6k4xs/Zu62lSSuo7D4yBUvikvFoPMdmkxE=

GET img.gif
b.6sc.co/v1/beacon/ 0
0

GET
H2 200 Inter-roman.var-ba4caefcdf5b36b438db92786991c845.woff2
assets.qualified.com/packs/media/fonts/inter/ Frame F0C2 222 KB
222 KB 28ms
28ms Font
font/woff2 2606:4700::6812:1105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/media/fonts/inter/Inter-roman.var-ba4caefcdf5b36b438db92786991c845.woff2
Requested by: Host: assets.qualified.com
URL: https://assets.qualified.com/packs/css/widget/sandboxed/messenger-84a66aeb.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17fe38ab302c7e5dbfb5c3d87801092d79be958500db6412ed3bc0f126bd53d3

Request headers

Referer: https://assets.qualified.com/packs/css/widget/sandboxed/messenger-84a66aeb.chunk.css
Origin: https://app.qualified.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 00:42:39 GMT
x-amz-version-id: 8iJAUpJd6e_Yyn0OiVIrGWhC4aEObLYF
cf-cache-status: HIT
x-amz-request-id: XQ7GJ0WQHQKGH770
age: 16066812
content-length: 227180
x-amz-id-2: iSG7TEqBh9S3Qb6UUoz0Bd7VhwvNNoskrYV0ceVxUvSkMTIiZ//dmef50iT6Ox+p1fkiTSn7mbU=
last-modified: Thu, 08 Dec 2022 23:17:25 GMT
server: cloudflare
etag: "66c6e40883646a7ad993108b2ce2da32"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 7d664b7c5d4a9e41-SIN
expires: Wed, 12 Jun 2024 06:42:39 GMT

GET 67533a0d3ac0dad7464dfdf8ef48733db2e402ff445cc60ffdbfeb91ff05fb99.png
qualified-production.s3.us-east-1.amazonaws.com/uploads/ Frame F0C2 0
0

GET 30b015f4ec783afb7d7be0e7ff0439bde45de1919976109b4453076f30385121.png
qualified-production.s3.us-east-1.amazonaws.com/uploads/ Frame F0C2 0
0

GET 08a3d619f04bdb1a9b3bed582964dd014a219726e53e64c3f78ae3c5a5cc512f.png
qualified-production.s3.us-east-1.amazonaws.com/uploads/ Frame F0C2 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: b.6sc.co
URL: https://b.6sc.co/v1/beacon/img.gif?token=b253130e4accad98012a3abe3f4b4c7a&svisitor=null&visitor=8365ef44-ff26-403d-83c9-d49ca5a50ee4&session=8b678e3b-c4a9-449a-88c3-d3c03640d4e8&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2013%20Jun%202023%2000%3A42%3A39%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2013%20Jun%202023%2000%3A42%3A38%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%226010%22%7D&isIframe=false&m=%7B%22description%22%3A%22Find%20out%20how%20threat%20actors%20use%20malicious%20attachments%20to%20impersonate%20email%20security%20providers%20%26%20steal%20user%20credentials.%20Learn%20more%20about%20this%20alarming%20trend%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Threat%20Actors%20Impersonate%20Email%20Security%20Providers%20%7C%20Cofense%22%7D&cb=&r=https%3A%2F%2Ft.co%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fcofense.com%2Fblog%2Fthreat-actors-impersonate-email-security-providers-to-steal-user-credentials%2F&pageViewId=397735c8-e987-414a-8c10-c3e278b57e31&an_uid=0

Domain: qualified-production.s3.us-east-1.amazonaws.com
URL: https://qualified-production.s3.us-east-1.amazonaws.com/uploads/67533a0d3ac0dad7464dfdf8ef48733db2e402ff445cc60ffdbfeb91ff05fb99.png

Domain: qualified-production.s3.us-east-1.amazonaws.com
URL: https://qualified-production.s3.us-east-1.amazonaws.com/uploads/30b015f4ec783afb7d7be0e7ff0439bde45de1919976109b4453076f30385121.png

Domain: qualified-production.s3.us-east-1.amazonaws.com
URL: https://qualified-production.s3.us-east-1.amazonaws.com/uploads/08a3d619f04bdb1a9b3bed582964dd014a219726e53e64c3f78ae3c5a5cc512f.png

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.t.co/	1970-01-20 22:06:16	Name: muc Value: 14b61fa7-1797-45fa-8316-1bde3be89699
.t.co/	1970-01-20 22:06:16	Name: muc_ads Value: 14b61fa7-1797-45fa-8316-1bde3be89699
.bit.ly/	1970-01-20 16:49:28	Name: _bit Value: n5d0Gv-485c054625b27f272c-00S
.cofense.com/	1970-01-20 14:39:52	Name: _gcl_au Value: 1.1.1699863597.1686616953
.cofense.com/	1970-01-20 22:06:16	Name: attr_first Value: %7B%22source%22%3A%22t%22%2C%22medium%22%3A%22social%22%2C%22campaign%22%3A%22(not%20set)%22%2C%22term%22%3A%22(not%20provided)%22%2C%22content%22%3A%22(not%20set)%22%2C%22lp%22%3A%22cofense.com%2Fblog%2Fthreat-actors-impersonate-email-security-providers-to-steal-user-credentials%2F%22%2C%22date%22%3A%222023-06-13%22%2C%22timestamp%22%3A1686616952912%7D
.cofense.com/	1970-01-20 12:30:18	Name: attr_last Value: %7B%22source%22%3A%22t%22%2C%22medium%22%3A%22social%22%2C%22campaign%22%3A%22(not%20set)%22%2C%22term%22%3A%22(not%20provided)%22%2C%22content%22%3A%22(not%20set)%22%2C%22lp%22%3A%22cofense.com%2Fblog%2Fthreat-actors-impersonate-email-security-providers-to-steal-user-credentials%2F%22%2C%22date%22%3A%222023-06-13%22%2C%22timestamp%22%3A1686616952912%7D
cofense.com/	1969-12-31 23:59:59	Name: wp-wpml_current_language Value: en
.techtarget.com/	1970-01-20 12:30:18	Name: __cf_bm Value: emF2kDhryQnbxfruN_s5EDDUpHW6dpEk2pJrc8kDG5U-1686616952-0-AQhnsx33HXUOQPybJe1jxdecpZhYaORAmYb8+/N/+mKXwTZ++po8MfT30Fyhb4fgs79y661IS4rcHx88aBDiIF8=
cofense.com/	1970-01-20 12:31:43	Name: ln_or Value: eyIzMDA3MjEiOiJkIn0%3D
.cofense.com/	1970-01-20 22:06:16	Name: _mkto_trk Value: id:404-JHU-612&token:_mch-cofense.com-1686616953182-21190
www.clarity.ms/	1970-01-20 21:15:52	Name: CLID Value: 91831f1936174507899fb09afa37df17.20230613.20240612
.cofense.com/	1970-01-20 21:15:52	Name: _clck Value: 1hsincg\|2\|fcf\|0\|1259
.cofense.com/	1970-01-20 22:06:16	Name: _ga Value: GA1.2.1048073745.1686616953
.cofense.com/	1970-01-20 12:31:43	Name: _gid Value: GA1.2.2141793125.1686616953
.cofense.com/	1970-01-20 12:30:17	Name: _dc_gtm_UA-114787942-1 Value: 1
cofense.com/	1970-01-20 22:06:16	Name: _gd_visitor Value: 8365ef44-ff26-403d-83c9-d49ca5a50ee4
cofense.com/	1970-01-20 12:30:31	Name: _gd_session Value: 8b678e3b-c4a9-449a-88c3-d3c03640d4e8
.ws.zoominfo.com/	1970-01-20 21:15:52	Name: visitorId Value: cd47e2365ebaeb3d4645fa98e68160f09755e8ffcbf9d5004c4b0e7988c8f5fb
.zoominfo.com/	1970-01-20 12:30:18	Name: __cf_bm Value: m69hqQgw2FCFoMW72r6EF6NRmhXMpbxX_ffvH.8kBjI-1686616953-0-AR3NLwxMIvaWyxY0Gx13ylI9HrmrcP/3eHyhNvyRiucX1eq91ROuTPkCFnzPKNv2pIjO87oIr38NvaK5BFo78CE=
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: s88yWu5Ve65vCp.LU2uRYJq8MfsoJKea5inBFXKFRj0-1686616953304-0-604800000
.linkedin.com/	1970-01-20 14:39:52	Name: li_sugr Value: 195bff39-541a-4248-aeb6-7da1374086f9
.linkedin.com/	1970-01-20 21:15:52	Name: bcookie Value: "v=2&ebbf74e4-88c8-4b1c-89a3-2cc2ed8e26f3"
.linkedin.com/	1970-01-20 12:31:43	Name: lidc Value: "b=TGST09:s=T:r=T:a=T:p=T:g=2535:u=1:x=1:i=1686616953:t=1686703353:v=2:sig=AQEXWKKihieexgDom9fVo3-RxP4Hc-_2"
cofense.com/	1970-01-20 12:40:21	Name: _an_uid Value: 0
.linkedin.com/	1970-01-20 13:13:28	Name: UserMatchHistory Value: AQIbFjVtSu5VFgAAAYiyNFKUJoFT6D-ydecNetDLESULmh834aHI4xXMOJfYQTMbfGaeG-37njuIxA
.linkedin.com/	1970-01-20 13:13:28	Name: AnalyticsSyncHistory Value: AQJY_M2oLunKVQAAAYiyNFKUrX2Dtb2nBfN4p2FJn2iMH2HNVCLaKPWnQS2X8DsJtGHY7t1XUSs4dqTCGlE_qw
.www.linkedin.com/	1970-01-20 21:15:52	Name: bscookie Value: "v=1&20230613004233467646ff-3a05-47ff-8ca6-5ae1762bc41aAQFwBO-NZddajDWIMkpdi1wXND-H-Xp9"
.6sc.co/	1970-01-20 22:06:16	Name: 6suuid Value: 1e154b17b5ff000079bb8764480300007f900300
.cofense.com/	1970-01-20 12:31:43	Name: _clsk Value: 1apkyjh\|1686616954077\|1\|1\|s.clarity.ms/collect
.cofense.com/	1970-01-20 22:06:16	Name: _ga_3G76T4W3LR Value: GS1.1.1686616953.1.0.1686616954.59.0.0
.cofense.com/	1970-01-20 22:06:16	Name: __q_state_H3wWDXLUxD4irieG Value: eyJ1dWlkIjoiODkwNTExZjQtNmQ4Zi00N2U2LWE1MGItYjc3N2E2ODZjZWM4IiwiY29va2llRG9tYWluIjoiY29mZW5zZS5jb20ifQ==
.bing.com/	1970-01-20 21:51:52	Name: MUID Value: 3A549E14FAC569AA0ED28D3BFB9F68C0
.c.bing.com/	1970-01-20 12:40:21	Name: MR Value: 0
.c.bing.com/	1970-01-20 21:51:52	Name: SRM_B Value: 3A549E14FAC569AA0ED28D3BFB9F68C0
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 21:51:52	Name: MUID Value: 3A549E14FAC569AA0ED28D3BFB9F68C0
.c.clarity.ms/	1970-01-20 12:40:21	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 12:30:17	Name: ANONCHK Value: 0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ep67mn3zn7v.exactdn.com/wp-content/uploads/2022/05/Inter-Medium.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://lltrck.com/scripts/lt-v3.js?llid=19612 Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

404-jhu-612.mktoresp.com
analytics.google.com
app.qualified.com
assets.qualified.com
b.6sc.co
bit.ly
c.6sc.co
c.bing.com
c.clarity.ms
cdn.linkedin.oribi.io
cofense.com
ep67mn3zn7v.exactdn.com
epsilon.6sense.com
extend.vimeocdn.com
fonts.googleapis.com
fonts.gstatic.com
ibc-flow.techtarget.com
ipv6.6sc.co
j.6sc.co
js.qualified.com
lltrck.com
munchkin.marketo.net
okt.to
p.typekit.net
px.ads.linkedin.com
px4.ads.linkedin.com
qualified-production.s3.us-east-1.amazonaws.com
s.clarity.ms
secure.adnxs.com
sentry.io
snap.licdn.com
static.oktopost.com
stats.g.doubleclick.net
t.co
trk.techtarget.com
ws.zoominfo.com
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.com.sg
www.googletagmanager.com
www.linkedin.com
b.6sc.co
qualified-production.s3.us-east-1.amazonaws.com
103.43.90.117
104.244.42.133
108.138.189.68
13.107.42.14
141.193.213.20
18.180.44.215
192.28.144.124
199.232.46.109
20.205.115.81
2001:4860:4802:32::181
23.50.91.74
23.96.124.68
2400:52e0:1500::868:1
2404:6800:4003:c01::9a
2404:6800:4003:c02::61
2404:6800:4017:802::200a
2404:6800:4017:803::2003
2404:6800:4017:803::2004
2404:6800:4017:804::2003
2404:6800:4017:805::200e
2600:1413:1::1734:abe3
2600:1413:1::17d3:8c60
2600:1413:1::17d3:8c70
2600:9000:20c7:6200:2:53b2:240:93a1
2606:4700::6810:650c
2606:4700::6812:1005
2606:4700::6812:1105
2606:4700::6812:d9f
2620:1ec:21::14
2620:1ec:bdf::59
2620:1ec:c11::200
34.111.208.231
34.196.185.66
35.188.42.15
52.20.195.32
52.206.79.35
52.217.134.50
67.199.248.10
96.17.96.30
01c3955df67a9b9d1367957e2c187729eae46b72e92c2b52bdb217b14a8fc874
048adc90c4557d0f23a5cdb42ff2bb79ea8ba1086f4ac45835e0f4d432d40d16
06c5b21ed6beb8535987a718d67db031fd8f9658a06e347946420fece8a2d845
0800c1bcae9fd7a9ab8bb0fc08bb60392cde06279906b58ba73a9d32c0ef0f8d
08d9e28e5a3cf2a632f0a595610c79ae90f8dc50f3dd17914f2e6ef324b100bf
09016600a13dd4825b72516765a8da53d1ab896f7582c4619d014e8ee147ea84
0a828dbd42b518c042d31e8c907ce91c852f06759f79a659341c8c4fa74492b3
0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e
0c9b0f01749e04c7edc1d741457bc65ed9a5e0f1555f5c8867f206d66e631231
0f02bfc3bc0b8301eb6099b0af18bf0a90a11a50891564a4a6f3697625b3167e
138154c0deed3326477b9b4909175101070a5a3a95342291b53d8cc9879a5f47
13ba7d85cedf2d5b14f9091119f9067689bdc33edde1d37a654787d416fbca34
152261291c938aa5aad6a56d52b47ffcb893d1c0387e76d7f270a7382ff786d5
17bd1c297a7fd1221272d080053f887bb97c03bfc16d6f96bdd7f08bf87dbbd5
17fe38ab302c7e5dbfb5c3d87801092d79be958500db6412ed3bc0f126bd53d3
198905bddb47215ef14ccde8955cacd96f6b9170681ded0d57305601642da798
19fb8fd435c0bce0c7b49c24d128cce686d4a6bba0de63d34d5effa4e1f644f4
1a6066a6d31e78435df4062a26c6f87e325ec23de535b95c65cb90e0ea570038
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
22fbb5eff578438da0e7dac3f5613495aa7997f245952e11fa24e4ec085a1880
2660d715c056a722efa81ed0e917bdad770738e5ac8fe1296cc71a16b053b2ce
2cb2dbcaef23560aab640aaa379e55b607c905a3f8f41b813679e5e503ecdf17
2cc15bc3d3dda4e699624aae9727570dd1cb7cfa4535a074a453e1437e279d21
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
34bbd1c367ffc7d80fcff86c7e5f8777e70f4911bb324e8ecfc7dd3604a96e68
35f2fd2da69d4fb87275d7ce76117c573c18ab9c6dbbd08429712af6346c26a3
38c0429f151c63509ad519a07d59304a62c2d72e3ae31ec9557bc7bd60c5e1d4
39eeb47a5d22f99100deb70fc52831d17942755c4e48e1b41f69274c924f3128
3c1a5c4b5574a4104a92b2e700e6f0fc5b001c4297ebc5a1e76d67b1fbeb1c2d
3c60f28ac63eb4fed3d219aba2496cb5da8b96a1db54a8d9b5c87ada17e42c00
3d7cc8b6dd2abcbafc61918a074f96bef0698f9382e157d26ac719fbf36f1188
3eaa5d844ec16829d602a7e6f48a0570bcd0e0c40a5bf649b5710ecad428dd6a
3f5eb651e087476c3214a5fbb8b77346f7f0dff068c3d961c6070424746fb9db
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44f88db6af9c507b2a85cd509a64018e574fb3455aa672d84be2ff3dfba6a2e3
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
4604ed4eb3e25b2aeb907e4ea907f2a44152ff2e7a867895b78018419ac26c0f
47ecfe99feb398d42a29187409ece9ab4bff0b7c65fd64475eb29edc49898eef
4aec96eddab69454e554bb60664da2e5043c363ebef6921644f619523e7274d7
4b9257e3e9c959214ddfab833a69a021ae6557403efe76afcbee259621175274
4cf7ad6c18aea20fad38d22db5b87bf5c1f0d8c450eb0a786e31c4594d2a8853
4fb9a83d48d26f707a6de17e03f8d0fa8c127ae754583ecce65d7720d4bc819b
50f7e438bddecb1aad132731a0ea9a014007cdfcc9915a26ed46afb8e8c2a76c
51f36864e3fb5b3479d50de93d44403cee100c743cb5c97a1da0b924ca671a86
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
533e264cc615ee4601da8d2c1dee4a8987319e53d4d7162272f067fbbf250020
5565d96a4b66a49049a7fca5dfc8d26ebe0336778006052124283abb0347be8c
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5be99a090bad0d26720d462cd38bd7c05ce834fe1d3f886f619903ece0bde331
5ec0edcab83d68a0bbdaaa014ca2eb993bf8bb3eb9eb5291be25e602a0d50e2b
5f44ed9078d0e113115607ec3be84946a4b469b9edfdd78982ad61dc71dcc470
60c30c30b2994c53ef3cabd89167d58914408912f4e7ebefa163997f1603f8f2
60e5576a3b8eca0a64ee5fe9e79e3c785480d7b124bc2a6738d0b187e97db017
667a6ffd7d93f5b62649f4d7debde5d609ac1d1a7696cf0773365284d4ed6b83
6844ea1d998d79155a0763c9946da7c064a293e776d2142c8e91fcacee8542e9
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6
6c649cc3d4aee7683250622541a6045ad4ac3beb93df1fcdd3ec1f7f12a1ff44
6c64f1f61427b7aff7961cee93a0ee95c454274084a3a9e10aed8496929450d5
6ec35ab99388f6afab345622a22772619b83b7d63705d98df3c404da782fcabb
73b2fdcf25aa909c7b0f072cf791066350ab834ca1d0d01ef096bb5583318213
76165601b100d2a490189d0521eb1fd9729f7008a75e359170b4b699c06c7d59
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7dd40c1df9167d9d73fb014f4d1b4317e9455e08deb5738e7914e579e7662c78
7ecfcb6364417265a3fe2b85356392477258f5c6c9814085501cba10537b92e5
80ae295e1e684f6903ca3b3896fb69550a5051c018482eae7d601f5a270c5f83
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86e5f383c43482b102b2dca93faab32637c7ccdbd5455e7840bbca7d8f57e0ee
880bd0c057b2118ce8870a412c9bbc9c744ecc1ffc2e0cec852f0822467a5468
8883dd467afa3bb47df040808f726f0608b48c35279e0231815d2297b4717505
8908a8114adb7f7825bc1e2b634946bf87489f37c1c82bc2c38bb49b3dda98e2
89b87d53f74bf77c35b63352937c490fa8e07f70eb549d9307ea8e945fc00bc4
8cbc49b1385bf29debe95333f04795a6e3a2cf218d88b415b29872d06491fd1c
8f9de5ce0bd559fccdcf15f73bef8d60af03428ea4c33222985a6644d1351b35
90ba6df4a03d5cf38eefa0c0239f20da47e5903f77f54759f2051ac73b2c9d26
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
98207c61fcf676e67a06d6cf9484f341d09c5f23a0ca219529c40c85fae7c319
9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134
9c8637008804212fea22b7d86cc3fe552978c2f26e3409ee1937bffbd27111cd
9cb6c7c26b11dc138503ce04835b48bd49863a2e656c1c0ef9dc75f14033e299
a021e5ef7022a556c759cca4e248f10383d65a1cd4df600dae57ea37ca481073
a144b7eb90f5589866d0546b15df7c4473c9ff44b079490e449c0ad96bb82511
a6dc3ba048207f5858574b196a46bbd908c150589d97855f074f567b3af8d43b
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
afc24dfed8f3f2749e5cbe4a86053b55e5c063c23ea09ddf40544a0bfe03ae0c
b4d6f31b12061ce5f7eb43054704209c45634f84c8dcfd0666907f33fa527401
ba034b0b907ed77dd3d266f6eca07839a0d25012641f0c4a259daeaa6a324607
baa86679ca6a270b4c8ac4f17ffe54da6fbe6c60543b0cd49a720611c66f1694
c05a1108c176130e9dff2f6a5ebdb60be1c3e17b5a8f83de35b29f44fb109434
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c1b5e18239636e9eb0b3f7affcfc7e65a5122e67cb56c3711af6258545a93b5a
c3dfc3f03106f85ab56ceaadf44433f35cca4209d64922d50a1c650c90aa60ad
c45f781964e97c179059fb620032eddab4a86bf8af6cd3f7460b2fa839fedb10
c478a21227c8c63ed9b7ecb07c06e3a99cb6e4a253aeed7687fe43d5b0aa13d6
c775a362bb8cfcb1f31682b2a1a017a05ea83016e5848a6ab3ae6c1de152ce94
c77732d85f58d3043711126b16c097d4b56bb2a0da1a75d526633a6b34c10427
c85d22b6f7b34795c2daf7b29430762f7ebb504d5897771ff757f2cf23bac895
ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651
cba788c91ad01b850dc3ff5689cf4234757080a656044ec8757dc51c229440ab
cce09b94f024a9f454d77ef89ce7eaf3dc4e54efa358ad7bbbc0f24fed038b3b
d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d0ee40eedb99bb4fa8be8aa6825dbc436d3b761c7a49c2e36199039a2557a3eb
d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6
d622534d53d3ac1095af275f0b30274fcd835785577df2dde6d9398e6f7a2c8f
d8ca05b79f50f584d7d9da9273bd20c241ec7eadf0c8592cd37cb3c1afbc7ed6
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47eb53a564c0ad6494d30bcc29fd05742db5874f11ad8d737fedd5f76b89f34
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e9ba3d0c5d5408e00becd36ad394fa9ad9c0616741ebdd6dddc8e837db3605ba
eb3487cae40a55bf31dc6e6191ab0d88ec8c8f85c62bf28ad25ad0a40c16a611
edf0c45100bd76408c47b7a27b7cc7a85d776b1baf46de9e33f5b90bff9d5ea2
ee5d065fca9f5c5f5c983c8d8f448b242790f9254d8b5f3d2e7e966ab1407c9c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa63d0594b48edc92d2f0934b76d85bc22a8de8a2f40bb0f1712fe2ea7c6b84
f18d03ea1db25769e0297f023bbb4f700a35027e4b26c8ce2cea90dd91956cef
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a
f4221e726cd903ea62b23099982f627213f319bad4697da681b33ec82d613500
f42783ad0d1bd53baf306b3660babf8183fc4e0379670e995afc98e1894848d7
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f59a29fec29f623f2dbb2e96b3fd36aef041bbe8ea187832822d3de57ec493c6
f5df288275b5f604b05fec06b5b90ee3e2eee656a3157c65d099be04a941ad73
f73a370f3d0a4f11a2388b9d5d876f979c921d2d5290460ee6b25b289e63ca8c
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
ff0ef2b4514a9a824e24181bd336b7b282a0ff614b16dcc9484470aa337c15a2
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

cofense.com Open in urlscan Pro 141.193.213.20 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

155 Requests

95 %HTTPS

51 %IPv6

31 Domains

42 Subdomains

37 IPs

5 Countries

2102 kBTransfer

5591 kBSize

38 Cookies

7 Outgoing links

Page URL History

Redirected requests

155 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

cofense.com Open in urlscan Pro
141.193.213.20 Public Scan

Screenshot
Live screenshot

Full Image

155
Requests

95 %
HTTPS

51 %
IPv6

31
Domains

42
Subdomains

37
IPs

5
Countries

2102 kB
Transfer

5591 kB
Size

38
Cookies

155 HTTP transactions
8 data transactions