ci.security Open in urlscan Pro
207.38.86.153 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cybersecurity.ci.security/e/414142/g-nur-202004-utm-content-genit/r4672g/1071129923?h=Y0AgG6yfiVD4x8w90vSp8JLrBOG2H-CmZf-l...
Effective URL:
https://ci.security/resources/news/article/f5-labs-2019-phishing-and-fraud-report-with-ci-security?utm_source=pardot...
Submission: On July 13 via api (July 13th 2020, 3:38:50 pm UTC) from US

Summary HTTP 42 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 18 IPs in 5 countries across 17 domains to perform 42 HTTP transactions. The main IP is 207.38.86.153, located in St Louis, United States and belongs to AS-30083-GO-DADDY-COM-LLC, US. The main domain is ci.security.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 9th 2020. Valid for: 3 months.

This is the only time ci.security was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	52.21.178.134 52.21.178.134	14618 (AMAZON-AES) (AMAZON-AES)
11	207.38.86.153 207.38.86.153	30083 (AS-30083-...) (AS-30083-GO-DADDY-COM-LLC)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
7	3.23.241.62 3.23.241.62	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6814:14ef	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:10c... 2a02:26f0:10c:382::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.224.193.53 13.224.193.53	16509 (AMAZON-02) (AMAZON-02)
1	163.171.132.119 163.171.132.119	54994 (QUANTILNE...) (QUANTILNETWORKS)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	2a05:f500:10:... 2a05:f500:10:101::b93f:9105	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	206.19.49.24 206.19.49.24	7018 (ATT-INTER...) (ATT-INTERNET4)
1	143.204.94.108 143.204.94.108	16509 (AMAZON-02) (AMAZON-02)
2 2	52.49.185.203 52.49.185.203	16509 (AMAZON-02) (AMAZON-02)
1 2	13.225.87.70 13.225.87.70	16509 (AMAZON-02) (AMAZON-02)
1	34.250.128.129 34.250.128.129	16509 (AMAZON-02) (AMAZON-02)
1 4	23.210.248.216 23.210.248.216	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	52.30.34.11 52.30.34.11	16509 (AMAZON-02) (AMAZON-02)
42	18

4 52.21.178.134 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

cybersecurity.ci.security	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 207.38.86.153 (St Louis, United States)

ASN30083 (AS-30083-GO-DADDY-COM-LLC, US)
PTR: web594.webfaction.com

ci.security	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.23.241.62 (Seattle, United States)

ASN16509 (AMAZON-02, US)

cms.thekraken.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:14ef (United States)

ASN13335 (CLOUDFLARENET, US)

rum-static.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:10c:382::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.53 (Seattle, United States)

ASN16509 (AMAZON-02, US)

tag.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.171.132.119 (Germany)

ASN54994 (QUANTILNETWORKS, US)

trk.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:10:101::b93f:9105 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 206.19.49.24 (United States)

ASN7018 (ATT-INTERNET4, US)

apt.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.94.108 (Seattle, United States)

ASN16509 (AMAZON-02, US)

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.49.185.203 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.87.70 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)

segments.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.128.129 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

rum-collector-2.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.210.248.216 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.34.11 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

d.adroll.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	ci.security 1 redirects cybersecurity.ci.security ci.security	273 KB
7	thekraken.xyz cms.thekraken.xyz	866 KB
5	adroll.com 1 redirects s.adroll.com d.adroll.com	14 KB
3	company-target.com 1 redirects api.company-target.com segments.company-target.com	2 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	3 KB
2	pardot.com pi.pardot.com	4 KB
2	bidr.io 2 redirects match.prod.bidr.io	1019 B
2	bing.com bat.bing.com	8 KB
2	techtarget.com trk.techtarget.com apt.techtarget.com	3 KB
2	pingdom.net rum-static.pingdom.net rum-collector-2.pingdom.net	3 KB
1	consensu.org 1 redirects d.adroll.mgr.consensu.org	136 B
1	demandbase.com tag.demandbase.com	15 KB
1	licdn.com snap.licdn.com	2 KB
1	google-analytics.com www.google-analytics.com	18 KB
1	googletagmanager.com www.googletagmanager.com	33 KB
0	google.com Failed www.google.com Failed
0	doubleclick.net Failed stats.g.doubleclick.net Failed
42	17

	Domain	Requested by
11	ci.security	ci.security
7	cms.thekraken.xyz	ci.security www.google-analytics.com
4	s.adroll.com	1 redirects ci.security s.adroll.com
2	pi.pardot.com	ci.security pi.pardot.com
2	segments.company-target.com	1 redirects ci.security
2	match.prod.bidr.io	2 redirects
2	px.ads.linkedin.com	1 redirects ci.security
2	bat.bing.com	ci.security
2	cybersecurity.ci.security	1 redirects pi.pardot.com
1	d.adroll.com
1	d.adroll.mgr.consensu.org	1 redirects
1	rum-collector-2.pingdom.net	rum-static.pingdom.net
1	api.company-target.com	tag.demandbase.com
1	apt.techtarget.com	ci.security
1	www.linkedin.com	1 redirects
1	trk.techtarget.com	ci.security
1	tag.demandbase.com	ci.security
1	snap.licdn.com	ci.security
1	rum-static.pingdom.net	ci.security
1	www.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	ci.security
0	www.google.com Failed	ci.security
0	stats.g.doubleclick.net Failed	ci.security
42	23

This site contains links to these domains. Also see Links.

Domain
www.f5.com
cloud.google.com
www.twitter.com
www.linkedin.com
www.youtube.com

Subject Issuer	Validity	Valid
www.ci.security Let's Encrypt Authority X3	`2020-05-09` - `2020-08-07`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
*.thekraken.xyz Amazon	`2020-01-23` - `2021-02-23`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
*.pingdom.net DigiCert SHA2 High Assurance Server CA	`2019-11-08` - `2021-01-19`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
*.demandbase.com Go Daddy Secure Certificate Authority - G2	`2018-09-20` - `2020-11-19`	2 years	crt.sh
trk.techtarget.com Sectigo RSA Domain Validation Secure Server CA	`2020-02-17` - `2022-05-17`	2 years	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2020-03-04` - `2020-09-04`	6 months	crt.sh
*.techtarget.com Sectigo RSA Domain Validation Secure Server CA	`2019-10-25` - `2021-10-24`	2 years	crt.sh
*.company-target.com Go Daddy Secure Certificate Authority - G2	`2019-06-19` - `2021-08-18`	2 years	crt.sh
pi.pardot.com DigiCert SHA2 Secure Server CA	`2019-12-26` - `2020-12-26`	a year	crt.sh
*.adroll.com DigiCert SHA2 Secure Server CA	`2020-01-29` - `2021-04-29`	a year	crt.sh
adroll.mgr.consensu.org Amazon	`2019-11-06` - `2020-12-06`	a year	crt.sh
cybersecurity.ci.security Let's Encrypt Authority X3	`2020-06-30` - `2020-09-28`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ci.security/resources/news/article/f5-labs-2019-phishing-and-fraud-report-with-ci-security?utm_source=pardot&utm_medium=email&utm_campaign=g_nur_202004&utm_content=genit
Frame ID: 435A43403B2A3936409683902B0B8AA4
Requests: 42 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://cybersecurity.ci.security/e/414142/g-nur-202004-utm-content-genit/r4672g/1071129923?h=Y0AgG6yfiVD4x8w9... HTTP 301
https://ci.security/resources/news/article/f5-labs-2019-phishing-and-fraud-report-with-ci-securi... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

42
Requests

90 %
HTTPS

37 %
IPv6

17
Domains

23
Subdomains

18
IPs

5
Countries

1241 kB
Transfer

1437 kB
Size

3
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.f5.com/labs/articles/threat-intelligence/2019-phishing-and-fraud-report
Title: 2019 Phishing and Fraud Report

Search URL Search Domain Scan URL

URL: https://cloud.google.com/blog/products/identity-security/protecting-against-cyber-threats-during-covid-19-and-beyond
Title: 18 million daily COVID-19 phishing attacks

Search URL Search Domain Scan URL

URL: https://www.f5.com/content/dam/f5-labs-v2/article/pdfs/F5Labs_2019_Phishing_and_Fraud_Report.pdf
Title: report

Search URL Search Domain Scan URL

URL: http://www.twitter.com/@detectrespond
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/cisecurity
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCwXktbtQyr1FzewMFQVz6lA
Title: YouTube

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cybersecurity.ci.security/e/414142/g-nur-202004-utm-content-genit/r4672g/1071129923?h=Y0AgG6yfiVD4x8w90vSp8JLrBOG2H-CmZf-ln3SysCg HTTP 301
https://ci.security/resources/news/article/f5-labs-2019-phishing-and-fraud-report-with-ci-security?utm_source=pardot&utm_medium=email&utm_campaign=g_nur_202004&utm_content=genit Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1171693310&t=pageview&_s=1&dl=https%3A%2F%2Fci.security%2Fresources%2Fnews%2Farticle%2Ff5-labs-2019-phishing-and-fraud-report-with-ci-security%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_campaign%3Dg_nur_202004%26utm_content%3Dgenit&ul=en-us&de=UTF-8&dt=F5%20Labs%202019%20Phishing%20and%20Fraud%20Report%20with%20CI%20Security%20%7C%20CI%20Security&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=531284631&gjid=683314149&cid=622860944.1594654713&tid=UA-72734021-3&_gid=536416249.1594654713&_r=1&gtm=2ou6o0&z=1422834141 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-72734021-3&cid=622860944.1594654713&jid=531284631&_gid=536416249.1594654713&gjid=683314149&_v=j83&z=1422834141

Request Chain 26

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=569164&url=https%3A%2F%2Fci.security%2Fresources%2Fnews%2Farticle%2Ff5-labs-2019-phishing-and-fraud-report-with-ci-security%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_campaign%3Dg_nur_202004%26utm_content%3Dgenit&time=1594654713192 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D569164%26url%3Dhttps%253A%252F%252Fci.security%252Fresources%252Fnews%252Farticle%252Ff5-labs-2019-phishing-and-fraud-report-with-ci-security%253Futm_source%253Dpardot%2526utm_medium%253Demail%2526utm_campaign%253Dg_nur_202004%2526utm_content%253Dgenit%26time%3D1594654713192%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=569164&url=https%3A%2F%2Fci.security%2Fresources%2Fnews%2Farticle%2Ff5-labs-2019-phishing-and-fraud-report-with-ci-security%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_campaign%3Dg_nur_202004%26utm_content%3Dgenit&time=1594654713192&liSync=true

Request Chain 30

https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
https://segments.company-target.com/log?vendor=choca&user_id=AAKKaU6-GQAAAA_AtHOoxw HTTP 303
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAKKaU6-GQAAAA_AtHOoxw&verifyHash=dfdb4922a64581ac8f6faa108ecfe42cea33c661

Request Chain 31

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1171693310&t=event&ni=1&_s=2&dl=https%3A%2F%2Fci.security%2Fresources%2Fnews%2Farticle%2Ff5-labs-2019-phishing-and-fraud-report-with-ci-security%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_campaign%3Dg_nur_202004%26utm_content%3Dgenit&ul=en-us&de=UTF-8&dt=F5%20Labs%202019%20Phishing%20and%20Fraud%20Report%20with%20CI%20Security%20%7C%20CI%20Security&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Demandbase&ea=API%20Resolution&el=IP%20API&_u=aHBAAUAB~&jid=1731488284&gjid=928438364&cid=622860944.1594654713&tid=UA-72734021-3&_gid=536416249.1594654713&_r=1&cd2=(Non-Company%20Visitor)&cd3=(Non-Company%20Visitor)&cd4=(Non-Company%20Visitor)&cd5=(Non-Company%20Visitor)&cd6=(Non-Company%20Visitor)&cd7=Bot&cd8=(Non-Company%20Visitor)&cd9=(Non-Company%20Visitor)&cd10=Utrecht&cd11=UT&cd12=Netherlands&cd13=(Non-Company%20Visitor)&cd14=(Non-Company%20Visitor)&cd15=(Non-Company%20Visitor)&cd16=(Non-Company%20Visitor)&cd17=(Non-Company%20Visitor)&cd18=(Non-Company%20Visitor)&cd19=(Non-Company%20Visitor)&cd20=(Non-Company%20Visitor)&z=456796681 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-72734021-3&cid=622860944.1594654713&jid=1731488284&_gid=536416249.1594654713&gjid=928438364&_v=j83&z=456796681

Request Chain 36

https://s.adroll.com/j/exp/PVQ657GQDFFXLFGCNQJYZN/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 38

https://d.adroll.mgr.consensu.org/consent/iabcheck/PVQ657GQDFFXLFGCNQJYZN?_s=6c5ca5c770c0de5bb83e2f43ea69a921&_b=2 HTTP 302
https://d.adroll.com/consent/check/PVQ657GQDFFXLFGCNQJYZN/?_s=6c5ca5c770c0de5bb83e2f43ea69a921&_b=2

42 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request f5-labs-2019-phishing-and-fraud-report-with-ci-security Show response
ci.security/resources/news/article/
Redirect Chain

https://cybersecurity.ci.security/e/414142/g-nur-202004-utm-content-genit/r4672g/1071129923?h=Y0AgG6yfiVD4x8w90vSp8JLrBOG2H-CmZf-ln3SysCg
https://ci.security/resources/news/article/f5-labs-2019-phishing-and-fraud-report-with-ci-security?utm_source=pardot&utm_medium=email&utm_campaign=g_nur_202004&utm_content=genit

53 KB
16 KB

840ms
596ms

Document
text/html

207.38.86.153
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://ci.security/resources/news/article/f5-labs-2019-phishing-and-fraud-report-with-ci-security?utm_source=pardot&utm_medium=email&utm_campaign=g_nur_202004&utm_content=genit

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.38.86.153 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),

Reverse DNS

web594.webfaction.com

Software

nginx /

Resource Hash

3253ea85b51c079f0c8820fd30a199982f24ce10728af435efe9a1d6af71a3c2

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; base-uri 'self'; font-src 'self' data: .googleusercontent.com; media-src 'self' .thekraken.xyz; manifest-src 'self';script-src 'self' 'nonce-36587830063253960422241508316497' .google-analytics.com 'nonce-5483687168' s.ytimg.com .ci.security .bamboohr.com .adroll.com .adroll.mgr.consensu.org .linkedin.com .licdn.com .demandbase.com .techtarget.com static.doubleclick.net .googletagmanager.com googleads.g.doubleclick.net bat.bing.com .pardot.com; style-src 'self' 'unsafe-inline' .bamboohr.com; img-src 'self' data: 'unsafe-inline' cms.thekraken.xyz .company-target.com .linkedin.com .adroll.com .casalemedia.com bat.bing.com www.google-analytics.com .twitter.com .pingdom.net .bidr.io .techtarget.com stats.g.doubleclick.net .advertising.com .casalemedia.com .rubiconproject.com .outbrain.com .pubmatic.com .yahoo.com .taboola.com/sg/adroll-network .3lift.com .bidswitch.net .adnxs.com .rlcdn.com .openx.net .bamboohr.com .pardot.com s.ytimg.com; connect-src 'self' .google-analytics.com .ci.security .google.com .bamboohr.com .pingdom.net .twitter.com .demandbase.com .company-target.com .youtube.com; frame-src 'self' .youtube.com .ci.security .pardot.com .bamboohr.com .twitter.com .google.com .google-analytics.com; frame-ancestors 'self' .driftt.com .bamboohr.com .youtube.com; form-action 'self' .ci.security ci.security *.pardot.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.youtube.com/
X-Xss-Protection	1; mode=block

Request headers

Host: ci.security
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx
Date: Mon, 13 Jul 2020 15:38:32 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 13987
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Security-Policy: default-src 'none'; base-uri 'self'; font-src 'self' data: *.googleusercontent.com; media-src 'self' *.thekraken.xyz; manifest-src 'self';script-src 'self' 'nonce-36587830063253960422241508316497' *.google-analytics.com 'nonce-5483687168' s.ytimg.com *.ci.security *.bamboohr.com *.adroll.com *.adroll.mgr.consensu.org *.linkedin.com *.licdn.com *.demandbase.com *.techtarget.com static.doubleclick.net *.googletagmanager.com googleads.g.doubleclick.net bat.bing.com *.pardot.com; style-src 'self' 'unsafe-inline' *.bamboohr.com; img-src 'self' data: 'unsafe-inline' cms.thekraken.xyz *.company-target.com *.linkedin.com *.adroll.com *.casalemedia.com bat.bing.com www.google-analytics.com *.twitter.com *.pingdom.net *.bidr.io *.techtarget.com stats.g.doubleclick.net *.advertising.com *.casalemedia.com *.rubiconproject.com *.outbrain.com *.pubmatic.com *.yahoo.com *.taboola.com/sg/adroll-network *.3lift.com *.bidswitch.net *.adnxs.com *.rlcdn.com *.openx.net *.bamboohr.com *.pardot.com s.ytimg.com; connect-src 'self' *.google-analytics.com *.ci.security *.google.com *.bamboohr.com *.pingdom.net *.twitter.com *.demandbase.com *.company-target.com *.youtube.com; frame-src 'self' *.youtube.com *.ci.security *.pardot.com *.bamboohr.com *.twitter.com *.google.com *.google-analytics.com; frame-ancestors 'self' *.driftt.com *.bamboohr.com *.youtube.com; form-action 'self' *.ci.security ci.security *.pardot.com;
Content-Encoding: gzip
Vary: Accept-Encoding
Cache-Control: max-age=2628000, public
Expires: Wed, 12 Aug 2020 15:38:32 GMT
X-Frame-Options: ALLOW-FROM https://www.youtube.com/
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin

Redirect headers

Date: Mon, 13 Jul 2020 15:38:30 GMT
Set-Cookie: pardot=l4helgqivsep5g1en452qsa5co; path=/ visitor_id414142=816472305; expires=Thu, 04-Feb-2021 16:38:31 GMT; Max-Age=17802000; path=/; SameSite=None; secure visitor_id414142-hash=6ecf0c3b3bca0bccee86b4b4f82cd1b6b9ade87ddfaaea2ba7da2663d82f981e535325a017f5179b4dea6a709f7dc2c10d0c0080; expires=Thu, 04-Feb-2021 16:38:31 GMT; Max-Age=17802000; path=/; SameSite=None; secure
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Location: https://ci.security/resources/news/article/f5-labs-2019-phishing-and-fraud-report-with-ci-security?utm_source=pardot&utm_medium=email&utm_campaign=g_nur_202004&utm_content=genit
P3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 203
Content-Type: text/html; charset=UTF-8
X-Pardot-Route: 32427ff3465437d362f61c790f7d2406
Server: PardotServer
X-Pardot-LB: 7044ba9c794aba658bc1be2f8b8ad85c
Connection: keep-alive

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 84 KB
33 KB 20ms
19ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-72734021-3

Requested by

Host: ci.security
URL: https://ci.security/resources/news/article/f5-labs-2019-phishing-and-fraud-report-with-ci-security?utm_source=pardot&utm_medium=email&utm_campaign=g_nur_202004&utm_content=genit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6e3481f69cdb394f9e81ff16e2529965a2b9697d3c01270caca3e336821a5bb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://ci.security/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 13 Jul 2020 15:38:32 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33687
x-xss-protection: 0
last-modified: Mon, 13 Jul 2020 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Jul 2020 15:38:32 GMT

GET
H/1.1 200
OK kraken.min.css
ci.security/static/ 78 KB
79 KB 210ms
116ms Stylesheet
text/css 207.38.86.153
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://ci.security/static/kraken.min.css?v36587830063253960422241508316497

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.38.86.153 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),

Reverse DNS

web594.webfaction.com

Software

nginx /

Resource Hash

a3e26587be02d75c9c51c569c45211a3fe319252da13f31664723834511513c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.youtube.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ci.security/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 13 Jul 2020 15:38:32 GMT
Referrer-Policy: strict-origin
Last-Modified: Tue, 02 Jun 2020 10:54:35 GMT
Server: nginx
ETag: "13858-5a717bcb46640"
X-Frame-Options: ALLOW-FROM https://www.youtube.com/
Content-Type: text/css
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=2628000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 79960
X-Content-Type-Options: nosniff
Expires: Wed, 12 Aug 2020 15:38:32 GMT

GET
H2 200 IMG_1707.jpg
cms.thekraken.xyz/storage/uploads/ 115 KB
115 KB 487ms
208ms Image
image/jpeg 3.23.241.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.thekraken.xyz/storage/uploads/IMG_1707.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.23.241.62 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

db64bef6a2c727b71f9e74213255f066473f43b64bdeef8614e127c772e56cf6

Security Headers

Name	Value
Strict-Transport-Security	strict-transport-security: max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.youtube.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ci.security/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 13 Jul 2020 15:38:33 GMT
referrer-policy: strict-origin
last-modified: Thu, 21 Jun 2018 22:22:46 GMT
server: Apache
etag: "1ca7c-56f2e5ad308c7"
x-frame-options: ALLOW-FROM https://www.youtube.com/
content-type: image/jpeg
status: 200
x-xss-protection: 1; mode=block
cache-control: max-age=1209600, public, public
strict-transport-security: strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
content-length: 117372
x-content-type-options: nosniff

GET
H2 200 F5Labs_2019_Phishing_and_Fraud_Report_cover-sm.png
cms.thekraken.xyz/storage/uploads/ 207 KB
208 KB 592ms
313ms Image
image/png 3.23.241.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.thekraken.xyz/storage/uploads/F5Labs_2019_Phishing_and_Fraud_Report_cover-sm.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.23.241.62 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

77aa54530207da1ba1a1ca18b9be88420a71ab4e3d47164b5530332e984ed677

Security Headers

Name	Value
Strict-Transport-Security	strict-transport-security: max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.youtube.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ci.security/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 13 Jul 2020 15:38:33 GMT
referrer-policy: strict-origin
last-modified: Wed, 30 Oct 2019 22:05:27 GMT
server: Apache
etag: "33d02-59627ee29807e"
x-frame-options: ALLOW-FROM https://www.youtube.com/
content-type: image/png
status: 200
x-xss-protection: 1; mode=block
cache-control: max-age=1209600, public, public
strict-transport-security: strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
content-length: 212226
x-content-type-options: nosniff

GET
H2 200 The_hardest_part_of_phishing_-_F5_Labs_2019_Phishing_and_Fraud_Report.png
cms.thekraken.xyz/storage/uploads/ 54 KB
55 KB 592ms
313ms Image
image/png 3.23.241.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.thekraken.xyz/storage/uploads/The_hardest_part_of_phishing_-_F5_Labs_2019_Phishing_and_Fraud_Report.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.23.241.62 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

e8345146e6ceb7ec1796bd82e3b853ad2956c9bf3090bf4f8294b5ee94502bfb

Security Headers

Name	Value
Strict-Transport-Security	strict-transport-security: max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.youtube.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ci.security/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 13 Jul 2020 15:38:33 GMT
referrer-policy: strict-origin
last-modified: Wed, 30 Oct 2019 22:34:18 GMT
server: Apache
etag: "d9c6-596285556a803"
x-frame-options: ALLOW-FROM https://www.youtube.com/
content-type: image/png
status: 200
x-xss-protection: 1; mode=block
cache-control: max-age=1209600, public, public
strict-transport-security: strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
content-length: 55750
x-content-type-options: nosniff

GET
H2 200 Phishing_-_normal_activities_cloaked_in_encryption_%E2%80%93_CI_Security_CTO_Mike_Simon__F5_Labs_2019_Phishing_and_Fraud_Report.png
cms.thekraken.xyz/storage/uploads/ 44 KB
44 KB 593ms
314ms Image
image/png 3.23.241.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.thekraken.xyz/storage/uploads/Phishing_-_normal_activities_cloaked_in_encryption_%E2%80%93_CI_Security_CTO_Mike_Simon__F5_Labs_2019_Phishing_and_Fraud_Report.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.23.241.62 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

0f5965394171c0baed38e53448f78c902de0a9d1a71b02b170ce409d1875d236

Security Headers

Name	Value
Strict-Transport-Security	strict-transport-security: max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.youtube.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ci.security/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 13 Jul 2020 15:38:33 GMT
referrer-policy: strict-origin
last-modified: Wed, 30 Oct 2019 22:59:00 GMT
server: Apache
etag: "aec4-59628adb1c0c3"
x-frame-options: ALLOW-FROM https://www.youtube.com/
content-type: image/png
status: 200
x-xss-protection: 1; mode=block
cache-control: max-age=1209600, public, public
strict-transport-security: strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
content-length: 44740
x-content-type-options: nosniff

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-72734021-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ci.security/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 2534
date: Mon, 13 Jul 2020 14:56:18 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Mon, 13 Jul 2020 16:56:18 GMT

GET
H2 200 F5_Labs_2019_Phishing_and_Fraud_Report_with_CI_Security_blog.png
cms.thekraken.xyz/storage/uploads/ 309 KB
310 KB 539ms
312ms Image
image/png 3.23.241.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.thekraken.xyz/storage/uploads/F5_Labs_2019_Phishing_and_Fraud_Report_with_CI_Security_blog.png

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.23.241.62 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

d736d29d6f1ec06e88042ea890deb144604625cbe685c1a1a7ba2be22aa5bf8c

Security Headers

Name	Value
Strict-Transport-Security	strict-transport-security: max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.youtube.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ci.security/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 13 Jul 2020 15:38:33 GMT
referrer-policy: strict-origin
last-modified: Wed, 30 Oct 2019 21:39:48 GMT
server: Apache
etag: "4d37e-596279275483b"
x-frame-options: ALLOW-FROM https://www.youtube.com/
content-type: image/png
status: 200
x-xss-protection: 1; mode=block
cache-control: max-age=1209600, public, public
strict-transport-security: strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
content-length: 316286
x-content-type-options: nosniff

GET

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1171693310&t=pageview&_s=1&dl=https%3A%2F%2Fci.security%2Fresources%2Fnews%2Farticle%2Ff5-labs-2019-phishing-and-fraud-report-with-ci-securit...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-72734021-3&cid=622860944.1594654713&jid=531284631&_gid=536416249.1594654713&gjid=683314149&_v=j83&z=1422834141

0
0

GET
H2 200 Phishing_15-20_per_cent_quote_-_CI_Security.png
cms.thekraken.xyz/storage/uploads/ 102 KB
103 KB 501ms
314ms Image
image/png 3.23.241.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.thekraken.xyz/storage/uploads/Phishing_15-20_per_cent_quote_-_CI_Security.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.23.241.62 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

310f8cfe1c9e1632c19f99cfca28b1c6ba36e89de4c7c24ba00552b0a676289e

Security Headers

Name	Value
Strict-Transport-Security	strict-transport-security: max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.youtube.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ci.security/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 13 Jul 2020 15:38:33 GMT
referrer-policy: strict-origin
last-modified: Wed, 30 Oct 2019 22:25:28 GMT
server: Apache
etag: "199ff-5962835c31566"
x-frame-options: ALLOW-FROM https://www.youtube.com/
content-type: image/png
status: 200
x-xss-protection: 1; mode=block
cache-control: max-age=1209600, public, public
strict-transport-security: strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
content-length: 104959
x-content-type-options: nosniff

GET
H2 200 Phishing_Happens_%E2%80%93_CI_Security_CTO_Mike_Simon__F5_Labs_2019_Phishing_and_Fraud_Report.png
cms.thekraken.xyz/storage/uploads/ 31 KB
31 KB 279ms
279ms Image
image/png 3.23.241.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.thekraken.xyz/storage/uploads/Phishing_Happens_%E2%80%93_CI_Security_CTO_Mike_Simon__F5_Labs_2019_Phishing_and_Fraud_Report.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.23.241.62 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

1a27159f91367103b88b1a1efda25d50cd59eac6b07f04e3bc9994a0d4f20a36

Security Headers

Name	Value
Strict-Transport-Security	strict-transport-security: max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.youtube.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ci.security/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 13 Jul 2020 15:38:33 GMT
referrer-policy: strict-origin
last-modified: Wed, 30 Oct 2019 23:30:39 GMT
server: Apache
etag: "7c33-596291ee90e5f"
x-frame-options: ALLOW-FROM https://www.youtube.com/
content-type: image/png
status: 200
x-xss-protection: 1; mode=block
cache-control: max-age=1209600, public, public
strict-transport-security: strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
content-length: 31795
x-content-type-options: nosniff

GET
H/1.1 200
OK AICPA-SOC-Level2-Badge.png
ci.security/static/img/ 19 KB
20 KB 335ms
114ms Image
image/png 207.38.86.153
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ci.security/static/img/AICPA-SOC-Level2-Badge.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.38.86.153 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),

Reverse DNS

web594.webfaction.com

Software

nginx /

Resource Hash

45780f9004f49b43678a975c549852684bd5b480319aa077e70d795da9099def

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.youtube.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ci.security/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 13 Jul 2020 15:38:33 GMT
Referrer-Policy: strict-origin
Last-Modified: Wed, 07 Aug 2019 19:48:27 GMT
Server: nginx
ETag: "4dfe-58f8c39917c8b"
X-Frame-Options: ALLOW-FROM https://www.youtube.com/
Content-Type: image/png
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=2628000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19966
X-Content-Type-Options: nosniff
Expires: Tue, 13 Jul 2021 15:38:33 GMT

GET
H/1.1 200
OK kraken.babel.min.js Show response
ci.security/static/ 9 KB
10 KB 261ms
120ms Script
application/javascript 207.38.86.153
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://ci.security/static/kraken.babel.min.js?v202006

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.38.86.153 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),

Reverse DNS

web594.webfaction.com

Software

nginx /

Resource Hash

aa48ac2d6fa213eacd1f3834c98c9e2cb16f63e1ba858830c73d3796c3b1f559

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.youtube.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ci.security/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 13 Jul 2020 15:38:33 GMT
Referrer-Policy: strict-origin
Last-Modified: Tue, 02 Jun 2020 10:54:35 GMT
Server: nginx
ETag: "2575-5a717bcb46258"
X-Frame-Options: ALLOW-FROM https://www.youtube.com/
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=2628000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9589
X-Content-Type-Options: nosniff
Expires: Wed, 12 Aug 2020 15:38:33 GMT

GET
H2 200 pa-5b467204ef13ce0016000168.js Show response
rum-static.pingdom.net/ 6 KB
3 KB 34ms
15ms Script
application/javascript 2606:4700:10::6814:14ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-static.pingdom.net/pa-5b467204ef13ce0016000168.js
Requested by: Host: ci.security
URL: https://ci.security/resources/news/article/f5-labs-2019-phishing-and-fraud-report-with-ci-security?utm_source=pardot&utm_medium=email&utm_campaign=g_nur_202004&utm_content=genit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:14ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 989b72a67d4bf083a4855f56371918520e71662111d831cd09bf4d783e2fe21c

Request headers

Referer: https://ci.security/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 13 Jul 2020 15:38:32 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 137
status: 200
cf-request-id: 03ea6cfc130000d72db0abb200000001
last-modified: Wed, 13 May 2020 13:49:07 GMT
server: cloudflare
etag: W/"5ebbfad3-1889"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 5b2417735bf2d72d-FRA
expires: Mon, 13 Jul 2020 15:41:15 GMT

GET ga-audiences
www.google.com/ads/ 0
0

GET
H/1.1 200
OK Roboto-Bold-webfont.woff
ci.security/static/fonts/ 21 KB
21 KB 212ms
211ms Font
font/woff 207.38.86.153
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://ci.security/static/fonts/Roboto-Bold-webfont.woff

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.38.86.153 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),

Reverse DNS

web594.webfaction.com

Software

nginx /

Resource Hash

a629b5570d16e1450d7621907a85b07392f2959b2792145864ac84fc0dbe7307

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.youtube.com/
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ci.security/
Origin: https://ci.security

Response headers

Date: Mon, 13 Jul 2020 15:38:33 GMT
Referrer-Policy: strict-origin
Last-Modified: Wed, 07 Aug 2019 19:48:27 GMT
Server: nginx
ETag: "5348-58f8c399174bb"
X-Frame-Options: ALLOW-FROM https://www.youtube.com/
Content-Type: font/woff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=2628000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21320
X-Content-Type-Options: nosniff
Expires: Wed, 12 Aug 2020 15:38:33 GMT

GET
H/1.1 200
OK RobotoSlab-Regular-webfont.woff
ci.security/static/fonts/ 23 KB
24 KB 220ms
219ms Font
font/woff 207.38.86.153
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://ci.security/static/fonts/RobotoSlab-Regular-webfont.woff

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.38.86.153 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),

Reverse DNS

web594.webfaction.com

Software

nginx /

Resource Hash

faf7aa5ba903daf6658fba09b30abd2bc812c6956df52df9791e9f59be86f7ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.youtube.com/
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ci.security/
Origin: https://ci.security

Response headers

Date: Mon, 13 Jul 2020 15:38:33 GMT
Referrer-Policy: strict-origin
Last-Modified: Wed, 07 Aug 2019 19:48:27 GMT
Server: nginx
ETag: "5d40-58f8c399178a3"
X-Frame-Options: ALLOW-FROM https://www.youtube.com/
Content-Type: font/woff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=2628000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23872
X-Content-Type-Options: nosniff
Expires: Wed, 12 Aug 2020 15:38:33 GMT

GET
H/1.1 200
OK Roboto-Regular-webfont.woff
ci.security/static/fonts/ 20 KB
21 KB 156ms
124ms Font
font/woff 207.38.86.153
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://ci.security/static/fonts/Roboto-Regular-webfont.woff

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.38.86.153 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),

Reverse DNS

web594.webfaction.com

Software

nginx /

Resource Hash

7838acd6a8bd0836972523ffbe20c9745d03b07d89968d9cc9bc57f46e567895

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.youtube.com/
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ci.security/
Origin: https://ci.security

Response headers

Date: Mon, 13 Jul 2020 15:38:33 GMT
Referrer-Policy: strict-origin
Last-Modified: Wed, 07 Aug 2019 19:48:27 GMT
Server: nginx
ETag: "51bc-58f8c399174bb"
X-Frame-Options: ALLOW-FROM https://www.youtube.com/
Content-Type: font/woff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=2628000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20924
X-Content-Type-Options: nosniff
Expires: Wed, 12 Aug 2020 15:38:33 GMT

GET
H/1.1 200
OK RobotoSlab-Bold-webfont.woff
ci.security/static/fonts/ 23 KB
24 KB 220ms
114ms Font
font/woff 207.38.86.153
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://ci.security/static/fonts/RobotoSlab-Bold-webfont.woff

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.38.86.153 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),

Reverse DNS

web594.webfaction.com

Software

nginx /

Resource Hash

de2ab805d9a0d28cbc9bcb5a4adf47ba419db64e21b94330cc97eb57fe9467c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.youtube.com/
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ci.security/
Origin: https://ci.security

Response headers

Date: Mon, 13 Jul 2020 15:38:33 GMT
Referrer-Policy: strict-origin
Last-Modified: Wed, 07 Aug 2019 19:48:27 GMT
Server: nginx
ETag: "5dfc-58f8c399178a3"
X-Frame-Options: ALLOW-FROM https://www.youtube.com/
Content-Type: font/woff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=2628000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24060
X-Content-Type-Options: nosniff
Expires: Wed, 12 Aug 2020 15:38:33 GMT

GET
H/1.1 200
OK FontAwesomeBrands-Regular-webfont.woff2
ci.security/static/fonts/ 20 KB
20 KB 280ms
123ms Font
font/woff2 207.38.86.153
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://ci.security/static/fonts/FontAwesomeBrands-Regular-webfont.woff2?v=1.0.0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.38.86.153 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),

Reverse DNS

web594.webfaction.com

Software

nginx /

Resource Hash

4a7acdea55252ab19b8c6e010eb38e2c11e87fee77e390798ce207b13b883d2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.youtube.com/
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ci.security/
Origin: https://ci.security

Response headers

Date: Mon, 13 Jul 2020 15:38:33 GMT
Referrer-Policy: strict-origin
Last-Modified: Wed, 07 Aug 2019 19:48:27 GMT
Server: nginx
ETag: "4e04-58f8c399170d3"
X-Frame-Options: ALLOW-FROM https://www.youtube.com/
Content-Type: font/woff2
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=2628000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19972
X-Content-Type-Options: nosniff
Expires: Wed, 12 Aug 2020 15:38:33 GMT

GET
H/1.1 200
OK BlackTie-Regular-webfont.woff2
ci.security/static/fonts/ 13 KB
13 KB 325ms
114ms Font
font/woff2 207.38.86.153
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://ci.security/static/fonts/BlackTie-Regular-webfont.woff2?v=1.0.0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.38.86.153 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),

Reverse DNS

web594.webfaction.com

Software

nginx /

Resource Hash

15c730c302225ad29a32a1852a683e1c02f45e4e8a018bef6c7901a51458e62d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.youtube.com/
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ci.security/
Origin: https://ci.security

Response headers

Date: Mon, 13 Jul 2020 15:38:33 GMT
Referrer-Policy: strict-origin
Last-Modified: Wed, 07 Aug 2019 19:48:27 GMT
Server: nginx
ETag: "3280-58f8c3991651b"
X-Frame-Options: ALLOW-FROM https://www.youtube.com/
Content-Type: font/woff2
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=2628000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12928
X-Content-Type-Options: nosniff
Expires: Wed, 12 Aug 2020 15:38:33 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 3 KB
2 KB 10ms
10ms Script
application/x-javascript 2a02:26f0:10c:382::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: ci.security
URL: https://ci.security/resources/news/article/f5-labs-2019-phishing-and-fraud-report-with-ci-security?utm_source=pardot&utm_medium=email&utm_campaign=g_nur_202004&utm_content=genit
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:382::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: 41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer: https://ci.security/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 13 Jul 2020 15:38:33 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Oct 2019 16:41:31 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=40695
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1576

GET
H2 200 97379541.min.js Show response
tag.demandbase.com/ 57 KB
15 KB 475ms
416ms Script
application/javascript 13.224.193.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.demandbase.com/97379541.min.js
Requested by: Host: ci.security
URL: https://ci.security/resources/news/article/f5-labs-2019-phishing-and-fraud-report-with-ci-security?utm_source=pardot&utm_medium=email&utm_campaign=g_nur_202004&utm_content=genit
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.193.53 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6980390a8a73d42cb1a04df55edf62f684f8293b7af45c0ba4f05993a8425909

Request headers

Referer: https://ci.security/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 13 Jul 2020 15:38:34 GMT
content-encoding: gzip
last-modified: Sat, 11 Jul 2020 16:56:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: FwP9br64ktAMsxlQ8rEhHUpoNC7YxKJx
status: 200
cache-control: public, max-age=3600
content-type: application/javascript; charset=utf-8
x-amz-cf-id: 2qSydyRR6uetZVeqJ955vjo2wH1Uj_z4zI1uvHkRqNIfLsxUmREWZg==
via: 1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)

GET
H/1.1 200
OK tracking.js Show response
trk.techtarget.com/ 4 KB
2 KB 111ms
23ms Script
text/javascript 163.171.132.119
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://trk.techtarget.com/tracking.js
Requested by: Host: ci.security
URL: https://ci.security/resources/news/article/f5-labs-2019-phishing-and-fraud-report-with-ci-security?utm_source=pardot&utm_medium=email&utm_campaign=g_nur_202004&utm_content=genit
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 8b51552f523ecd57ca4f82df5ab10610349f91cacb7c0f72d0290bed3cc37e4e

Request headers

Referer: https://ci.security/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 13 Jul 2020 15:38:33 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Jun 2019 20:11:17 GMT
Server: PWS/8.3.1.0.8
Age: 340
X-Ws-Request-Id: 5f0c7ff9_PSdgflkfFRA2sg7_64827-3080
Content-Type: text/javascript
Via: 1.1 VMmgnyNY3vz67:3 (W), 1.1 PSdgflkfFRA1hb199:0 (W), 1.1 PSdgflkfFRA2gb73:3 (W)
Cache-Control: max-age=600
X-Cache-Spec: Yes
X-Px: ht PSdgflkfFRA2gb73FRA
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1711
Expires: Mon, 13 Jul 2020 15:42:53 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 25 KB
8 KB 29ms
28ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: ci.security
URL: https://ci.security/resources/news/article/f5-labs-2019-phishing-and-fraud-report-with-ci-security?utm_source=pardot&utm_medium=email&utm_campaign=g_nur_202004&utm_content=genit
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b6f7b31210a709daca9760b215660b2cbe719757df3059364beeda005fca2dbe

Request headers

Referer: https://ci.security/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 13 Jul 2020 15:38:33 GMT
content-encoding: gzip
last-modified: Wed, 10 Jun 2020 19:59:59 GMT
x-msedge-ref: Ref A: 36F6C8CD4EB140FEA4D3BE724F488308 Ref B: FRAEDGE1515 Ref C: 2020-07-13T15:38:33Z
status: 200
etag: "804946b8613fd61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 7791

GET
H/1.1 200
OK RobotoSlab-Light-webfont.woff
ci.security/static/fonts/ 24 KB
24 KB 246ms
118ms Font
font/woff 207.38.86.153
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://ci.security/static/fonts/RobotoSlab-Light-webfont.woff

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.38.86.153 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),

Reverse DNS

web594.webfaction.com

Software

nginx /

Resource Hash

8c0bb3f48509023399dc0a8f98c761d942dfd0d75c120163de28b086d9f9b49c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.youtube.com/
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ci.security/
Origin: https://ci.security

Response headers

Date: Mon, 13 Jul 2020 15:38:33 GMT
Referrer-Policy: strict-origin
Last-Modified: Wed, 07 Aug 2019 19:48:27 GMT
Server: nginx
ETag: "5f8c-58f8c399178a3"
X-Frame-Options: ALLOW-FROM https://www.youtube.com/
Content-Type: font/woff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=2628000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24460
X-Content-Type-Options: nosniff
Expires: Wed, 12 Aug 2020 15:38:33 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=569164&url=https%3A%2F%2Fci.security%2Fresources%2Fnews%2Farticle%2Ff5-labs-2019-phishing-and-fraud-report-with-ci-security%3Futm_source%3Dpardot%...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D569164%26url%3Dhttps%253A%252F%252Fci.security%252Fresources%252Fnews%252Farticle...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=569164&url=https%3A%2F%2Fci.security%2Fresources%2Fnews%2Farticle%2Ff5-labs-2019-phishing-and-fraud-report-with-ci-security%3Futm_source%3Dpardot%...

0
57 B

125ms
124ms

Image
application/javascript

2a05:f500:10:101::b93f:9105
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=569164&url=https%3A%2F%2Fci.security%2Fresources%2Fnews%2Farticle%2Ff5-labs-2019-phishing-and-fraud-report-with-ci-security%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_campaign%3Dg_nur_202004%26utm_content%3Dgenit&time=1594654713192&liSync=true
Requested by: Host: ci.security
URL: https://ci.security/resources/news/article/f5-labs-2019-phishing-and-fraud-report-with-ci-security?utm_source=pardot&utm_medium=email&utm_campaign=g_nur_202004&utm_content=genit
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ci.security/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 13 Jul 2020 15:38:33 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
status: 200
x-li-proto: http/2
x-li-pop: prod-efr5
content-type: application/javascript
content-length: 0
x-li-uuid: 3rTAWgNaIRZwQPatqSsAAA==

Redirect headers

strict-transport-security: max-age=2592000
x-content-type-options: nosniff
linkedin-action: 1
status: 302
content-length: 0
x-li-uuid: A32MVgNaIRYwINkJTSsAAA==
pragma: no-cache
x-li-pop: afd-prod-edc2
x-msedge-ref: Ref A: 58B3517B4A6D488A8B515B9745F5235D Ref B: FRAEDGE0813 Ref C: 2020-07-13T15:38:33Z
date: Mon, 13 Jul 2020 15:38:32 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options: sameorigin
x-li-fabric: prod-lva1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=569164&url=https%3A%2F%2Fci.security%2Fresources%2Fnews%2Farticle%2Ff5-labs-2019-phishing-and-fraud-report-with-ci-security%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_campaign%3Dg_nur_202004%26utm_content%3Dgenit&time=1594654713192&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: https://accounts.google.com/gsi/status static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
149 B 30ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=56121946&Ver=2&mid=5e267857-9331-493a-2f13-f2fd0de6b20e&sid=ca199998-70a0-43c2-b63c-3d40c2a28ba5&vid=c1aea247-403a-6617-680b-cd287a7d1ecd-1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=F5%20Labs%202019%20Phishing%20and%20Fraud%20Report%20with%20CI%20Security%20%7C%20CI%20Security&p=https%3A%2F%2Fci.security%2Fresources%2Fnews%2Farticle%2Ff5-labs-2019-phishing-and-fraud-report-with-ci-security%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_campaign%3Dg_nur_202004%26utm_content%3Dgenit&r=&lt=2960&evt=pageLoad&msclkid=N&sv=1&rn=981325
Requested by: Host: ci.security
URL: https://ci.security/resources/news/article/f5-labs-2019-phishing-and-fraud-report-with-ci-security?utm_source=pardot&utm_medium=email&utm_campaign=g_nur_202004&utm_content=genit
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ci.security/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Mon, 13 Jul 2020 15:38:33 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: ABF9A21FDAD14AF79C9D4CC1BA81A2BE Ref B: FRAEDGE1515 Ref C: 2020-07-13T15:38:33Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK activity.gif
apt.techtarget.com/activity/ 43 B
450 B 410ms
100ms Image
image/gif 206.19.49.24
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apt.techtarget.com/activity/activity.gif?activityTypeId=31&cid=20406435&version=2.0&ref=https%3A%2F%2Fci.security%2Fresources%2Fnews%2Farticle%2Ff5-labs-2019-phishing-and-fraud-report-with-ci-security%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_campaign%3Dg_nur_202004%26utm_content%3Dgenit&r=1594654713281
Requested by: Host: ci.security
URL: https://ci.security/resources/news/article/f5-labs-2019-phishing-and-fraud-report-with-ci-security?utm_source=pardot&utm_medium=email&utm_campaign=g_nur_202004&utm_content=genit
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 206.19.49.24 , United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ci.security/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 13 Jul 2020 15:38:33 GMT
Last-Modified: Tue, 26 Mar 2019 18:30:29 GMT
ETag: "2b-5850384029cff"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=49
Content-Length: 43

GET
H2 200 ip.json Show response
api.company-target.com/api/v2/ 440 B
939 B 119ms
74ms XHR
application/json 143.204.94.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fci.security%2Fresources%2Fnews%2Farticle%2Ff5-labs-2019-phishing-and-fraud-report-with-ci-security%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_campaign%3Dg_nur_202004%26utm_content%3Dgenit&page_title=F5%20Labs%202019%20Phishing%20and%20Fraud%20Report%20with%20CI%20Security%20%7C%20CI%20Security&key=ef6f04d2df1cbefc03f9dae82644e767&src=tag
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/97379541.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.94.108 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 51f57a3c7d8a7beb3e7d75e5c9efc04404b4270688be21d6570b423731c9ffaf

Request headers

Referer: https://ci.security/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 13 Jul 2020 15:38:33 GMT
identification-source: CENTRAL
vary: Accept-Encoding, Origin
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
status: 200
request-id: d5f850c9-5c15-44f5-8275-9a6f9dd15407
content-encoding: gzip
pragma: no-cache
access-control-allow-origin: https://ci.security
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: bUTtkQOl7DKuLiW-ZRMsM7f76OxkSchpzwGSb5LTpWUIAiSJ1llJgQ==
expires: Sun, 12 Jul 2020 15:38:33 GMT

GET
H/1.1

200
OK

validateCookie
segments.company-target.com/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/demandbase
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
https://segments.company-target.com/log?vendor=choca&user_id=AAKKaU6-GQAAAA_AtHOoxw
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAKKaU6-GQAAAA_AtHOoxw&verifyHash=dfdb4922a64581ac8f6faa108ecfe42cea33c661

26 B
408 B

117ms
117ms

Image
image/gif

13.225.87.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAKKaU6-GQAAAA_AtHOoxw&verifyHash=dfdb4922a64581ac8f6faa108ecfe42cea33c661
Requested by: Host: ci.security
URL: https://ci.security/resources/news/article/f5-labs-2019-phishing-and-fraud-report-with-ci-security?utm_source=pardot&utm_medium=email&utm_campaign=g_nur_202004&utm_content=genit
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.87.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://ci.security/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 13 Jul 2020 15:38:34 GMT
Via: 1.1 03d509e8374e9f42668961b5e0201349.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C2
Vary: Origin
X-Cache: Miss from cloudfront
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
trace-id: acfaa62a4cd978a9
X-Amz-Cf-Id: RTv2xmLMApGUleTYJ5jXsiG48VqhiktaMzvJLR3CCzry04awJTwPRw==

Redirect headers

Date: Mon, 13 Jul 2020 15:38:34 GMT
Via: 1.1 03d509e8374e9f42668961b5e0201349.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C2
Vary: Origin
X-Cache: Miss from cloudfront
Location: /validateCookie?vendor=choca&user_id=AAKKaU6-GQAAAA_AtHOoxw&verifyHash=dfdb4922a64581ac8f6faa108ecfe42cea33c661
Connection: keep-alive
trace-id: 40acb872c2e0958d
Content-Length: 0
X-Amz-Cf-Id: m4iKCFOUtm6jgxkRiNkK0wjxGQ52ZhbURwoTSfGYoDjXDGTSW_2t_w==

GET

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1171693310&t=event&ni=1&_s=2&dl=https%3A%2F%2Fci.security%2Fresources%2Fnews%2Farticle%2Ff5-labs-2019-phishing-and-fraud-report-with-ci-secur...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-72734021-3&cid=622860944.1594654713&jid=1731488284&_gid=536416249.1594654713&gjid=928438364&_v=j83&z=456796681

0
0

GET ga-audiences
www.google.com/ads/ 0
0

GET
H/1.1 200
OK pd.js Show response
pi.pardot.com/ 5 KB
2 KB 406ms
102ms Script
application/javascript 52.21.178.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/pd.js
Requested by: Host: ci.security
URL: https://ci.security/resources/news/article/f5-labs-2019-phishing-and-fraud-report-with-ci-security?utm_source=pardot&utm_medium=email&utm_campaign=g_nur_202004&utm_content=genit
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.178.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: PardotServer /
Resource Hash: 925be107869153b6120de872c1ae333977bfaee69a0f7c6271f32d4a8348bca8

Request headers

Referer: https://ci.security/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 13 Jul 2020 15:38:34 GMT
Content-Encoding: gzip
X-Pardot-Route: ea50fcd3dcf777490e1499615b883deb
X-Pardot-LB: 7044ba9c794aba658bc1be2f8b8ad85c
Last-Modified: Fri, 13 Mar 2020 17:31:37 GMT
Server: PardotServer
ETag: "1442-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=63072000
Accept-Ranges: bytes
Content-Length: 1842
Expires: Wed, 13 Jul 2022 15:38:34 GMT

GET
H/1.1 200
OK beacon.gif Show response
rum-collector-2.pingdom.net/img/ 0
213 B 128ms
30ms XHR
text/plain 34.250.128.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-collector-2.pingdom.net/img/beacon.gif?id=5b467204ef13ce0016000168&sAW=1600&sAH=1200&bIW=1600&bIH=1200&pD=24&dPR=1&or=landscape-primary&nT=0&rC=0&nS=0&cS=1714&cE=1940&dLE=1714&dLS=1697&fS=1696&hS=1726&rE=-1&rS=-1&reS=1941&resS=2536&resE=2636&uEE=-1&uES=-1&dL=2540&dI=2960&dCLES=2960&dCLEE=2960&dC=4081&lES=4081&lEE=4082&s=nt&title=F5%20Labs%202019%20Phishing%20and%20Fraud%20Report%20with%20CI%20Security%20%7C%20CI%20Security&path=https%3A%2F%2Fci.security%2Fresources%2Fnews%2Farticle%2Ff5-labs-2019-phishing-and-fraud-report-with-ci-security&ref=&sId=uel5ahyt&sST=1594654714&sIS=1&rV=0&v=1.4.1
Requested by: Host: rum-static.pingdom.net
URL: https://rum-static.pingdom.net/pa-5b467204ef13ce0016000168.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.128.129 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ci.security/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Mon, 13 Jul 2020 15:38:34 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 37 KB
12 KB 61ms
20ms Script
text/javascript 23.210.248.216
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: ci.security
URL: https://ci.security/resources/news/article/f5-labs-2019-phishing-and-fraud-report-with-ci-security?utm_source=pardot&utm_medium=email&utm_campaign=g_nur_202004&utm_content=genit
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b3a8953963fa7b23c98539cffff0383bbc690b1c5cb2d7606d7587e8d97576f1

Request headers

Referer: https://ci.security/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: V1YtrGL2kz4kPP3_hunplY9t0MUfXeKg
Content-Encoding: gzip
ETag: "a28078ca8d6ce64f89e404c0280e6026"
x-amz-request-id: 26F82FEAC8CB6EBF
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 11740
x-amz-id-2: LAKHlTwYDBqW6vrOA4bKB7nEibgezg7Clup1uOhqjKc8FF6XaPw+cZC3JhUoiIYIFUe/3RlMWrI=
Last-Modified: Thu, 09 Jul 2020 22:09:49 GMT
Server: AmazonS3
Date: Mon, 13 Jul 2020 15:38:34 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/PVQ657GQDFFXLFGCNQJYZN/index.js
https://s.adroll.com/j/exp/index.js

28 B
680 B

21ms
20ms

Script
application/javascript

23.210.248.216
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer: https://ci.security/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: Gq_Uupzq2k3J8S1dXTwhnfNaf5QBJsmG
ETag: "5816cced8568d223aa09d889f300692b"
x-amz-request-id: 1E8CDE18687D291F
x-amz-server-side-encryption: AES256
Connection: keep-alive
Content-Length: 28
x-amz-id-2: 8+VCH3RvputC9Qo7rGFnl5wdJA1nM0vRKAMwsYua3+sDRyrpBBrqzUBX8DCA2tD4Xclhnp4shRc=
Last-Modified: Mon, 22 Jun 2020 19:39:19 GMT
Server: AmazonS3
Date: Mon, 13 Jul 2020 15:38:34 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Mon, 13 Jul 2020 15:38:34 GMT
Server: AkamaiGHost
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 0

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/PVQ657GQDFFXLFGCNQJYZN/TSOEJUVR2RDQTK7UULEUDW/ 0
705 B 58ms
19ms Script
text/javascript 23.210.248.216
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/PVQ657GQDFFXLFGCNQJYZN/TSOEJUVR2RDQTK7UULEUDW/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ci.security/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 5L5K3WH.DPPqOfpkR1CyFQY49WcB4gQF
ETag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-request-id: 825DCDAD127116AD
x-amz-server-side-encryption: AES256
Connection: keep-alive
Content-Length: 0
x-amz-id-2: MZrwJU1kRjUpTZF/mxj6JvZjptcCFqBddLVZY9q3UbnlwZA2yLRVXoR2qK2KNnBAV8PoWXoRU4o=
Last-Modified: Sun, 12 Jul 2020 18:51:41 GMT
Server: AmazonS3
Date: Mon, 13 Jul 2020 15:38:34 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2

200

/ Show response
d.adroll.com/consent/check/PVQ657GQDFFXLFGCNQJYZN/
Redirect Chain

https://d.adroll.mgr.consensu.org/consent/iabcheck/PVQ657GQDFFXLFGCNQJYZN?_s=6c5ca5c770c0de5bb83e2f43ea69a921&_b=2
https://d.adroll.com/consent/check/PVQ657GQDFFXLFGCNQJYZN/?_s=6c5ca5c770c0de5bb83e2f43ea69a921&_b=2

395 B
487 B

34ms
33ms

Script
application/javascript

52.30.34.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/PVQ657GQDFFXLFGCNQJYZN/?_s=6c5ca5c770c0de5bb83e2f43ea69a921&_b=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.34.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 0bbea4712ccefcb3630154beb9ab0c32afe83e7d0563223f3393d10fa0d5c684

Request headers

Referer: https://ci.security/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 13 Jul 2020 15:38:34 GMT
server: nginx/1.16.1
content-length: 395
content-type: application/javascript

Redirect headers

status: 302
date: Mon, 13 Jul 2020 15:38:34 GMT
server: nginx/1.16.1
content-length: 105
location: https://d.adroll.com/consent/check/PVQ657GQDFFXLFGCNQJYZN/?_s=6c5ca5c770c0de5bb83e2f43ea69a921&_b=2

GET
H/1.0 200
OK analytics Show response
pi.pardot.com/ 2 KB
2 KB 2419ms
2418ms Script
text/javascript 52.21.178.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=20750&account_id=415142&title=F5%20Labs%202019%20Phishing%20and%20Fraud%20Report%20with%20CI%20Security%20%7C%20CI%20Security&url=https%3A%2F%2Fci.security%2Fresources%2Fnews%2Farticle%2Ff5-labs-2019-phishing-and-fraud-report-with-ci-security%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_campaign%3Dg_nur_202004%26utm_content%3Dgenit&referrer=&utm_campaign=g_nur_202004&utm_medium=email&utm_source=pardot&utm_content=genit
Requested by: Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js
Protocol: HTTP/1.0
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.178.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: PardotServer /
Resource Hash: 8d43f782dfc93c1b6a95ca92eb2f73029e42001365b92482e76aade9acdbd9ed

Request headers

Referer: https://ci.security/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Jul 2020 15:38:34 GMT
Content-Encoding: gzip
X-Pardot-Route: 13c7a24cfc43e49b0467af9964bf67ec
X-Pardot-LB: 7044ba9c794aba658bc1be2f8b8ad85c
X-Pardot-Rsp: 16/4/251
Vary: Accept-Encoding,User-Agent
P3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Content-Length: 859
Server: PardotServer
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.0 200
OK analytics Show response
cybersecurity.ci.security/ 52 B
1 KB 193ms
193ms Script
text/javascript 52.21.178.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cybersecurity.ci.security/analytics?conly=true&visitor_id=816472337&visitor_id_sign=ba1a500c384e2cfd9592b21599d49aae92298e3d69647cbf6b7c47f4c76d631409d6df71546252dd610c50661ec65a7afdb4d5c4&pi_opt_in=&campaign_id=20750&account_id=415142&title=F5%20Labs%202019%20Phishing%20and%20Fraud%20Report%20with%20CI%20Security%20%7C%20CI%20Security&url=https%3A%2F%2Fci.security%2Fresources%2Fnews%2Farticle%2Ff5-labs-2019-phishing-and-fraud-report-with-ci-security%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_campaign%3Dg_nur_202004%26utm_content%3Dgenit&referrer=&utm_campaign=g_nur_202004&utm_medium=email&utm_source=pardot&utm_content=genit
Requested by: Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=20750&account_id=415142&title=F5%20Labs%202019%20Phishing%20and%20Fraud%20Report%20with%20CI%20Security%20%7C%20CI%20Security&url=https%3A%2F%2Fci.security%2Fresources%2Fnews%2Farticle%2Ff5-labs-2019-phishing-and-fraud-report-with-ci-security%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_campaign%3Dg_nur_202004%26utm_content%3Dgenit&referrer=&utm_campaign=g_nur_202004&utm_medium=email&utm_source=pardot&utm_content=genit
Protocol: HTTP/1.0
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.178.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: PardotServer /
Resource Hash: eca19fb64be166fabab688d0cdb2ae946d3370f8124ff0f3f18119cc2d4eb825

Request headers

Referer: https://ci.security/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Jul 2020 15:38:37 GMT
X-Pardot-Route: 13c7a24cfc43e49b0467af9964bf67ec
X-Pardot-LB: 7044ba9c794aba658bc1be2f8b8ad85c
X-Pardot-Rsp: 16/87/50
Vary: User-Agent
P3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Content-Length: 52
Server: PardotServer
Expires: Thu, 19 Nov 1981 08:52:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: stats.g.doubleclick.net
URL: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-72734021-3&cid=622860944.1594654713&jid=531284631&_gid=536416249.1594654713&gjid=683314149&_v=j83&z=1422834141

Domain: www.google.com
URL: https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-72734021-3&cid=622860944.1594654713&jid=531284631&_v=j83&z=1422834141

Domain: stats.g.doubleclick.net
URL: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-72734021-3&cid=622860944.1594654713&jid=1731488284&_gid=536416249.1594654713&gjid=928438364&_v=j83&z=456796681

Domain: www.google.com
URL: https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-72734021-3&cid=622860944.1594654713&jid=1731488284&_v=j83&z=456796681

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ci.security/	1970-01-19 10:57:34	Name: _gat_gtag_UA_72734021_3 Value: 1
.ci.security/	1970-01-19 11:20:58	Name: _uetvid Value: c1aea247-403a-6617-680b-cd287a7d1ecd
.ci.security/	1970-01-19 10:59:01	Name: _uetsid Value: ca199998-70a0-43c2-b63c-3d40c2a28ba5

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://ci.security/resources/news/article/f5-labs-2019-phishing-and-fraud-report-with-ci-security?utm_source=pardot&utm_medium=email&utm_campaign=g_nur_202004&utm_content=genit(Line 5) Message: Production GA Script
console-api	log	URL: https://ci.security/static/kraken.babel.min.js?v202006(Line 1) Message: string
console-api	log	URL: https://ci.security/static/kraken.babel.min.js?v202006(Line 1) Message: Started task :: .infieldLabel

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'none'; base-uri 'self'; font-src 'self' data: .googleusercontent.com; media-src 'self' .thekraken.xyz; manifest-src 'self';script-src 'self' 'nonce-36587830063253960422241508316497' .google-analytics.com 'nonce-5483687168' s.ytimg.com .ci.security .bamboohr.com .adroll.com .adroll.mgr.consensu.org .linkedin.com .licdn.com .demandbase.com .techtarget.com static.doubleclick.net .googletagmanager.com googleads.g.doubleclick.net bat.bing.com .pardot.com; style-src 'self' 'unsafe-inline' .bamboohr.com; img-src 'self' data: 'unsafe-inline' cms.thekraken.xyz .company-target.com .linkedin.com .adroll.com .casalemedia.com bat.bing.com www.google-analytics.com .twitter.com .pingdom.net .bidr.io .techtarget.com stats.g.doubleclick.net .advertising.com .casalemedia.com .rubiconproject.com .outbrain.com .pubmatic.com .yahoo.com .taboola.com/sg/adroll-network .3lift.com .bidswitch.net .adnxs.com .rlcdn.com .openx.net .bamboohr.com .pardot.com s.ytimg.com; connect-src 'self' .google-analytics.com .ci.security .google.com .bamboohr.com .pingdom.net .twitter.com .demandbase.com .company-target.com .youtube.com; frame-src 'self' .youtube.com .ci.security .pardot.com .bamboohr.com .twitter.com .google.com .google-analytics.com; frame-ancestors 'self' .driftt.com .bamboohr.com .youtube.com; form-action 'self' .ci.security ci.security *.pardot.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://www.youtube.com/
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.company-target.com
apt.techtarget.com
bat.bing.com
ci.security
cms.thekraken.xyz
cybersecurity.ci.security
d.adroll.com
d.adroll.mgr.consensu.org
match.prod.bidr.io
pi.pardot.com
px.ads.linkedin.com
rum-collector-2.pingdom.net
rum-static.pingdom.net
s.adroll.com
segments.company-target.com
snap.licdn.com
stats.g.doubleclick.net
tag.demandbase.com
trk.techtarget.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.linkedin.com
stats.g.doubleclick.net
www.google.com
13.224.193.53
13.225.87.70
143.204.94.108
163.171.132.119
206.19.49.24
207.38.86.153
23.210.248.216
2606:4700:10::6814:14ef
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:806::2008
2a00:1450:4001:806::200e
2a02:26f0:10c:382::25ea
2a05:f500:10:101::b93f:9105
3.23.241.62
34.250.128.129
52.21.178.134
52.30.34.11
52.49.185.203
0bbea4712ccefcb3630154beb9ab0c32afe83e7d0563223f3393d10fa0d5c684
0f5965394171c0baed38e53448f78c902de0a9d1a71b02b170ce409d1875d236
15c730c302225ad29a32a1852a683e1c02f45e4e8a018bef6c7901a51458e62d
1a27159f91367103b88b1a1efda25d50cd59eac6b07f04e3bc9994a0d4f20a36
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
310f8cfe1c9e1632c19f99cfca28b1c6ba36e89de4c7c24ba00552b0a676289e
3253ea85b51c079f0c8820fd30a199982f24ce10728af435efe9a1d6af71a3c2
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
45780f9004f49b43678a975c549852684bd5b480319aa077e70d795da9099def
4a7acdea55252ab19b8c6e010eb38e2c11e87fee77e390798ce207b13b883d2d
51f57a3c7d8a7beb3e7d75e5c9efc04404b4270688be21d6570b423731c9ffaf
6980390a8a73d42cb1a04df55edf62f684f8293b7af45c0ba4f05993a8425909
6e3481f69cdb394f9e81ff16e2529965a2b9697d3c01270caca3e336821a5bb6
77aa54530207da1ba1a1ca18b9be88420a71ab4e3d47164b5530332e984ed677
7838acd6a8bd0836972523ffbe20c9745d03b07d89968d9cc9bc57f46e567895
8b51552f523ecd57ca4f82df5ab10610349f91cacb7c0f72d0290bed3cc37e4e
8c0bb3f48509023399dc0a8f98c761d942dfd0d75c120163de28b086d9f9b49c
8d43f782dfc93c1b6a95ca92eb2f73029e42001365b92482e76aade9acdbd9ed
925be107869153b6120de872c1ae333977bfaee69a0f7c6271f32d4a8348bca8
989b72a67d4bf083a4855f56371918520e71662111d831cd09bf4d783e2fe21c
a3e26587be02d75c9c51c569c45211a3fe319252da13f31664723834511513c9
a629b5570d16e1450d7621907a85b07392f2959b2792145864ac84fc0dbe7307
aa48ac2d6fa213eacd1f3834c98c9e2cb16f63e1ba858830c73d3796c3b1f559
b3a8953963fa7b23c98539cffff0383bbc690b1c5cb2d7606d7587e8d97576f1
b6f7b31210a709daca9760b215660b2cbe719757df3059364beeda005fca2dbe
d736d29d6f1ec06e88042ea890deb144604625cbe685c1a1a7ba2be22aa5bf8c
db64bef6a2c727b71f9e74213255f066473f43b64bdeef8614e127c772e56cf6
de2ab805d9a0d28cbc9bcb5a4adf47ba419db64e21b94330cc97eb57fe9467c7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8345146e6ceb7ec1796bd82e3b853ad2956c9bf3090bf4f8294b5ee94502bfb
eca19fb64be166fabab688d0cdb2ae946d3370f8124ff0f3f18119cc2d4eb825
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
faf7aa5ba903daf6658fba09b30abd2bc812c6956df52df9791e9f59be86f7ed
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

ci.security Open in urlscan Pro 207.38.86.153 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

42 Requests

90 %HTTPS

37 %IPv6

17 Domains

23 Subdomains

18 IPs

5 Countries

1241 kBTransfer

1437 kBSize

3 Cookies

6 Outgoing links

Page URL History

Redirected requests

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

ci.security Open in urlscan Pro
207.38.86.153 Public Scan

Screenshot
Live screenshot

Full Image

42
Requests

90 %
HTTPS

37 %
IPv6

17
Domains

23
Subdomains

18
IPs

5
Countries

1241 kB
Transfer

1437 kB
Size

3
Cookies

42 HTTP transactions
0 data transactions