cofense2022stg.wpengine.com Open in urlscan Pro
34.74.117.101 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/
Submission: On October 20 via api (October 20th 2023, 2:09:24 am UTC) from TR — Scanned from DE

Summary HTTP 151 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 32 IPs in 4 countries across 25 domains to perform 151 HTTP transactions. The main IP is 34.74.117.101, located in North Charleston, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is cofense2022stg.wpengine.com.
TLS certificate: Issued by RapidSSL TLS RSA CA G1 on August 1st 2023. Valid for: a year.

This is the only time cofense2022stg.wpengine.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	34.74.117.101 34.74.117.101	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
80	2400:52e0:1e0... 2400:52e0:1e00::1080:1	200325 (BUNNYCDN) (BUNNYCDN)
6	2606:4700::68... 2606:4700::6812:1105	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:480... 2a02:26f0:480:f::213:7ed3	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
11	95.101.111.184 95.101.111.184	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:26f0:480... 2a02:26f0:480:f::213:7edd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	3.210.57.98 3.210.57.98	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6810:890f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	88.221.60.75 88.221.60.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.245.60.70 18.245.60.70	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:4400::ac40:973c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:1ec:46::63 2620:1ec:46::63	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	146.75.122.109 146.75.122.109	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	52.20.195.32 52.20.195.32	14618 (AMAZON-AES) (AMAZON-AES)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c0a::9c	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	185.89.210.46 185.89.210.46	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a02:26f0:480... 2a02:26f0:480:23::1726:629c	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	34.111.208.231 34.111.208.231	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	52.29.246.172 52.29.246.172	16509 (AMAZON-02) (AMAZON-02)
3	23.96.124.156 23.96.124.156	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.55.124.205 52.55.124.205	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700::68... 2606:4700::6812:1005	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.186.247.156 35.186.247.156	15169 (GOOGLE) (GOOGLE)
151	32

8 34.74.117.101 (North Charleston, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 101.117.74.34.bc.googleusercontent.com

cofense2022stg.wpengine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

80 2400:52e0:1e00::1080:1 (Germany)

ASN200325 (BUNNYCDN, SI)

ehhbozgsut3.exactdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:1105 (United States)

ASN13335 (CLOUDFLARENET, US)

js.qualified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.qualified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:f::213:7ed3 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 95.101.111.184 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-111-184.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:f::213:7edd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.210.57.98 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-57-98.compute-1.amazonaws.com

lltrck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:890f (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.221.60.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-60-75.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.60.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-70.fra60.r.cloudfront.net

static.oktopost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:973c (United States)

ASN13335 (CLOUDFLARENET, US)

trk.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::63 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.122.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

extend.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.20.195.32 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-195-32.compute-1.amazonaws.com

okt.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0a::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.46 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:23::1726:629c (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.208.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.208.111.34.bc.googleusercontent.com

ibc-flow.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

404-jhu-612.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.246.172 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-246-172.eu-central-1.compute.amazonaws.com

epsilon.6sense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.96.124.156 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

w.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.55.124.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-124-205.compute-1.amazonaws.com

app.qualified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:1005 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.qualified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.247.156 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 156.247.186.35.bc.googleusercontent.com

sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
80	exactdn.com ehhbozgsut3.exactdn.com	731 KB
13	6sc.co j.6sc.co — Cisco Umbrella Rank: 6581 c.6sc.co — Cisco Umbrella Rank: 9925 ipv6.6sc.co — Cisco Umbrella Rank: 6931 b.6sc.co — Cisco Umbrella Rank: 4494	21 KB
9	qualified.com js.qualified.com — Cisco Umbrella Rank: 25284 app.qualified.com — Cisco Umbrella Rank: 26441 assets.qualified.com — Cisco Umbrella Rank: 27872	866 KB
8	wpengine.com cofense2022stg.wpengine.com	37 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 998 w.clarity.ms — Cisco Umbrella Rank: 7887 c.clarity.ms — Cisco Umbrella Rank: 1548	28 KB
5	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 416 www.linkedin.com — Cisco Umbrella Rank: 708 px4.ads.linkedin.com — Cisco Umbrella Rank: 6066	5 KB
4	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2714 www.google.com — Cisco Umbrella Rank: 2	741 B
3	google.de www.google.de — Cisco Umbrella Rank: 6147	578 B
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 98	430 B
3	techtarget.com trk.techtarget.com — Cisco Umbrella Rank: 28664 ibc-flow.techtarget.com — Cisco Umbrella Rank: 25250	2 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	299 KB
2	6sense.com epsilon.6sense.com — Cisco Umbrella Rank: 10864	594 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	21 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3987	7 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 981	7 KB
1	sentry.io sentry.io — Cisco Umbrella Rank: 175	324 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 257	760 B
1	mktoresp.com 404-jhu-612.mktoresp.com	318 B
1	adnxs.com secure.adnxs.com — Cisco Umbrella Rank: 542	580 B
1	okt.to okt.to — Cisco Umbrella Rank: 38737	100 B
1	vimeocdn.com extend.vimeocdn.com — Cisco Umbrella Rank: 11319	6 KB
1	oktopost.com static.oktopost.com — Cisco Umbrella Rank: 48121	4 KB
1	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 5039	2 KB
1	lltrck.com lltrck.com — Cisco Umbrella Rank: 40367
1	typekit.net p.typekit.net — Cisco Umbrella Rank: 722	172 B
151	25

	Domain	Requested by
80	ehhbozgsut3.exactdn.com	cofense2022stg.wpengine.com ehhbozgsut3.exactdn.com
8	b.6sc.co	cofense2022stg.wpengine.com
8	cofense2022stg.wpengine.com	ehhbozgsut3.exactdn.com
7	assets.qualified.com	app.qualified.com
3	w.clarity.ms	www.clarity.ms
3	px.ads.linkedin.com	3 redirects
3	www.google.de	cofense2022stg.wpengine.com
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	region1.analytics.google.com	www.googletagmanager.com
3	www.googletagmanager.com	cofense2022stg.wpengine.com www.googletagmanager.com www.google-analytics.com
2	c.clarity.ms	1 redirects
2	epsilon.6sense.com	j.6sc.co
2	ibc-flow.techtarget.com	trk.techtarget.com
2	ipv6.6sc.co	j.6sc.co
2	c.6sc.co	j.6sc.co
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.clarity.ms	cofense2022stg.wpengine.com www.clarity.ms
2	munchkin.marketo.net	cofense2022stg.wpengine.com munchkin.marketo.net
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
1	sentry.io	assets.qualified.com
1	app.qualified.com	js.qualified.com
1	c.bing.com	1 redirects
1	px4.ads.linkedin.com	cofense2022stg.wpengine.com
1	www.linkedin.com	1 redirects
1	404-jhu-612.mktoresp.com	munchkin.marketo.net
1	www.google.com	cofense2022stg.wpengine.com
1	secure.adnxs.com	j.6sc.co
1	okt.to	static.oktopost.com
1	extend.vimeocdn.com	www.googletagmanager.com
1	trk.techtarget.com	cofense2022stg.wpengine.com
1	static.oktopost.com	cofense2022stg.wpengine.com
1	ws.zoominfo.com	cofense2022stg.wpengine.com
1	lltrck.com	cofense2022stg.wpengine.com
1	j.6sc.co	cofense2022stg.wpengine.com
1	p.typekit.net	ehhbozgsut3.exactdn.com
1	js.qualified.com	cofense2022stg.wpengine.com
151	36

This site contains links to these domains. Also see Links.

Domain
cofense.zendesk.com
go.cofense2022stg.wpengine.com
www.reuters.com
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com
wpml.org

Subject Issuer	Validity	Valid
*.wpengine.com RapidSSL TLS RSA CA G1	`2023-08-01` - `2024-08-28`	a year	crt.sh
*.exactdn.com R3	`2023-09-11` - `2023-12-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-11` - `2024-04-10`	a year	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-21` - `2024-10-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
6sc.co R3	`2023-08-19` - `2023-11-17`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
lltrck.com Amazon RSA 2048 M02	`2023-07-26` - `2024-08-23`	a year	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2023-04-04` - `2024-04-03`	a year	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-06` - `2024-02-05`	a year	crt.sh
*.oktopost.com Amazon RSA 2048 M01	`2023-08-29` - `2024-09-26`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-08-29` - `2024-08-29`	a year	crt.sh
*.vimeocdn.com GlobalSign Atlas R3 DV TLS CA 2023 Q1	`2023-02-18` - `2024-03-21`	a year	crt.sh
okt.to R3	`2023-10-07` - `2024-01-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
ibc-flow.techtarget.com GTS CA 1D4	`2023-09-21` - `2023-12-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.mktoresp.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-07` - `2024-10-07`	a year	crt.sh
*.6sense.com Amazon RSA 2048 M01	`2023-05-01` - `2024-05-29`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
app.qualified.com R3	`2023-09-21` - `2023-12-20`	3 months	crt.sh
sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-08` - `2024-09-07`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/
Frame ID: AA01A642FEB72831512487E37DE76688
Requests: 144 HTTP requests in this frame

Frame: https://app.qualified.com/w/1/H3wWDXLUxD4irieG/messenger?uuid=459feece-0b92-4b57-a619-5fd837e83982
Frame ID: F3537AFDBAE7D1BEE24B77B767910C98
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

New “Complaint Stealer” Malware Escalates | Cofense

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

151
Requests

98 %
HTTPS

52 %
IPv6

25
Domains

36
Subdomains

32
IPs

4
Countries

2034 kB
Transfer

5854 kB
Size

34
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://cofense.zendesk.com/auth/v2/login/signin
Title: Customer Resource Center

Search URL Search Domain Scan URL

URL: https://go.cofense2022stg.wpengine.com/live-demo/
Title: Get a Demo

Search URL Search Domain Scan URL

URL: https://www.reuters.com/technology/hackers-who-breached-casino-giants-mgm-caesars-also-hit-3-other-firms-okta-says-2023-09-19/
Title: MGM, Caesars and other luxury hotel resort

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Cofense/
Title: Facebook-f

Search URL Search Domain Scan URL

URL: https://twitter.com/cofense
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/11500065/
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCbvJmFk-Pwf85UbGI9-EGxw
Title: Youtube

Search URL Search Domain Scan URL

URL: https://wpml.org/
Title: wpml.org

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 128

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=300721&time=1697767758853&url=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fnew-complaint-stealer-malware-escalates%2F&tm=gtmv2 HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=300721&time=1697767758853&url=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fnew-complaint-stealer-malware-escalates%2F&tm=gtmv2&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D300721%26time%3D1697767758853%26url%3Dhttps%253A%252F%252Fcofense2022stg.wpengine.com%252Fblog%252Fnew-complaint-stealer-malware-escalates%252F%26tm%3Dgtmv2%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=300721&time=1697767758853&url=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fnew-complaint-stealer-malware-escalates%2F&tm=gtmv2&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=300721&time=1697767758853&url=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fnew-complaint-stealer-malware-escalates%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQLkErMgog5rHgAAAYtK2B2t1Lv3dTphZrdfiBqthRj7KaGYjG8jJzzm51Bz3mJa0nywGA1NlGuKLw

Request Chain 136

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=9BE923CFAD80470FBCD653CE612E50A1&RedC=c.clarity.ms&MXFR=288095F58702650F3C67864583026BF0 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=9BE923CFAD80470FBCD653CE612E50A1&MUID=3DBBA638E66B65E01112B588E7006491

151 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/ 136 KB
25 KB 582ms
227ms Document
text/html 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx / WP Engine
Resource Hash: 395f8a89991e910f414eadf01bac7b8094f1a1b94f53128a3e1067365c3006c8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=2419200, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 20 Oct 2023 02:09:18 GMT
last-modified: Thu, 19 Oct 2023 15:01:58 GMT
link: <https://cofense2022stg.wpengine.com/wp-json/>; rel="https://api.w.org/" <https://cofense2022stg.wpengine.com/wp-json/wp/v2/posts/104678>; rel="alternate"; type="application/json" <https://cofense2022stg.wpengine.com/?p=104678>; rel=shortlink
server: nginx
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 398
x-cache-group: normal
x-cacheable: YES:2419200.000
x-orig-cache-control: max-age=2419200, must-revalidate
x-powered-by: WP Engine

GET
H2 200 styles.css
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/sitepress-multilingual-cms/dist/css/blocks/ 57 KB
9 KB 104ms
28ms Stylesheet
text/css 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/sitepress-multilingual-cms/dist/css/blocks/styles.css?ver=1697730266

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

30db81ee3fd2296a2f5d01bb41c96067068327115900e2bdb865ffcfed6fdf8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 18 Oct 2024 15:54:20 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 10/19/2023 20:31:45
cdn-pullzone: 1418769
last-modified: Thu, 19 Oct 2023 15:44:27 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 3133566f2a76862e0c1c92f4b807e4fb
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/sitepress-multilingual-cms/dist/css/blocks/styles.css?ver=1697730266>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 style.min.css
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/ 906 B
1 KB 122ms
46ms Stylesheet
text/css 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/style.min.css?ver=1697730266

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

19fb8fd435c0bce0c7b49c24d128cce686d4a6bba0de63d34d5effa4e1f644f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 18 Oct 2024 15:44:36 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1080
cdn-cachedat: 10/19/2023 20:31:45
cdn-pullzone: 1418769
last-modified: Thu, 19 Oct 2023 15:44:36 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: f44f79df27071da454d46aa14032afa2
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/style.min.css?ver=1697730266>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 style.min.css
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/menu-item/ 258 B
1005 B 128ms
52ms Stylesheet
text/css 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/menu-item/style.min.css?ver=1697730266

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

4b9257e3e9c959214ddfab833a69a021ae6557403efe76afcbee259621175274

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 18 Oct 2024 15:44:36 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 10/19/2023 20:31:45
cdn-pullzone: 1418769
last-modified: Thu, 19 Oct 2023 15:44:36 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 17af1068904c262f048769d7d04060a6
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/menu-item/style.min.css?ver=1697730266>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 style.css
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/themes/cofense/ 8 KB
4 KB 88ms
12ms Stylesheet
text/css 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/themes/cofense/style.css?ver=1697730266

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

c3dfc3f03106f85ab56ceaadf44433f35cca4209d64922d50a1c650c90aa60ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 18 Oct 2024 15:44:36 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 10/19/2023 20:31:45
cdn-pullzone: 1418769
last-modified: Thu, 19 Oct 2023 15:44:36 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: c65366c996c46944b51aa6ad7e1f7897
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/themes/cofense/style.css?ver=1697730266>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 elementor-icons.min.css
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/eicons/css/ 20 KB
5 KB 102ms
27ms Stylesheet
text/css 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=1697730267

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

bf685e293d51dc7a9ca630e387c90e436811766ab6a41df5dd0dd660b91f9eaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 18 Oct 2024 15:44:36 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 10/19/2023 20:31:45
cdn-pullzone: 1418769
last-modified: Thu, 19 Oct 2023 15:44:36 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 7fa3ae13b14f6ed710e4ec8e99c440c3
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=1697730267>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 frontend-lite.min.css
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/css/ 115 KB
17 KB 100ms
25ms Stylesheet
text/css 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=1697730267

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

f2505437c541fbb54d3381687c49fded570dbc01ef97032d3db827f11825e971

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 18 Oct 2024 15:44:37 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1080
cdn-cachedat: 10/19/2023 20:31:45
cdn-pullzone: 1418769
last-modified: Thu, 19 Oct 2023 15:44:36 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 6c7df056316ed4ebe9498656c8fa5757
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=1697730267>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 swiper.min.css
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/swiper/css/ 13 KB
3 KB 107ms
32ms Stylesheet
text/css 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/swiper/css/swiper.min.css?ver=1697730267

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

d622534d53d3ac1095af275f0b30274fcd835785577df2dde6d9398e6f7a2c8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 18 Oct 2024 15:44:36 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 10/19/2023 20:31:45
cdn-pullzone: 1418769
last-modified: Thu, 19 Oct 2023 15:44:36 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 587699ebb3b7141a43f4becd2618adfd
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/swiper/css/swiper.min.css?ver=1697730267>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-15.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 6 KB
2 KB 102ms
27ms Stylesheet
text/css 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-15.css?ver=1697730267

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

b7aa6ab9df6a0e844f86c52f547756342afab7b158a51c6c54ec5c10ba9e3773

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 18 Oct 2024 15:44:36 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 10/19/2023 20:31:45
cdn-pullzone: 1418769
last-modified: Thu, 19 Oct 2023 15:44:36 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: e2ee986d4d6f74757ed82b04341c73af
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-15.css?ver=1697730267>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 frontend-lite.min.css
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/css/ 11 KB
3 KB 112ms
37ms Stylesheet
text/css 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=1697730267

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

41eac43c1137e23dc691d5605126f42c477b739d40867c3022a1c9a857dd3194

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 18 Oct 2024 15:44:36 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 10/19/2023 20:31:45
cdn-pullzone: 1418769
last-modified: Thu, 19 Oct 2023 15:44:36 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 148174d66122098d9e1e7c08524a494d
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=1697730267>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-104678.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 141 B
905 B 117ms
42ms Stylesheet
text/css 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-104678.css?ver=1697742223

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

40866ec78876a63fea371c77acbb0cf7586aff4bd46a0fb5e801d5f442f62c42

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 18 Oct 2024 19:03:59 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1080
cdn-cachedat: 10/19/2023 20:31:45
cdn-pullzone: 1418769
last-modified: Thu, 19 Oct 2023 19:03:48 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 3e72696e35a5de852e45bc4a13799a28
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-104678.css?ver=1697742223>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-93807.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 3 KB
1 KB 123ms
48ms Stylesheet
text/css 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-93807.css?ver=1697730268

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

f4221e726cd903ea62b23099982f627213f319bad4697da681b33ec82d613500

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 18 Oct 2024 15:54:20 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1080
cdn-cachedat: 10/19/2023 20:31:45
cdn-pullzone: 1418769
last-modified: Thu, 19 Oct 2023 15:44:27 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 4b5eba4a26699b768abe1ddb147bf7f9
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-93807.css?ver=1697730268>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-1266.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 18 KB
3 KB 110ms
35ms Stylesheet
text/css 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-1266.css?ver=1697730268

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

ae549261b91e3e9a5b932de75d605c5a831db2d3793f1c2e7b48c6fd2f811edd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 18 Oct 2024 15:44:36 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1080
cdn-cachedat: 10/19/2023 20:31:45
cdn-pullzone: 1418769
last-modified: Thu, 19 Oct 2023 15:44:36 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 83f09ac7bcf1d4ed38c02c2262d83190
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-1266.css?ver=1697730268>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-1271.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 15 KB
3 KB 118ms
44ms Stylesheet
text/css 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-1271.css?ver=1697730268

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

0a828dbd42b518c042d31e8c907ce91c852f06759f79a659341c8c4fa74492b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 18 Oct 2024 15:54:20 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 10/19/2023 20:31:45
cdn-pullzone: 1418769
last-modified: Thu, 19 Oct 2023 15:44:27 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 4ac8284ccd8817866b6f4858c511adaa
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-1271.css?ver=1697730268>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-1386.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 12 KB
3 KB 112ms
38ms Stylesheet
text/css 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-1386.css?ver=1697730295

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

f22f932d4024701930979deb0996cc5919e760b0a39fb638fd2d93c13be84305

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 18 Oct 2024 15:45:36 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 10/19/2023 20:31:45
cdn-pullzone: 1418769
last-modified: Thu, 19 Oct 2023 15:45:36 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: f83f32b12b0d302bdc645b7f9f0245ee
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-1386.css?ver=1697730295>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 widget-styles.css
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/css/ 435 KB
59 KB 121ms
46ms Stylesheet
text/css 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css?ver=1697730267

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

4d8f302eda9307bb0c244cc89f76f5d4eccd84380f4d04d47c49115ca989a983

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 18 Oct 2024 15:44:37 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 10/19/2023 20:31:45
cdn-pullzone: 1418769
last-modified: Thu, 19 Oct 2023 15:44:36 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: ba79aa43787bcf144e1a86208f74c580
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css?ver=1697730267>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 responsive.css
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/css/ 30 KB
5 KB 122ms
47ms Stylesheet
text/css 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css?ver=1697730267

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

12c3f7bc60c99d1b6b634d6cd16fbb0e26ae75ddda15d7a6e5106cd5dad83f14

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 18 Oct 2024 15:54:20 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 10/19/2023 20:31:45
cdn-pullzone: 1418769
last-modified: Thu, 19 Oct 2023 15:44:27 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: f907d85887b64d900634e4a7759e6960
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css?ver=1697730267>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 ecs-style.css
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/ele-custom-skin/assets/css/ 6 KB
2 KB 120ms
45ms Stylesheet
text/css 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/ele-custom-skin/assets/css/ecs-style.css?ver=1697730268

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

8cbc49b1385bf29debe95333f04795a6e3a2cf218d88b415b29872d06491fd1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 18 Oct 2024 15:44:36 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 10/19/2023 20:31:45
cdn-pullzone: 1418769
last-modified: Thu, 19 Oct 2023 15:44:36 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 7ee74d410ec4b260599d775beeec39e7
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/ele-custom-skin/assets/css/ecs-style.css?ver=1697730268>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-1444.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 2 KB
1 KB 114ms
40ms Stylesheet
text/css 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-1444.css?ver=1678361574

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

0800c1bcae9fd7a9ab8bb0fc08bb60392cde06279906b58ba73a9d32c0ef0f8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 13:59:08 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 09/29/2023 14:44:40
cdn-pullzone: 1418769
last-modified: Fri, 29 Sep 2023 13:59:08 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 059290a5e650bea020b6dc46659e7b2e
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-1444.css?ver=1678361574>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-1462.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 2 KB
1 KB 106ms
32ms Stylesheet
text/css 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-1462.css?ver=1671033592

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

880bd0c057b2118ce8870a412c9bbc9c744ecc1ffc2e0cec852f0822467a5468

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 13:58:57 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 09/29/2023 14:44:40
cdn-pullzone: 1418769
last-modified: Fri, 29 Sep 2023 13:58:57 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: dc295b8c11b7e1b00371078e89aa9ae1
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-1462.css?ver=1671033592>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-86702.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 878 B
1 KB 121ms
47ms Stylesheet
text/css 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-86702.css?ver=1666612343

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

08d9e28e5a3cf2a632f0a595610c79ae90f8dc50f3dd17914f2e6ef324b100bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 13:58:57 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 09/29/2023 14:44:40
cdn-pullzone: 1418769
last-modified: Fri, 29 Sep 2023 13:58:57 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 1fe6a89c44896285d1545137fd6e919b
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-86702.css?ver=1666612343>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-86773.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 2 KB
1 KB 109ms
36ms Stylesheet
text/css 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-86773.css?ver=1666885690

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

06c5b21ed6beb8535987a718d67db031fd8f9658a06e347946420fece8a2d845

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 13:58:57 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 09/29/2023 14:44:40
cdn-pullzone: 1418769
last-modified: Fri, 29 Sep 2023 13:58:57 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 259ec3add5e34910e785a4f7b1ea2dfd
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-86773.css?ver=1666885690>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-94275.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 1 KB
1 KB 116ms
42ms Stylesheet
text/css 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-94275.css?ver=1666870708

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

21a8d9de57277a54200a816f7c852e39febfb766f6fcecd3d7e8d4c90dd5f55f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 13:58:57 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 09/29/2023 14:44:40
cdn-pullzone: 1418769
last-modified: Fri, 29 Sep 2023 13:58:57 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: ced9e7bcc5a5c5543b0ea0c0af79ffec
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-94275.css?ver=1666870708>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-96442.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 2 KB
1 KB 125ms
52ms Stylesheet
text/css 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-96442.css?ver=1680173529

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

5ec0edcab83d68a0bbdaaa014ca2eb993bf8bb3eb9eb5291be25e602a0d50e2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 13:58:57 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 09/29/2023 14:44:40
cdn-pullzone: 1418769
last-modified: Fri, 29 Sep 2023 13:58:57 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 954f0f7f2eb0c42e421f99f4122090b4
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-96442.css?ver=1680173529>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-96443.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 2 KB
1 KB 102ms
28ms Stylesheet
text/css 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-96443.css?ver=1684235063

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

edf0c45100bd76408c47b7a27b7cc7a85d776b1baf46de9e33f5b90bff9d5ea2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 13:58:57 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 09/29/2023 14:44:40
cdn-pullzone: 1418769
last-modified: Fri, 29 Sep 2023 13:58:57 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 6d3fc5f94eb70aa0a9ffad035f926393
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-96443.css?ver=1684235063>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-96445.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 2 KB
1 KB 114ms
41ms Stylesheet
text/css 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-96445.css?ver=1675169689

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

6c64f1f61427b7aff7961cee93a0ee95c454274084a3a9e10aed8496929450d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 13:58:57 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1080
cdn-cachedat: 09/29/2023 14:44:40
cdn-pullzone: 1418769
last-modified: Fri, 29 Sep 2023 13:58:57 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 5556814421d3eab0be149469867a39c5
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-96445.css?ver=1675169689>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 css
ehhbozgsut3.exactdn.com/easyio-fonts/ 26 KB
2 KB 116ms
43ms Stylesheet
text/css 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/easyio-fonts/css?family=Inter%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=9be23f0884641ae8f32d790ffab7bbee

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

5fde6eacc077ab58c0a3e25657dcc7bb8c2c21469b7223f8135dd46da6beee25

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Wed, 16 Oct 2024 19:51:09 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1080
cdn-cachedat: 10/17/2023 21:39:50
cdn-pullzone: 1418769
last-modified: Tue, 17 Oct 2023 19:51:09 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 0314a84fea874d298a1606b55f782131
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/easyio-fonts/css?family=Inter%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=9be23f0884641ae8f32d790ffab7bbee>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 fontawesome.min.css
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 57 KB
14 KB 113ms
40ms Stylesheet
text/css 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=1697730268

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 18 Oct 2024 15:54:20 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 10/19/2023 20:31:45
cdn-pullzone: 1418769
last-modified: Thu, 19 Oct 2023 15:44:27 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 5ca1ae5be2bd882d35ee486d8d668f4d
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=1697730268>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 solid.min.css
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 1 KB
1 KB 107ms
34ms Stylesheet
text/css 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=1697730268

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

d16687a04944f1fe7b82f081d4267457122bc36b26de671c1132ca5fdc938f41

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 18 Oct 2024 15:44:36 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 10/19/2023 20:31:45
cdn-pullzone: 1418769
last-modified: Thu, 19 Oct 2023 15:44:36 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: ab2b7904bc356110b634621b49884584
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=1697730268>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 brands.min.css
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 1 KB
1 KB 120ms
47ms Stylesheet
text/css 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=1697730268

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

ad2364119e81655c5452420dd9a2e2a488dd6658012ae9db392d4ee441c1e6a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 18 Oct 2024 15:44:36 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 10/19/2023 20:31:45
cdn-pullzone: 1418769
last-modified: Thu, 19 Oct 2023 15:44:36 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 5fc01d51e39a24985e33e37b752d7ea3
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=1697730268>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 language-cookie.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/ 239 B
1 KB 123ms
50ms Script
text/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/language-cookie.js?ver=1697729605

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

848ebbe22f48bb9cbdef963602e58e60688e934f430b6839500232159560c6de

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 18 Oct 2024 15:44:36 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 10/19/2023 20:31:45
cdn-pullzone: 1418769
last-modified: Thu, 19 Oct 2023 15:34:22 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 54318f42e4bdf3c0b5ff5093031609d5
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/language-cookie.js?ver=1697729605>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ehhbozgsut3.exactdn.com/wp-includes/js/jquery/ 85 KB
33 KB 128ms
55ms Script
text/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 13:58:57 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 09/29/2023 14:44:40
cdn-pullzone: 1418769
last-modified: Fri, 29 Sep 2023 13:58:05 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 2bdce2132be606f76b27c0baacb61939
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 jquery-migrate.min.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-includes/js/jquery/ 13 KB
6 KB 128ms
55ms Script
text/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-includes/js/jquery/jquery-migrate.min.js?ver=1697729605

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

a7c3b69070e18da88843ce5865aae332f74fae0ada9c0a6004c6615c9813b4d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 18 Oct 2024 15:34:31 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1080
cdn-cachedat: 10/19/2023 20:31:45
cdn-pullzone: 1418769
last-modified: Thu, 19 Oct 2023 15:34:31 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 198234dd6964c67469544ca6a126ec1e
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-includes/js/jquery/jquery-migrate.min.js?ver=1697729605>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 ecs_ajax_pagination.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/ele-custom-skin/assets/js/ 3 KB
2 KB 127ms
55ms Script
text/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/ele-custom-skin/assets/js/ecs_ajax_pagination.js?ver=1697729605

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

a5b92372018c41010f3abc7e2508e4f4e1be30c6aa4bad99ae72504ad3e105a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 18 Oct 2024 15:34:31 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1080
cdn-cachedat: 10/19/2023 20:31:45
cdn-pullzone: 1418769
last-modified: Thu, 19 Oct 2023 15:34:31 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 27f13331e5b4ed779c0df59393e9ec74
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/ele-custom-skin/assets/js/ecs_ajax_pagination.js?ver=1697729605>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 ecs.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/ele-custom-skin/assets/js/ 249 B
999 B 128ms
55ms Script
text/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/ele-custom-skin/assets/js/ecs.js?ver=1697729605

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

58f8be459c8d1062283ac072740cb4504fc4b3c06f7f6f1e6b17643115cf2cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 18 Oct 2024 15:34:31 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1080
cdn-cachedat: 10/19/2023 20:31:45
cdn-pullzone: 1418769
last-modified: Thu, 19 Oct 2023 15:34:31 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 320867c4be53386e9f54799eb38167f5
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/ele-custom-skin/assets/js/ecs.js?ver=1697729605>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 zlo5wor.css
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/ 816 B
1 KB 120ms
48ms Stylesheet
text/css 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/zlo5wor.css?ver=1697730268

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

3c1a5c4b5574a4104a92b2e700e6f0fc5b001c4297ebc5a1e76d67b1fbeb1c2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 18 Oct 2024 15:44:36 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1080
cdn-cachedat: 10/19/2023 20:31:45
cdn-pullzone: 1418769
last-modified: Thu, 19 Oct 2023 15:44:36 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 4a9b5accbc5f303ee87e6f2d31af9164
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/zlo5wor.css?ver=1697730268>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 qualified.js Show response
js.qualified.com/ 290 KB
91 KB 468ms
428ms Script
text/javascript 2606:4700::6812:1105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.qualified.com/qualified.js?token=H3wWDXLUxD4irieG

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

daecac5f08c9ca9bdd7b4964baaba005c86e765aa85e071214b87fd437b1f80a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: gzip
via: 1.1 spaces-router (devel)
strict-transport-security: max-age=63072000; includeSubDomains
cf-cache-status: MISS
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 78bc3cd3-1f00-770c-18fd-ddf3606c6f00
pragma: no-cache
x-runtime: 0.021866
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"daecac5f08c9ca9bdd7b4964baaba005"
x-download-options: noopen
vary: Accept,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 818db7c9f99a5d65-FRA
expires: Fri, 20 Oct 2023 06:09:18 GMT

GET
H2 200 widget-nav-menu.min.css
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/css/ 26 KB
5 KB 121ms
48ms Stylesheet
text/css 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/css/widget-nav-menu.min.css?ver=1697730268

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

20aad078c190cf5e3ff7c4a1471020f97a232dbc06b41b80f6a5fc782bd3493d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 18 Oct 2024 15:44:36 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 10/19/2023 20:31:45
cdn-pullzone: 1418769
last-modified: Thu, 19 Oct 2023 15:44:36 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 5c8e073c73f3c455122373ad8c7c8405
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/css/widget-nav-menu.min.css?ver=1697730268>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 widget-icon-list.min.css
ehhbozgsut3.exactdn.com/wp-content/plugins/elementor/assets/css/ 10 KB
2 KB 124ms
52ms Stylesheet
text/css 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

e0aa068ac5dfad098da734d929000446f50930d7411a075c031ea96a9352970b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 13:58:15 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 09/29/2023 14:44:40
cdn-pullzone: 1418769
last-modified: Fri, 29 Sep 2023 13:58:15 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: a08eca0726a2532e0b917468a990ee02
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 widget-theme-elements.min.css
ehhbozgsut3.exactdn.com/wp-content/plugins/elementor-pro/assets/css/ 10 KB
3 KB 121ms
49ms Stylesheet
text/css 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/plugins/elementor-pro/assets/css/widget-theme-elements.min.css

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

f7c57b37232dd200e7b27fc6bfce78ec413a3a718e94818248f4fe16570780bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 13:58:57 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 09/29/2023 14:44:40
cdn-pullzone: 1418769
last-modified: Fri, 29 Sep 2023 13:58:15 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 9f60da26a34a929f7dda4b0e23b8c5c9
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/plugins/elementor-pro/assets/css/widget-theme-elements.min.css>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 widget-share-buttons.min.css
ehhbozgsut3.exactdn.com/wp-content/plugins/elementor-pro/assets/css/ 30 KB
3 KB 121ms
49ms Stylesheet
text/css 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/plugins/elementor-pro/assets/css/widget-share-buttons.min.css

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

faddf8c3ff09bbff2375dd94286aef72d1f2816fad00c248b213e0ed4877f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 13:58:15 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 09/29/2023 14:44:40
cdn-pullzone: 1418769
last-modified: Fri, 29 Sep 2023 13:58:15 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 34d43d78b3025b14791f9bf523d7f693
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/plugins/elementor-pro/assets/css/widget-share-buttons.min.css>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 widget-posts.min.css
ehhbozgsut3.exactdn.com/wp-content/plugins/elementor-pro/assets/css/ 14 KB
3 KB 121ms
49ms Stylesheet
text/css 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/plugins/elementor-pro/assets/css/widget-posts.min.css

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

1a829e1d6e41d31c49d5da4fc80f0d3a7ec3a42346706e092e19515ac518a057

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 13:58:15 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1080
cdn-cachedat: 09/29/2023 14:44:40
cdn-pullzone: 1418769
last-modified: Fri, 29 Sep 2023 13:58:15 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: d9146e8926956a98b4cef60cc4c34004
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/plugins/elementor-pro/assets/css/widget-posts.min.css>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-9276.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 4 KB
2 KB 117ms
46ms Stylesheet
text/css 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-9276.css?ver=1697730268

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

8f9de5ce0bd559fccdcf15f73bef8d60af03428ea4c33222985a6644d1351b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 18 Oct 2024 15:44:37 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 10/19/2023 20:31:45
cdn-pullzone: 1418769
last-modified: Thu, 19 Oct 2023 15:44:37 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 342cb86649503ca5e616f7984d7de0d0
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-9276.css?ver=1697730268>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-9277.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 5 KB
2 KB 114ms
42ms Stylesheet
text/css 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-9277.css?ver=1697730268

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

80ae295e1e684f6903ca3b3896fb69550a5051c018482eae7d601f5a270c5f83

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 18 Oct 2024 15:44:37 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 10/19/2023 20:31:45
cdn-pullzone: 1418769
last-modified: Thu, 19 Oct 2023 15:44:37 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: b29b14a6320a44896dc77dec0c63ac98
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-9277.css?ver=1697730268>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-9907.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 2 KB
1 KB 108ms
37ms Stylesheet
text/css 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-9907.css?ver=1697730268

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

b4d6f31b12061ce5f7eb43054704209c45634f84c8dcfd0666907f33fa527401

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 18 Oct 2024 15:54:20 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 10/19/2023 20:31:45
cdn-pullzone: 1418769
last-modified: Thu, 19 Oct 2023 15:44:27 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: ad7a1f930c26fae1a5e4c50dfe92fba5
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-9907.css?ver=1697730268>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-94175.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 2 KB
1 KB 118ms
47ms Stylesheet
text/css 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-94175.css?ver=1697730268

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

f18d03ea1db25769e0297f023bbb4f700a35027e4b26c8ce2cea90dd91956cef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 18 Oct 2024 15:44:37 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1080
cdn-cachedat: 10/19/2023 20:31:45
cdn-pullzone: 1418769
last-modified: Thu, 19 Oct 2023 15:44:37 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: c1c6141d2f818105fd10d0976829207f
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-94175.css?ver=1697730268>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-94173.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 2 KB
1 KB 108ms
36ms Stylesheet
text/css 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-94173.css?ver=1697730268

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

ff0ef2b4514a9a824e24181bd336b7b282a0ff614b16dcc9484470aa337c15a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 18 Oct 2024 15:44:37 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1080
cdn-cachedat: 10/19/2023 20:31:45
cdn-pullzone: 1418769
last-modified: Thu, 19 Oct 2023 15:44:37 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 48d48079264bca8353259d1d70243f3f
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-94173.css?ver=1697730268>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 regular.min.css
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 1 KB
1 KB 117ms
46ms Stylesheet
text/css 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=1697730296

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

65d8dd786920a8a2fa4df78fdcb708f06cf67c5febe9cfd5ca83c479a66fdad2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 18 Oct 2024 15:46:05 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 10/19/2023 20:31:45
cdn-pullzone: 1418769
last-modified: Thu, 19 Oct 2023 15:46:05 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 23d97a84818948f72f4f12a314ccead7
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=1697730296>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 post-96724.css
ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/ 6 KB
2 KB 109ms
37ms Stylesheet
text/css 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-96724.css?ver=1697730268

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

365b620ba7cfdf23e9c6f78bfda3004c9ae0c8deb6605fe0b069c0ae992981b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 18 Oct 2024 15:44:37 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 10/19/2023 20:31:45
cdn-pullzone: 1418769
last-modified: Thu, 19 Oct 2023 15:44:37 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: d813a4c3537df36283ea1fe286a7d7e6
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-96724.css?ver=1697730268>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 animations.min.css
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/animations/ 18 KB
4 KB 114ms
43ms Stylesheet
text/css 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=1697730268

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

a144b7eb90f5589866d0546b15df7c4473c9ff44b079490e449c0ad96bb82511

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 18 Oct 2024 15:44:37 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 10/19/2023 20:31:45
cdn-pullzone: 1418769
last-modified: Thu, 19 Oct 2023 15:44:37 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 2a34fd842c23f2bf55ba6bd3efb67ab9
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=1697730268>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 lazysizes.min.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/ewww-image-optimizer/includes/ 15 KB
7 KB 127ms
56ms Script
text/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/ewww-image-optimizer/includes/lazysizes.min.js?ver=1697729606

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

136ae09fa1a7c5fc9e017fef8c19b4408a8f4fdf9c9df542652a9746ee3e9b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 18 Oct 2024 15:34:31 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 10/19/2023 20:31:45
cdn-pullzone: 1418769
last-modified: Thu, 19 Oct 2023 15:34:31 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 2fa076e604e8fc628c401b8f94c1e4ed
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/ewww-image-optimizer/includes/lazysizes.min.js?ver=1697729606>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 navigation.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/themes/cofense/js/ 2 KB
1 KB 121ms
50ms Script
text/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/themes/cofense/js/navigation.js?ver=1697729606

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

3c60f28ac63eb4fed3d219aba2496cb5da8b96a1db54a8d9b5c87ada17e42c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 18 Oct 2024 15:34:31 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 10/19/2023 20:31:45
cdn-pullzone: 1418769
last-modified: Thu, 19 Oct 2023 15:34:31 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: c7f21da2a96501f5ac7a82bf4da0f421
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/themes/cofense/js/navigation.js?ver=1697729606>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 frontend-script.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/libs/framework/assets/js/ 39 B
882 B 120ms
49ms Script
text/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js?ver=1697729606

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

89b87d53f74bf77c35b63352937c490fa8e07f70eb549d9307ea8e945fc00bc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 18 Oct 2024 15:34:31 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 1080
cdn-cachedat: 10/19/2023 20:31:45
cdn-pullzone: 1418769
content-length: 39
last-modified: Thu, 19 Oct 2023 15:34:31 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 78d4bd11cd235245c36a9b00eb822e20
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js?ver=1697729606>; rel="canonical"
cdn-requestcountrycode: DE
cdn-status: 200
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullsuccess: True

GET
H2 200 widget-scripts.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/js/ 134 KB
40 KB 120ms
50ms Script
text/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js?ver=1697729606

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

234cbce3c37318c0a714729e1340c5bbdde1e9ebf444c5480db3ffe149ca9ee8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 18 Oct 2024 15:34:31 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 10/19/2023 20:31:45
cdn-pullzone: 1418769
last-modified: Thu, 19 Oct 2023 15:34:31 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 6f202b58fafe7b7f063c080af27c938e
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js?ver=1697729606>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 jquery.smartmenus.min.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/lib/smartmenus/ 25 KB
9 KB 125ms
54ms Script
text/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1697729607

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

bab206232a7ed22b16328f93b591887cf8e69c92871ee89fd421c94407b4f9a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 18 Oct 2024 15:44:37 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 10/19/2023 20:31:45
cdn-pullzone: 1418769
last-modified: Thu, 19 Oct 2023 15:34:31 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: a45f9673a114f2fcfb6822459b038111
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1697729607>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 imagesloaded.min.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-includes/js/ 5 KB
3 KB 124ms
54ms Script
text/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-includes/js/imagesloaded.min.js?ver=1697729607

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

4902421a8e4268518e9435b729b6a50ce42d76cf3afd2a6ed6d1db87b565cc66

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 18 Oct 2024 15:44:37 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1080
cdn-cachedat: 10/19/2023 20:31:45
cdn-pullzone: 1418769
last-modified: Thu, 19 Oct 2023 15:44:37 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 94715e63f3787086240a4efd91c6cdc5
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-includes/js/imagesloaded.min.js?ver=1697729607>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 webpack-pro.runtime.min.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/js/ 6 KB
3 KB 123ms
53ms Script
text/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=1697729607

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

79511acd0ccdbd49e4ece99044497e5de1befd1298f9184d7c3f4f68d04960c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 18 Oct 2024 15:34:31 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 10/19/2023 20:31:45
cdn-pullzone: 1418769
last-modified: Thu, 19 Oct 2023 15:34:31 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: a4f76a1afa3fa118ed16468d345483b9
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=1697729607>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 webpack.runtime.min.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/js/ 5 KB
3 KB 122ms
52ms Script
text/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=1697729607

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

6395d758d0ce608e17c063bcb631df55129fbdd005e4d9059b465ab433e5d3fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 18 Oct 2024 15:34:31 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 10/19/2023 20:31:45
cdn-pullzone: 1418769
last-modified: Thu, 19 Oct 2023 15:34:31 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 14fc203b45aaf1942f4f0a0634b1e354
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=1697729607>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 frontend-modules.min.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/js/ 57 KB
19 KB 121ms
51ms Script
text/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=1697729607

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

dfed2068b0898ac70605110ec1c8170a0aab611763ed5591c72196817d0b1282

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 18 Oct 2024 15:44:37 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 10/19/2023 20:31:45
cdn-pullzone: 1418769
last-modified: Thu, 19 Oct 2023 15:34:31 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 0ad938cf9bcc42cb18ac9cce699e54ea
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=1697729607>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 wp-polyfill-inert.min.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-includes/js/dist/vendor/ 8 KB
3 KB 122ms
52ms Script
text/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=1697729607

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

cf7e7bef418e30a1109043d1ce9bd96d95871973d9f0f48f453ed8d2e070d3c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 18 Oct 2024 15:44:37 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 10/19/2023 20:31:45
cdn-pullzone: 1418769
last-modified: Thu, 19 Oct 2023 15:34:21 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 152d3b2f8cffc78b927709abd47c1e88
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=1697729607>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 regenerator-runtime.min.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-includes/js/dist/vendor/ 6 KB
3 KB 120ms
51ms Script
text/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=1697729607

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 18 Oct 2024 15:34:31 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 10/19/2023 20:31:46
cdn-pullzone: 1418769
last-modified: Thu, 19 Oct 2023 15:34:31 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 469c899bc90c2852381c47aac1817257
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=1697729607>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 wp-polyfill.min.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-includes/js/dist/vendor/ 16 KB
7 KB 120ms
50ms Script
text/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=1697729608

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

94b0e9b4abbe9e99299038ddeace0340091f244ec3da58d079620ed8d81ce591

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 18 Oct 2024 15:34:31 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 10/19/2023 20:31:46
cdn-pullzone: 1418769
last-modified: Thu, 19 Oct 2023 15:34:31 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: de96ca5b5e9e48f687707cc03871e80f
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=1697729608>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 hooks.min.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-includes/js/dist/ 5 KB
2 KB 122ms
53ms Script
text/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-includes/js/dist/hooks.min.js?ver=1697729608

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

b4234e7878e78bc3463dee60b74dabc4249a8858550b89c4f5c23235d033c2d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 18 Oct 2024 15:34:31 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 10/19/2023 20:31:45
cdn-pullzone: 1418769
last-modified: Thu, 19 Oct 2023 15:34:31 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 2bd9e667eb25d32fe77f1b906a488ee2
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-includes/js/dist/hooks.min.js?ver=1697729608>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 i18n.min.js Show response
ehhbozgsut3.exactdn.com/wp-includes/js/dist/ 9 KB
5 KB 120ms
51ms Script
text/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-includes/js/dist/i18n.min.js?ver=7701b0c3857f914212ef

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 13:58:15 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1080
cdn-cachedat: 09/29/2023 14:44:40
cdn-pullzone: 1418769
last-modified: Fri, 29 Sep 2023 13:58:15 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 57cbc73c490f0b857ab7661fad5bc071
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-includes/js/dist/i18n.min.js?ver=7701b0c3857f914212ef>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 frontend.min.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/js/ 24 KB
8 KB 123ms
54ms Script
text/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=1697729608

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

82915a46f223be695a3255845ad875c54ae0bebd58cb30b6e2a2aaa0ef6b06e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 18 Oct 2024 15:34:31 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 10/19/2023 20:31:45
cdn-pullzone: 1418769
last-modified: Thu, 19 Oct 2023 15:34:31 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 899e48a5affa0b139de8c5f01bd7065a
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=1697729608>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 waypoints.min.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/waypoints/ 12 KB
4 KB 123ms
54ms Script
text/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=1697729608

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

e2ac5ea7f5449806fb65e42f8c0c97ac9d4c3e83da641340767ab071526da96e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 18 Oct 2024 15:44:37 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 10/19/2023 20:31:45
cdn-pullzone: 1418769
last-modified: Thu, 19 Oct 2023 15:34:31 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 6d2d93415d75f99398d815183d70875f
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=1697729608>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 core.min.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-includes/js/jquery/ui/ 21 KB
8 KB 122ms
53ms Script
text/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-includes/js/jquery/ui/core.min.js?ver=1697729608

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

ba537e3957077fcc988d30e467e3464ef916baecec231691a65fd7d66a99c1f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 18 Oct 2024 15:34:31 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1080
cdn-cachedat: 10/19/2023 20:31:46
cdn-pullzone: 1418769
last-modified: Thu, 19 Oct 2023 15:34:31 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 4fd58d2eff1971820a8c4958df6dda8f
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-includes/js/jquery/ui/core.min.js?ver=1697729608>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 frontend.min.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/js/ 39 KB
14 KB 123ms
54ms Script
text/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=1697729608

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

1f658d477bca6e8ce0f56bd251d86fdc170fa3267ee10c916406f78645624e91

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 18 Oct 2024 15:34:31 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 10/19/2023 20:31:45
cdn-pullzone: 1418769
last-modified: Thu, 19 Oct 2023 15:34:31 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 179bf0c8b0dbba8f1322f475073d8edc
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=1697729608>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 elements-handlers.min.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/js/ 35 KB
10 KB 118ms
50ms Script
text/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=1697729608

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

d55538fba2c0b897ef503920ead14ca39c62396d2a03456ebafd55a82ed8e0b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 18 Oct 2024 15:34:31 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1080
cdn-cachedat: 10/19/2023 20:31:45
cdn-pullzone: 1418769
last-modified: Thu, 19 Oct 2023 15:34:31 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 1af8495047247162a118a4ac7d81ca6f
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=1697729608>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 animate-circle.min.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/js/ 681 B
1 KB 120ms
51ms Script
text/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/js/animate-circle.min.js?ver=1697729608

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

a8642bcd147ba3528345f5bd17f788cd524931e093255b2c1c8344677a1ab505

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 18 Oct 2024 15:34:31 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1080
cdn-cachedat: 10/19/2023 20:31:45
cdn-pullzone: 1418769
last-modified: Thu, 19 Oct 2023 15:34:31 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 8cbc9cf29bc66b795f4583b8444a03f0
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/js/animate-circle.min.js?ver=1697729608>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 elementor.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/js/ 18 KB
6 KB 124ms
55ms Script
text/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/js/elementor.js?ver=1697729608

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

1c5062c716f15143dd0a8f6f6993a6f8db2900afc49e6193a9664a782a2e1686

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 18 Oct 2024 15:34:31 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1080
cdn-cachedat: 10/19/2023 20:31:45
cdn-pullzone: 1418769
last-modified: Thu, 19 Oct 2023 15:34:31 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 7587f0215240d56c3e9881a8504fa3be
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/js/elementor.js?ver=1697729608>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 jquery.sticky.min.js Show response
ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/lib/sticky/ 4 KB
2 KB 121ms
53ms Script
text/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=1697729609

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

a0eb0368e9e7b3ceaf152e2ef2212e6c2f1b924e34faa7f9841a4ef702a09da4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 18 Oct 2024 15:44:37 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 10/19/2023 20:31:46
cdn-pullzone: 1418769
last-modified: Thu, 19 Oct 2023 15:34:31 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 2461c017b900d14183002c605c09f357
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=1697729609>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 lazyload.min.js Show response
ehhbozgsut3.exactdn.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/ 9 KB
4 KB 13ms
13ms Script
text/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 13:58:16 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 09/29/2023 14:44:42
cdn-pullzone: 1418769
last-modified: Fri, 29 Sep 2023 13:58:16 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: f47312471ef4144c962ee8501f71bb57
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://cofense2022stg.wpengine.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 38ms
7ms Stylesheet
text/css 2a02:26f0:480:f::213:7ed3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=zlo5wor&ht=tk&f=26014&a=103167865&app=typekit&e=css
Requested by: Host: ehhbozgsut3.exactdn.com
URL: https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/zlo5wor.css?ver=1697730268
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ed3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ehhbozgsut3.exactdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 02:09:18 GMT
last-modified: Fri, 14 Jul 2023 12:44:32 GMT
server: nginx
etag: "64b14330-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 341 KB
110 KB 78ms
43ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5RQ37KH

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

afbba8cf0d4c31958050c828d83f4f674095838a25b6186919aec0f60d9fd4de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111746
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 20 Oct 2023 02:09:18 GMT

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13ba7d85cedf2d5b14f9091119f9067689bdc33edde1d37a654787d416fbca34

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5e15bc5a13a703d32fa45350a363adb85fafb7a4c9c08250c6ce4cf8c4252a0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5231072de27cfe7ed0a432f3068a71ae38c8194cfb0f42b2126023fa7c99dc4c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2689ce69760ffc47c2e0fb1c72f6265a402170b618124f408fd34b86c0fb1aec

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 NETWORKHEADERBG-1.png
ehhbozgsut3.exactdn.com/wp-content/uploads/2022/06/ 40 KB
41 KB 13ms
13ms Image
image/webp 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/2022/06/NETWORKHEADERBG-1.png?strip=all&lossy=1&ssl=1

Requested by

Host: ehhbozgsut3.exactdn.com
URL: https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-1386.css?ver=1697730295

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

2cb2dbcaef23560aab640aaa379e55b607c905a3f8f41b813679e5e503ecdf17

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ehhbozgsut3.exactdn.com/wp-content/uploads/elementor/css/post-1386.css?ver=1697730295
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 13:58:54 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 09/29/2023 14:44:42
cdn-pullzone: 1418769
content-length: 40664
last-modified: Fri, 29 Sep 2023 13:58:53 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
content-type: image/webp
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 06fa5d85ba99a590f7f571bfdd2dddfe
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/2022/06/NETWORKHEADERBG-1.png>; rel="canonical"
cdn-requestcountrycode: DE
cdn-status: 200
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullsuccess: True

GET
H2 200 inter-latin-500-normal.woff2
ehhbozgsut3.exactdn.com/easyio-bfont/inter/files/ 17 KB
18 KB 50ms
24ms Font
font/woff2 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/easyio-bfont/inter/files/inter-latin-500-normal.woff2

Requested by

Host: ehhbozgsut3.exactdn.com
URL: https://ehhbozgsut3.exactdn.com/easyio-fonts/css?family=Inter%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=9be23f0884641ae8f32d790ffab7bbee

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

d53336707c39d1ec20a2b1f7399ca9f183c45592e215a42fd596dfa2dbb8ad7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ehhbozgsut3.exactdn.com/easyio-fonts/css?family=Inter%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=9be23f0884641ae8f32d790ffab7bbee
Origin: https://cofense2022stg.wpengine.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 13:59:09 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 09/29/2023 14:44:42
cdn-pullzone: 1418769
content-length: 17552
last-modified: Fri, 29 Sep 2023 13:58:58 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: fe6f7f38a890a8bffac202a23649ed34
link: <https://cofense2022stg.wpengine.com/easyio-bfont/inter/files/inter-latin-500-normal.woff2>; rel="canonical"
cdn-requestcountrycode: DE
cdn-status: 200
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullsuccess: True

GET
H2 200 inter-latin-700-normal.woff2
ehhbozgsut3.exactdn.com/easyio-bfont/inter/files/ 17 KB
18 KB 67ms
40ms Font
font/woff2 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/easyio-bfont/inter/files/inter-latin-700-normal.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

ced2d8e02e2fbf08d2edec9b5f13648ed8348588a05f7181632f3c1dd6e1f5c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ehhbozgsut3.exactdn.com/easyio-fonts/css?family=Inter%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=9be23f0884641ae8f32d790ffab7bbee
Origin: https://cofense2022stg.wpengine.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 13:58:58 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 09/29/2023 14:44:42
cdn-pullzone: 1418769
content-length: 17784
last-modified: Fri, 29 Sep 2023 13:58:58 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 779b5c2a0abe7347e54dc7ea3b310307
link: <https://cofense2022stg.wpengine.com/easyio-bfont/inter/files/inter-latin-700-normal.woff2>; rel="canonical"
cdn-requestcountrycode: DE
cdn-status: 200
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullsuccess: True

GET
H2 200 inter-latin-400-normal.woff2
ehhbozgsut3.exactdn.com/easyio-bfont/inter/files/ 16 KB
17 KB 66ms
40ms Font
font/woff2 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/easyio-bfont/inter/files/inter-latin-400-normal.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

0364d368abf457d4e70dbc7a7a360f3486eaea2837b194915b23d4398bee91ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ehhbozgsut3.exactdn.com/easyio-fonts/css?family=Inter%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=9be23f0884641ae8f32d790ffab7bbee
Origin: https://cofense2022stg.wpengine.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 13:58:58 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 1080
cdn-cachedat: 09/29/2023 14:44:42
cdn-pullzone: 1418769
content-length: 16708
last-modified: Fri, 29 Sep 2023 13:58:58 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 834c33c5cc867ae3208d6324cd33f6f6
link: <https://cofense2022stg.wpengine.com/easyio-bfont/inter/files/inter-latin-400-normal.woff2>; rel="canonical"
cdn-requestcountrycode: DE
cdn-status: 200
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullsuccess: True

GET
H2 200 fa-solid-900.woff2
ehhbozgsut3.exactdn.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 76 KB
77 KB 65ms
40ms Font
font/woff2 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2

Requested by

Host: ehhbozgsut3.exactdn.com
URL: https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=1697730268

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=1697730268
Origin: https://cofense2022stg.wpengine.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 13:59:09 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 09/29/2023 14:44:42
cdn-pullzone: 1418769
content-length: 78196
last-modified: Fri, 29 Sep 2023 13:58:48 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: cefedc4aded170e79bbd52253fc25e4a
link: <https://cofense2022stg.wpengine.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2>; rel="canonical"
cdn-requestcountrycode: DE
cdn-status: 200
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullsuccess: True

GET
H2 200 inter-latin-600-normal.woff2
ehhbozgsut3.exactdn.com/easyio-bfont/inter/files/ 17 KB
18 KB 65ms
39ms Font
font/woff2 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/easyio-bfont/inter/files/inter-latin-600-normal.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

048d136d592e66896cccc1fe4fada4feb16b7f6af671cd49a2fe6ed6b2276c6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ehhbozgsut3.exactdn.com/easyio-fonts/css?family=Inter%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=9be23f0884641ae8f32d790ffab7bbee
Origin: https://cofense2022stg.wpengine.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 13:59:20 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 09/29/2023 14:44:42
cdn-pullzone: 1418769
content-length: 17660
last-modified: Fri, 29 Sep 2023 13:59:20 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 7c33679184a8d03488ccf4caf91fdc61
link: <https://cofense2022stg.wpengine.com/easyio-bfont/inter/files/inter-latin-600-normal.woff2>; rel="canonical"
cdn-requestcountrycode: DE
cdn-status: 200
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullsuccess: True

GET
H2 200 fa-brands-400.woff2
ehhbozgsut3.exactdn.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 75 KB
76 KB 55ms
30ms Font
font/woff2 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2

Requested by

Host: ehhbozgsut3.exactdn.com
URL: https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=1697730268

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=1697730268
Origin: https://cofense2022stg.wpengine.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 13:58:58 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 1080
cdn-cachedat: 09/29/2023 14:44:42
cdn-pullzone: 1418769
content-length: 76764
last-modified: Fri, 29 Sep 2023 13:58:58 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 3c518af221d400ddfd175094cd86481e
link: <https://cofense2022stg.wpengine.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2>; rel="canonical"
cdn-requestcountrycode: DE
cdn-status: 200
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullsuccess: True

GET
H2 200 dialog.min.js Show response
cofense2022stg.wpengine.com/wp-content/plugins/elementor/assets/lib/dialog/ 10 KB
4 KB 114ms
113ms Script
application/javascript 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
Requested by: Host: ehhbozgsut3.exactdn.com
URL: https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=1697729608
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e9ba3d0c5d5408e00becd36ad394fa9ad9c0616741ebdd6dddc8e837db3605ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
last-modified: Thu, 19 Oct 2023 15:33:08 GMT
server: nginx
etag: W/"65314c34-29fd"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 6si.min.js Show response
j.6sc.co/ 60 KB
16 KB 80ms
11ms Script
application/javascript 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

e8a99c16a581c4e69330699d00aa4a7763158ed99194087bceebd232d53eb42f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 17 Oct 2023 19:14:48 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "652edd28-f1f8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 16484
expires: Fri, 20 Oct 2023 02:09:18 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 12 KB
4 KB 152ms
8ms Script
application/javascript 2a02:26f0:480:f::213:7edd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5RQ37KH

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b4a73e79ac953f25e7800b5ca583552229ce52f3a8c9dad31ee9da427ffa614e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 19 Oct 2023 05:46:58 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=13053
accept-ranges: bytes
content-length: 3855

GET
H2 403 lt-v3.js
lltrck.com/scripts/ 0
0 334ms
106ms Script
text/html 3.210.57.98
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://lltrck.com/scripts/lt-v3.js?llid=19612
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.210.57.98 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-57-98.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H2 200 2Uq3HoQoVZEHgHXXf288 Show response
ws.zoominfo.com/pixel/ 3 KB
2 KB 258ms
230ms Script
text/javascript 2606:4700::6810:890f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/2Uq3HoQoVZEHgHXXf288

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:890f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

77325b6bb54a3b6a76c87044e21e9b65540c5b16f5d836dd1db0d36a6ab93deb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 818db7cb8cdb4d6a-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 160ms
14ms Script
application/x-javascript 88.221.60.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.60.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-60-75.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 02:09:18 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H2 200 oktrk.js Show response
static.oktopost.com/ 9 KB
4 KB 70ms
10ms Script
application/javascript 18.245.60.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.oktopost.com/oktrk.js
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-70.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 09016600a13dd4825b72516765a8da53d1ab896f7582c4619d014e8ee147ea84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 17:12:08 GMT
content-encoding: gzip
via: 1.1 ed149c4696419c0643fab13e9539b16c.cloudfront.net (CloudFront)
last-modified: Mon, 27 Jan 2020 09:47:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 32231
etag: W/"57315c24d6fec75c4d46a8cc3fa6e0d5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: daCETncLcG0GaQ7S0nZyF2EqtbSNJetoZwqr9CDjAh9iImk6JjcqgA==

GET
H2 200 tracking.js Show response
trk.techtarget.com/ 3 KB
2 KB 78ms
43ms Script
text/javascript 2606:4700:4400::ac40:973c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trk.techtarget.com/tracking.js
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:973c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 15:01:39 GMT
server: cloudflare
age: 31846
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=1200
cf-ray: 818db7cb9ab335ff-FRA
expires: Fri, 20 Oct 2023 02:29:18 GMT

GET
H2 200 ed9ggbnvvo Show response
www.clarity.ms/tag/ 843 B
1 KB 143ms
98ms Script
application/x-javascript 2620:1ec:46::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/ed9ggbnvvo?ref=gtm2
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0078a74cadc02eb3d0642a1d7720580538430708396791fe745f7ff7a89c67b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: -1
date: Fri, 20 Oct 2023 02:09:18 GMT
x-azure-ref: 20231020T020918Z-fv1r6k663h2hx8vy3cha20ya0800000003ag00000000p663
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 843
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 294 KB
95 KB 37ms
35ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3G76T4W3LR&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5RQ37KH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

04ebaf5c0a3da26efcf1f6782f19a7f8269949e13cd04cc00c6be81d06382505

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96678
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 20 Oct 2023 02:09:18 GMT

GET
H2 200 9017396.js Show response
extend.vimeocdn.com/ga/ 17 KB
6 KB 50ms
7ms Script
text/javascript 146.75.122.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://extend.vimeocdn.com/ga/9017396.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5RQ37KH
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.122.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 6c649cc3d4aee7683250622541a6045ad4ac3beb93df1fcdd3ec1f7f12a1ff44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-cache-hits: 13221
date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: gzip
via: 1.1 varnish
age: 31434362
x-cache: HIT
content-length: 5579
x-served-by: cache-fra-etou8220058-FRA
last-modified: Thu, 20 Oct 2022 22:49:15 GMT
server: Apache
x-timer: S1697767759.665222,VS0,VE0
etag: "421e-5eb7f2274b0c0-gzip"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
x-vimeo-dc: ge
x-bapp-server: assets-769d499c7b-6rkpw
cache-control: max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 18 Oct 2032 06:23:15 GMT

GET
H2 200 cofense.png
ehhbozgsut3.exactdn.com/wp-content/uploads/2022/06/ 3 KB
4 KB 14ms
13ms Image
image/webp 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/2022/06/cofense.png?strip=all&lossy=1&ssl=1

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

c45f781964e97c179059fb620032eddab4a86bf8af6cd3f7460b2fa839fedb10

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 13:59:14 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 1082
cdn-cachedat: 09/29/2023 14:44:42
cdn-pullzone: 1418769
content-length: 3568
last-modified: Fri, 29 Sep 2023 13:58:07 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
content-type: image/webp
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: c9fafaefff31d70d7245f37a341ccaa4
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/2022/06/cofense.png>; rel="canonical"
cdn-requestcountrycode: DE
cdn-status: 200
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullsuccess: True

GET
H2 200 complaint-stealer-cofense.png
ehhbozgsut3.exactdn.com/wp-content/uploads/2023/10/ 74 KB
75 KB 14ms
14ms Image
image/webp 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ehhbozgsut3.exactdn.com/wp-content/uploads/2023/10/complaint-stealer-cofense.png?strip=all&lossy=1&ssl=1

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

c3fcdc0c39e62cccf703908dcd72fb7198f261e28128e7878bc8c1115f6c080c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 18 Oct 2024 18:29:34 GMT
date: Fri, 20 Oct 2023 02:09:18 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 10/19/2023 19:22:53
cdn-pullzone: 1418769
content-length: 75552
last-modified: Thu, 19 Oct 2023 18:29:33 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
content-type: image/webp
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 282460b1-e21e-44b6-a162-b4892cda4727
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 6b909c8f6bb43946b5e01bcc63368851
link: <https://cofense2022stg.wpengine.com/wp-content/uploads/2023/10/complaint-stealer-cofense.png>; rel="canonical"
cdn-requestcountrycode: DE
cdn-status: 200
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullsuccess: True

GET
H2 200 nav-menu.70d63d6d093f3a45a0c6.bundle.min.js Show response
cofense2022stg.wpengine.com/wp-content/plugins/elementor-pro/assets/js/ 5 KB
2 KB 133ms
133ms Script
application/javascript 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/plugins/elementor-pro/assets/js/nav-menu.70d63d6d093f3a45a0c6.bundle.min.js
Requested by: Host: ehhbozgsut3.exactdn.com
URL: https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=1697729607
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: b2e6635e04d9963d4ac52e813fb7c3da30dbc68d68cbd2b5d5e41dd13433f302

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
last-modified: Thu, 21 Sep 2023 15:31:18 GMT
server: nginx
etag: W/"650c61c6-122b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 text-editor.2c35aafbe5bf0e127950.bundle.min.js Show response
cofense2022stg.wpengine.com/wp-content/plugins/elementor/assets/js/ 1 KB
911 B 130ms
130ms Script
application/javascript 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
Requested by: Host: ehhbozgsut3.exactdn.com
URL: https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=1697729607
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: c1e32056f64bfc949474b6b8f127b6f75c9724fd5d198461608d54812450a111

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
last-modified: Thu, 19 Oct 2023 15:33:08 GMT
server: nginx
etag: W/"65314c34-550"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 share-buttons.81497e7fccd4fa77b6b9.bundle.min.js Show response
cofense2022stg.wpengine.com/wp-content/plugins/elementor-pro/assets/js/ 2 KB
998 B 118ms
117ms Script
application/javascript 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/plugins/elementor-pro/assets/js/share-buttons.81497e7fccd4fa77b6b9.bundle.min.js
Requested by: Host: ehhbozgsut3.exactdn.com
URL: https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=1697729607
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5ae1d0795901f709b38e3a8afa9b791fed006d781b5161bd4ac921c5d4a73c5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
last-modified: Thu, 21 Sep 2023 15:31:18 GMT
server: nginx
etag: W/"650c61c6-62c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 load-more.064e7e640e7ef9c3fc30.bundle.min.js Show response
cofense2022stg.wpengine.com/wp-content/plugins/elementor-pro/assets/js/ 5 KB
2 KB 153ms
152ms Script
application/javascript 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/plugins/elementor-pro/assets/js/load-more.064e7e640e7ef9c3fc30.bundle.min.js
Requested by: Host: ehhbozgsut3.exactdn.com
URL: https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=1697729607
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7dcdd6d49205a7b8a0b5d35b65b6d70c7675bd653e29e18992d6470ece0c3d1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
last-modified: Thu, 21 Sep 2023 15:31:18 GMT
server: nginx
etag: W/"650c61c6-151a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 posts.e33113a212454e383747.bundle.min.js Show response
cofense2022stg.wpengine.com/wp-content/plugins/elementor-pro/assets/js/ 3 KB
1 KB 114ms
114ms Script
application/javascript 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/plugins/elementor-pro/assets/js/posts.e33113a212454e383747.bundle.min.js
Requested by: Host: ehhbozgsut3.exactdn.com
URL: https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=1697729607
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: b56b366f67c5c49beade9a2c61c6673272fb4fc57f165b1f9d68d255cfa2e7e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
last-modified: Thu, 21 Sep 2023 15:31:18 GMT
server: nginx
etag: W/"650c61c6-cfd"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 82ms
24ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5RQ37KH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 20 Oct 2023 01:51:33 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1065
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 20 Oct 2023 03:51:33 GMT

GET
H2 200 ping Show response
okt.to/ 0
100 B 362ms
118ms Script
text/javascript 52.20.195.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://okt.to/ping?uri=%2Fblog%2Fnew-complaint-stealer-malware-escalates%2F&aid=001shx33p56dsdg&ts=1697767758685

Requested by

Host: static.oktopost.com
URL: https://static.oktopost.com/oktrk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.20.195.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-20-195-32.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 02:09:18 GMT
strict-transport-security: max-age=31536000;
content-type: text/javascript;charset=UTF-8

POST
H2 204 collect
region1.analytics.google.com/g/ 0
262 B 52ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-3G76T4W3LR&gtm=45je3ai0&_p=365335309&_gaz=1&cid=1795539707.1697767759&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697767758&sct=1&seg=0&dl=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fnew-complaint-stealer-malware-escalates%2F&dt=New%20%E2%80%9CComplaint%20Stealer%E2%80%9D%20Malware%20Escalates%20%7C%20Cofense&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3G76T4W3LR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 02:09:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cofense2022stg.wpengine.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
262 B 58ms
19ms Ping
text/plain 2a00:1450:400c:c0a::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3G76T4W3LR&cid=1795539707.1697767759&gtm=45je3ai0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3G76T4W3LR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 02:09:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cofense2022stg.wpengine.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 60ms
24ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3G76T4W3LR&cid=1795539707.1697767759&gtm=45je3ai0&aip=1&z=1260801899

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 02:09:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 getuidj Show response
secure.adnxs.com/ 11 B
580 B 63ms
13ms XHR
application/json 185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 02:09:18 GMT
an-x-request-uuid: 5daf56f1-87bd-4a72-814a-4d6e31b1c162
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cofense2022stg.wpengine.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 37.58.58.248; 37.58.58.248; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 11
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
201 B 31ms
9ms XHR
text/html 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-184.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 02:09:18 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://cofense2022stg.wpengine.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 24 B
323 B 63ms
9ms XHR
text/html 2a02:26f0:480:23::1726:629c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:23::1726:629c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 22376326cd0560a692c6cc23da4d10a35d53e8781635f4d207b05edb6acc9e3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 02:09:18 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://cofense2022stg.wpengine.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2a00:c98:2030:a004:1::11
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1697767758782_388391900_555258988_28_996_6_0_219";dur=1
content-length: 24
expires: Fri, 20 Oct 2023 02:09:18 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
201 B 29ms
8ms XHR
text/html 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-184.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 02:09:18 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://cofense2022stg.wpengine.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 24 B
325 B 62ms
9ms XHR
text/html 2a02:26f0:480:23::1726:629c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:23::1726:629c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 22376326cd0560a692c6cc23da4d10a35d53e8781635f4d207b05edb6acc9e3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 02:09:18 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://cofense2022stg.wpengine.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2a00:c98:2030:a004:1::11
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1697767758798_388391900_555258989_25_1014_6_16_219";dur=1
content-length: 24
expires: Fri, 20 Oct 2023 02:09:18 GMT

GET
H2 200 gif.gif Show response
ibc-flow.techtarget.com/a/ 43 B
470 B 127ms
125ms XHR
image/gif 34.111.208.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=17654763&r=1697767758740&ref=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fnew-complaint-stealer-malware-escalates%2F&version=2.4
Requested by: Host: trk.techtarget.com
URL: https://trk.techtarget.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.208.111.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

ibc_rate_tier: 17654763
Referer: https://cofense2022stg.wpengine.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 02:09:18 GMT
via: 1.1 google
x-guploader-uploadid: ADPycdvN8_gdJ48udJgr7MCzyZAMrwMdGQ30_4W-XW2vFMTncEg-FwfnMS-1uy4T5v49OVagZ1YF8WjjEhE6yO7AP2xeoRevpU1f
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
last-modified: Thu, 08 Dec 2022 21:19:29 GMT
server: nginx/1.20.2
etag: "fc94fb0c3ed8a8f909dbc7630a0987ff"
vary: Origin
x-goog-generation: 1670534369365034
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=7uenZA==, md5=/JT7DD7YqPkJ28djCgmH/w==
cache-control: public, max-age=3600
access-control-allow-methods: GET, POST, OPTIONS
x-goog-stored-content-length: 43
accept-ranges: bytes
access-control-allow-headers: ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
expires: Fri, 20 Oct 2023 03:09:18 GMT

OPTIONS
H2 200 gif.gif
ibc-flow.techtarget.com/a/ Frame 0
0 155ms
111ms Preflight
text/html 34.111.208.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=17654763&r=1697767758740&ref=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fnew-complaint-stealer-malware-escalates%2F&version=2.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.208.111.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: ibc_rate_tier
Access-Control-Request-Method: GET
Origin: https://cofense2022stg.wpengine.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-headers: ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 20 Oct 2023 02:09:18 GMT
expires: Fri, 20 Oct 2023 02:09:18 GMT
server: nginx/1.20.2
vary: Origin
via: 1.1 google
x-guploader-uploadid: ADPycdvQF2hhOyMPEip7aZcAO_ja1mcaq8sgxPAJ4qMQee3RSrDLpY3-UGTkhwjT9F9zQo4xiYDfLbIzF5BKYS7kDhQeEquSVa9U

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.13/ 59 KB
25 KB 18ms
18ms Script
application/javascript 2620:1ec:46::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.13/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/ed9ggbnvvo?ref=gtm2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 74e69ccf2f5cb32c175e328707c515fc9116ddd5cb3c92882d9bd53d3a742d63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
last-modified: Tue, 17 Oct 2023 11:58:02 GMT
etag: W/"0x8DBCF0850CC9F3D"
vary: Accept-Encoding
x-azure-ref: 20231020T020918Z-fv1r6k663h2hx8vy3cha20ya0800000003ag00000000p669
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: eee55f70-e01e-005e-740e-01c53b000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
229 B 22ms
21ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=365335309&t=pageview&_s=1&dl=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fnew-complaint-stealer-malware-escalates%2F&ul=en-us&de=UTF-8&dt=New%20%E2%80%9CComplaint%20Stealer%E2%80%9D%20Malware%20Escalates%20%7C%20Cofense&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgUABAAAAACAAI~&jid=756208269&gjid=1061137740&cid=1795539707.1697767759&tid=UA-114787942-1&_gid=1214950353.1697767759&_slc=1&gtm=45He3ai0n815RQ37KH&z=1298752896

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

55a584b426a4c83b14dc79e65c48e065d826852bbbd32814c0127f6ac70a922e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cofense2022stg.wpengine.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 02:09:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cofense2022stg.wpengine.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 20ms
19ms XHR
text/plain 2a00:1450:400c:c0a::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-114787942-1&cid=1795539707.1697767759&jid=756208269&gjid=1061137740&_gid=1214950353.1697767759&_u=YCDAgUABAAAAAGAAI~&z=1077683108

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cofense2022stg.wpengine.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 20 Oct 2023 02:09:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cofense2022stg.wpengine.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 9ms
8ms Script
application/x-javascript 2a02:26f0:480:f::213:7edd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5b3086a886aa8649ecbf496ac913a1aa443926cd2fff610be2d136c9598bcd8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 15 Oct 2023 08:32:45 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=66549
accept-ranges: bytes
content-length: 3272

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ 11 KB
5 KB 20ms
20ms Script
application/x-javascript 88.221.60.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.60.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-60-75.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 02:09:18 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Sun, 28 Jan 2024 02:09:18 GMT

GET
H2 200 share-link.min.js Show response
cofense2022stg.wpengine.com/wp-content/plugins/elementor/assets/lib/share-link/ 3 KB
1 KB 175ms
175ms Script
application/javascript 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.16.6
Requested by: Host: ehhbozgsut3.exactdn.com
URL: https://ehhbozgsut3.exactdn.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=1697729608
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 138154c0deed3326477b9b4909175101070a5a3a95342291b53d8cc9879a5f47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
last-modified: Thu, 19 Oct 2023 15:33:08 GMT
server: nginx
etag: W/"65314c34-a3c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 66ms
26ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-114787942-1&cid=1795539707.1697767759&jid=756208269&_u=YCDAgUABAAAAAGAAI~&z=2052262922

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 02:09:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 25ms
24ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-114787942-1&cid=1795539707.1697767759&jid=756208269&_u=YCDAgUABAAAAAGAAI~&z=2052262922

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 02:09:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 230ms
218ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=b253130e4accad98012a3abe3f4b4c7a&svisitor=null&visitor=d250bbad-a77d-43ef-8fc4-ff4b385724bc&session=24b13fdb-7276-4d3e-86f4-0726a0e50415&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Fri%2C%2020%20Oct%202023%2002%3A09%3A18%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22Learn%20more%20about%20the%20latest%20%5C%22Complaint%20Stealer%5C%22%20malware%20campaigns%20targeting%20cryptocurrency%20wallets%20and%20programs%20as%20well%20as%20hospitality%20sector%20credentials.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22New%20%E2%80%9CComplaint%20Stealer%E2%80%9D%20Malware%20Escalates%20%7C%20Cofense%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fnew-complaint-stealer-malware-escalates%2F&pageViewId=dc9588ba-a332-4991-86a3-a6d6b20a938e&an_uid=0&v=1.1.7

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 02:09:19 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 241ms
229ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=b253130e4accad98012a3abe3f4b4c7a&svisitor=null&visitor=d250bbad-a77d-43ef-8fc4-ff4b385724bc&session=24b13fdb-7276-4d3e-86f4-0726a0e50415&event=ni%3AasyncSettingsAudit&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2020%20Oct%202023%2002%3A09%3A18%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22b253130e4accad98012a3abe3f4b4c7a%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2020%20Oct%202023%2002%3A09%3A18%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableRetargeting%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2020%20Oct%202023%2002%3A09%3A18%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2020%20Oct%202023%2002%3A09%3A18%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2020%20Oct%202023%2002%3A09%3A18%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22b253130e4accad98012a3abe3f4b4c7a%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2020%20Oct%202023%2002%3A09%3A18%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2020%20Oct%202023%2002%3A09%3A18%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%22a9e769d7d96a596f969b9dc5023033e21a69bf40%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2020%20Oct%202023%2002%3A09%3A18%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22%5Btrue%2Cnull%2C3%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2020%20Oct%202023%2002%3A09%3A18%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22Learn%20more%20about%20the%20latest%20%5C%22Complaint%20Stealer%5C%22%20malware%20campaigns%20targeting%20cryptocurrency%20wallets%20and%20programs%20as%20well%20as%20hospitality%20sector%20credentials.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22New%20%E2%80%9CComplaint%20Stealer%E2%80%9D%20Malware%20Escalates%20%7C%20Cofense%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fnew-complaint-stealer-malware-escalates%2F&pageViewId=dc9588ba-a332-4991-86a3-a6d6b20a938e&an_uid=0&v=1.1.7

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 02:09:19 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 295 KB
95 KB 36ms
36ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZVTRKX60MM&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5d85bc80086058f285c1ab7628f1e37d2ee27f3a4ed89e7d1577915518fef0d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96729
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 20 Oct 2023 02:09:18 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 226ms
219ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=b253130e4accad98012a3abe3f4b4c7a&svisitor=null&visitor=d250bbad-a77d-43ef-8fc4-ff4b385724bc&session=24b13fdb-7276-4d3e-86f4-0726a0e50415&event=ipv6&q=%7B%22address%22%3A%222a00%3Ac98%3A2030%3Aa004%3A1%3A%3A11%22%7D&isIframe=false&m=%7B%22description%22%3A%22Learn%20more%20about%20the%20latest%20%5C%22Complaint%20Stealer%5C%22%20malware%20campaigns%20targeting%20cryptocurrency%20wallets%20and%20programs%20as%20well%20as%20hospitality%20sector%20credentials.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22New%20%E2%80%9CComplaint%20Stealer%E2%80%9D%20Malware%20Escalates%20%7C%20Cofense%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fnew-complaint-stealer-malware-escalates%2F&pageViewId=dc9588ba-a332-4991-86a3-a6d6b20a938e&an_uid=0&v=1.1.7

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 02:09:19 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H/1.1 200
OK visitWebPage
404-jhu-612.mktoresp.com/webevents/ 2 B
318 B 722ms
100ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://404-jhu-612.mktoresp.com/webevents/visitWebPage?_mchNc=1697767758850&_mchCn=&_mchId=404-JHU-612&_mchTk=_mch-wpengine.com-1697767758850-10546&_mchHo=cofense2022stg.wpengine.com&_mchPo=&_mchRu=%2Fblog%2Fnew-complaint-stealer-malware-escalates%2F&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 02:09:19 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: f065fcb9-dc78-49f6-a9cc-faa68b931e41

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=300721&time=1697767758853&url=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fnew-complaint-stealer-malware-escalates%2F&tm=gtmv2
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=300721&time=1697767758853&url=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fnew-complaint-stealer-malware-escalates%2F&tm=gtmv2&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D300721%26time%3D1697767758853%26url%3Dhttps%253A%252F%252Fcofense2022stg.wpengine...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=300721&time=1697767758853&url=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fnew-complaint-stealer-malware-escalates%2F&tm=gtmv2&cookiesTest=t...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=300721&time=1697767758853&url=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fnew-complaint-stealer-malware-escalates%2F&tm=gtmv2&cookiesTest=...

0
264 B

154ms
112ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=300721&time=1697767758853&url=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fnew-complaint-stealer-malware-escalates%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQLkErMgog5rHgAAAYtK2B2t1Lv3dTphZrdfiBqthRj7KaGYjG8jJzzm51Bz3mJa0nywGA1NlGuKLw
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 02:09:18 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 6097B8647F194C2BA9B887AD40721437 Ref B: FRAEDGE2014 Ref C: 2023-10-20T02:09:19Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYIHFw2Eq6LK7XFp8pQOA==

Redirect headers

date: Fri, 20 Oct 2023 02:09:18 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 6E2EAEC92AED47C9BE967CFD2472ED58 Ref B: FRAEDGE1111 Ref C: 2023-10-20T02:09:19Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=300721&time=1697767758853&url=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fnew-complaint-stealer-malware-escalates%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQLkErMgog5rHgAAAYtK2B2t1Lv3dTphZrdfiBqthRj7KaGYjG8jJzzm51Bz3mJa0nywGA1NlGuKLw
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYIHFwzzBE+gk7jsxVrZQ==

GET
H2 200 details Show response
epsilon.6sense.com/v3/company/ 746 B
594 B 35ms
15ms XHR
application/json 52.29.246.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.246.172 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-246-172.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: df77484a84b02f540aa794f6f6d3aa25997a5574d00f719e49ff0f0aa036f8e8

Request headers

Referer: https://cofense2022stg.wpengine.com/
accept-language: de-DE,de;q=0.9
Authorization: Token a9e769d7d96a596f969b9dc5023033e21a69bf40
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
X-6s-CustomID: WebTag1.0 b253130e4accad98012a3abe3f4b4c7a

Response headers

date: Fri, 20 Oct 2023 02:09:18 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://cofense2022stg.wpengine.com
access-control-allow-credentials: true
content-length: 401

OPTIONS
H2 200 details
epsilon.6sense.com/v3/company/ Frame 0
0 57ms
15ms Preflight 52.29.246.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.246.172 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-246-172.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-6s-customid
Access-Control-Request-Method: GET
Origin: https://cofense2022stg.wpengine.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,x-6s-customid
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://cofense2022stg.wpengine.com
access-control-max-age: 1800
date: Fri, 20 Oct 2023 02:09:18 GMT
server: nginx

POST
H/1.1 204
No Content collect Show response
w.clarity.ms/ 0
307 B 506ms
288ms XHR
text/plain 23.96.124.156
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://w.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.13/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.156 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://cofense2022stg.wpengine.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://cofense2022stg.wpengine.com
Date: Fri, 20 Oct 2023 02:09:19 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 19ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-ZVTRKX60MM&gtm=45je3ai0&_p=365335309&_gaz=1&ul=en-us&sr=1600x1200&cid=1795539707.1697767759&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fnew-complaint-stealer-malware-escalates%2F&dt=New%20%E2%80%9CComplaint%20Stealer%E2%80%9D%20Malware%20Escalates%20%7C%20Cofense&sid=1697767758&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZVTRKX60MM&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 02:09:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cofense2022stg.wpengine.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 20ms
19ms Ping
text/plain 2a00:1450:400c:c0a::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ZVTRKX60MM&cid=1795539707.1697767759&gtm=45je3ai0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZVTRKX60MM&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 02:09:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cofense2022stg.wpengine.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 24ms
24ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZVTRKX60MM&cid=1795539707.1697767759&gtm=45je3ai0&aip=1&z=776679281

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 02:09:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK e9f13eab-c163-4952-b927-f3ac0869d78e
https://cofense2022stg.wpengine.com/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://cofense2022stg.wpengine.com/e9f13eab-c163-4952-b927-f3ac0869d78e
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/new-complaint-stealer-malware-escalates/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Length: 43
Content-Type: image/gif

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=9BE923CFAD80470FBCD653CE612E50A1&RedC=c.clarity.ms&MXFR=288095F58702650F3C67864583026BF0
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=9BE923CFAD80470FBCD653CE612E50A1&MUID=3DBBA638E66B65E01112B588E7006491

42 B
442 B

31ms
31ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=9BE923CFAD80470FBCD653CE612E50A1&MUID=3DBBA638E66B65E01112B588E7006491
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 02:09:19 GMT
last-modified: Wed, 30 Aug 2023 19:01:41 GMT
server: Microsoft-IIS/10.0
etag: "8d59566974dbd91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 20 Oct 2023 02:09:19 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1AF1D71AF561467C8EDAA34A2AC5009A Ref B: FRAEDGE1407 Ref C: 2023-10-20T02:09:19Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=9BE923CFAD80470FBCD653CE612E50A1&MUID=3DBBA638E66B65E01112B588E7006491
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H/1.1 200
OK messenger Show response
app.qualified.com/w/1/H3wWDXLUxD4irieG/ Frame F353 6 KB
3 KB 379ms
118ms Document
text/html 52.55.124.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.qualified.com/w/1/H3wWDXLUxD4irieG/messenger?uuid=459feece-0b92-4b57-a619-5fd837e83982

Requested by

Host: js.qualified.com
URL: https://js.qualified.com/qualified.js?token=H3wWDXLUxD4irieG

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.55.124.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-55-124-205.compute-1.amazonaws.com

Software

Resource Hash

59699f848639a544155d6ba04f1659ba6e0c0edfc7b50dc7ee98e0c1b8a93222

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cofense2022stg.wpengine.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, private, must-revalidate
Content-Encoding: gzip
Content-Length: 1751
Content-Security-Policy
Content-Type: text/html; charset=utf-8
Date: Fri, 20 Oct 2023 02:09:19 GMT
Etag: W/"59699f848639a544155d6ba04f1659ba"
Link: <https://assets.qualified.com/packs/css/vendors~widget/sandboxed/messenger-94e6eccc.chunk.css>; rel=preload; as=style; nopush,<https://assets.qualified.com/packs/css/widget/sandboxed/messenger-ea37ea0f.chunk.css>; rel=preload; as=style; nopush
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=63072000; includeSubDomains
Vary: Accept-Encoding
Via: 1.1 spaces-router (devel)
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 3eaff5ee-ebe2-671e-4e15-bc6852fb1379
X-Runtime: 0.016837
X-Xss-Protection: 1; mode=block

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 207ms
207ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=b253130e4accad98012a3abe3f4b4c7a&svisitor=null&visitor=d250bbad-a77d-43ef-8fc4-ff4b385724bc&session=24b13fdb-7276-4d3e-86f4-0726a0e50415&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2020%20Oct%202023%2002%3A09%3A19%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2020%20Oct%202023%2002%3A09%3A18%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%221002%22%7D&isIframe=false&m=%7B%22description%22%3A%22Learn%20more%20about%20the%20latest%20%5C%22Complaint%20Stealer%5C%22%20malware%20campaigns%20targeting%20cryptocurrency%20wallets%20and%20programs%20as%20well%20as%20hospitality%20sector%20credentials.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22New%20%E2%80%9CComplaint%20Stealer%E2%80%9D%20Malware%20Escalates%20%7C%20Cofense%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fnew-complaint-stealer-malware-escalates%2F&pageViewId=dc9588ba-a332-4991-86a3-a6d6b20a938e&an_uid=0&v=1.1.7

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 02:09:19 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H/1.1 204
No Content collect Show response
w.clarity.ms/ 0
307 B 98ms
98ms XHR
text/plain 23.96.124.156
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://w.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.13/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.156 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://cofense2022stg.wpengine.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://cofense2022stg.wpengine.com
Date: Fri, 20 Oct 2023 02:09:20 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H2 200 messenger-94e6eccc.chunk.css
assets.qualified.com/packs/css/vendors~widget/sandboxed/ Frame F353 35 KB
7 KB 37ms
20ms Stylesheet
text/css 2606:4700::6812:1105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/css/vendors~widget/sandboxed/messenger-94e6eccc.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb3487cae40a55bf31dc6e6191ab0d88ec8c8f85c62bf28ad25ad0a40c16a611

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.qualified.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 02:09:20 GMT
x-amz-version-id: K8ToPrKMo71jUL9H1kXJwaDy3OW1C0Hd
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: H5090T6N6NQDJVCP
age: 945
x-amz-server-side-encryption: AES256
x-amz-id-2: ZcKSIiuTOiToD5LqOORmUV+qtW51d++F9eJaHSU8WZoBp2c2ulbUxO/szZYnqZ0aI9QRjTkqdZw=
last-modified: Fri, 06 Oct 2023 00:47:59 GMT
server: cloudflare
etag: W/"a788ecf510f83ee517cbaf79306145dd"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 818db7d45de55d65-FRA
expires: Fri, 20 Oct 2023 06:09:20 GMT

GET
H2 200 messenger-ea37ea0f.chunk.css
assets.qualified.com/packs/css/widget/sandboxed/ Frame F353 5 KB
1 KB 36ms
20ms Stylesheet
text/css 2606:4700::6812:1105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/css/widget/sandboxed/messenger-ea37ea0f.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ec35ab99388f6afab345622a22772619b83b7d63705d98df3c404da782fcabb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.qualified.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 02:09:20 GMT
x-amz-version-id: zKXsfoKUFji0fqagux87Ct.wStXdKY3J
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: MRKXA70C6M0FYVBK
age: 6981
x-amz-server-side-encryption: AES256
x-amz-id-2: kCovbgmQRs+HetedqJJrq0GBVEJ1w8pIHF0GCvmsw5QlBop/AtKGbdkTyA8Aaq84A2fZmKgNKjo=
last-modified: Thu, 21 Sep 2023 22:54:11 GMT
server: cloudflare
etag: W/"22d5f23e695250d3c5a5b1e76a015c5e"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 818db7d45de65d65-FRA
expires: Fri, 20 Oct 2023 06:09:20 GMT

GET
H2 200 messenger~runtime-3fbc8a73872119e0a50c.js Show response
assets.qualified.com/packs/js/widget/sandboxed/ Frame F353 2 KB
1 KB 31ms
21ms Script
application/javascript 2606:4700::6812:1105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/js/widget/sandboxed/messenger~runtime-3fbc8a73872119e0a50c.js
Requested by: Host: app.qualified.com
URL: https://app.qualified.com/w/1/H3wWDXLUxD4irieG/messenger?uuid=459feece-0b92-4b57-a619-5fd837e83982
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0849be37650e78cbb632e71850201842af54de736daf749a9db2f0ed2bc99cf5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.qualified.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 02:09:20 GMT
x-amz-version-id: 6ewjK1mDc02rE3.671kSWdf8faCRROib
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: EWW7TQ4NKV1QNWQE
age: 4822
x-amz-server-side-encryption: AES256
x-amz-id-2: 1rVewYKdTut7HDkiMweUHjEX2dEcwcu51aadM0TegWDFGR5XClqPrPSiL0mbFwbc/Wj2vzUhW0E=
last-modified: Fri, 20 Oct 2023 00:43:25 GMT
server: cloudflare
etag: W/"8f290d0c5c3188317850c9f240f05e60"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 818db7d45de85d65-FRA
expires: Fri, 20 Oct 2023 06:09:20 GMT

GET
H2 200 messenger-d4a053b46f1faae02ebd.chunk.js Show response
assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/ Frame F353 1 MB
368 KB 32ms
22ms Script
application/javascript 2606:4700::6812:1105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-d4a053b46f1faae02ebd.chunk.js
Requested by: Host: app.qualified.com
URL: https://app.qualified.com/w/1/H3wWDXLUxD4irieG/messenger?uuid=459feece-0b92-4b57-a619-5fd837e83982
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7133905ab34af03a561d04579421dbc3d3072d65591065869a2b82b25cf6ae8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.qualified.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 02:09:20 GMT
x-amz-version-id: pCFuCigWNUVkdLT.3FNLFteHmuK0Hgli
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: QPRHE34BECKB31P3
age: 1473
x-amz-server-side-encryption: AES256
x-amz-id-2: ho7Ql4U9VN+p48IbpnTRDe2ohlu+zdhYHXfxw0JEXdB+2qJFzYAs+i1NH4dlEyMWc6YZXMe8HjE=
last-modified: Mon, 16 Oct 2023 15:29:44 GMT
server: cloudflare
etag: W/"ef7fa9891ddae41b71bafc274e556839"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 818db7d45de75d65-FRA
expires: Fri, 20 Oct 2023 06:09:20 GMT

GET
H2 200 messenger-6d4de47da600346e2db1.chunk.js Show response
assets.qualified.com/packs/js/widget-sandboxed-chunks/widget/sandboxed/ Frame F353 841 KB
194 KB 28ms
27ms Script
application/javascript 2606:4700::6812:1105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/widget/sandboxed/messenger-6d4de47da600346e2db1.chunk.js
Requested by: Host: app.qualified.com
URL: https://app.qualified.com/w/1/H3wWDXLUxD4irieG/messenger?uuid=459feece-0b92-4b57-a619-5fd837e83982
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b65f25f7b3a45d69b2fc6e69fa31b7789349377f3a8210da1aa2a1e3185d18ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.qualified.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 02:09:20 GMT
x-amz-version-id: o0xgIY1YluwzrFjJDi2wk_rbPphCqtyO
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: EWW8MKMPWHC7JQFC
age: 4822
x-amz-server-side-encryption: AES256
x-amz-id-2: v/Nu82KOFmJH7VVRjJzpolJLKHF97ZZhIOrChB/wA8F8eiXwskL+lK3pPpR/Qp5PoJYzD+i4a8g=
last-modified: Fri, 20 Oct 2023 00:43:26 GMT
server: cloudflare
etag: W/"cda2c4868ca1f000088a86103ac93a9b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 818db7d47df95d65-FRA
expires: Fri, 20 Oct 2023 06:09:20 GMT

GET
H2 200 Inter-Regular-c8ba52b05a9ef10f47584d08ece2ec5c.woff2
assets.qualified.com/packs/media/fonts/inter/ Frame F353 97 KB
97 KB 56ms
22ms Font
font/woff2 2606:4700::6812:1005
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/media/fonts/inter/Inter-Regular-c8ba52b05a9ef10f47584d08ece2ec5c.woff2
Requested by: Host: app.qualified.com
URL: https://app.qualified.com/w/1/H3wWDXLUxD4irieG/messenger?uuid=459feece-0b92-4b57-a619-5fd837e83982
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1005 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6

Request headers

Referer: https://app.qualified.com/
Origin: https://app.qualified.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 02:09:20 GMT
x-amz-version-id: GuaL2VDDpOVBdQAK5C2Vzl0X3xDC9iQl
cf-cache-status: HIT
x-amz-request-id: 3V1GT32SRQ5VTWP3
age: 8806265
x-amz-server-side-encryption: AES256
content-length: 98868
x-amz-id-2: c81mbv9cTctY+HFyPC20NrI8CGkTC3goL0YLCV/AQYNSevU7/bnEah6YYvxvBU2ascTAtD7a4F4=
last-modified: Fri, 07 Jul 2023 20:43:15 GMT
server: cloudflare
etag: "dc131113894217b5031000575d9de002"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 818db7d4799f4d86-FRA
expires: Sat, 19 Oct 2024 08:09:20 GMT

GET
H2 200 Inter-SemiBold-b5f0f109bc88052d4000c58ca615671d.woff2
assets.qualified.com/packs/media/fonts/inter/ Frame F353 103 KB
104 KB 69ms
36ms Font
font/woff2 2606:4700::6812:1005
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/media/fonts/inter/Inter-SemiBold-b5f0f109bc88052d4000c58ca615671d.woff2
Requested by: Host: app.qualified.com
URL: https://app.qualified.com/w/1/H3wWDXLUxD4irieG/messenger?uuid=459feece-0b92-4b57-a619-5fd837e83982
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1005 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 152261291c938aa5aad6a56d52b47ffcb893d1c0387e76d7f270a7382ff786d5

Request headers

Referer: https://app.qualified.com/
Origin: https://app.qualified.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 02:09:20 GMT
x-amz-version-id: OXneViC17IxgTZP0heQAqgRa7hi.9Jti
cf-cache-status: HIT
x-amz-request-id: WMF5GDWTFK1FDDB5
age: 2026162
x-amz-server-side-encryption: AES256
content-length: 105804
x-amz-id-2: Hjgc6hJtTQ0zDkePvGs0VXUTzb0jTiMpoeQfRt+14A5eCGCSbxEDShaIJVBpsm/JL5OwCzROLfY=
last-modified: Fri, 22 Sep 2023 23:26:36 GMT
server: cloudflare
etag: "007ad31a53f4ab3f58ee74f2308482ce"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 818db7d479a14d86-FRA
expires: Sat, 19 Oct 2024 08:09:20 GMT

POST
H2 200 / Show response
sentry.io/api/1332833/envelope/ Frame F353 2 B
324 B 171ms
121ms Fetch
application/json 35.186.247.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1332833/envelope/?sentry_key=b5158ee3382d49b28a864fb2b91bcaaf&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.11.1

Requested by

Host: assets.qualified.com
URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-d4a053b46f1faae02ebd.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.247.156 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

156.247.186.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.qualified.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 20 Oct 2023 02:09:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 203ms
202ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=b253130e4accad98012a3abe3f4b4c7a&svisitor=null&visitor=d250bbad-a77d-43ef-8fc4-ff4b385724bc&session=24b13fdb-7276-4d3e-86f4-0726a0e50415&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2020%20Oct%202023%2002%3A09%3A20%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2020%20Oct%202023%2002%3A09%3A19%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%222003%22%7D&isIframe=false&m=%7B%22description%22%3A%22Learn%20more%20about%20the%20latest%20%5C%22Complaint%20Stealer%5C%22%20malware%20campaigns%20targeting%20cryptocurrency%20wallets%20and%20programs%20as%20well%20as%20hospitality%20sector%20credentials.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22New%20%E2%80%9CComplaint%20Stealer%E2%80%9D%20Malware%20Escalates%20%7C%20Cofense%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fnew-complaint-stealer-malware-escalates%2F&pageViewId=dc9588ba-a332-4991-86a3-a6d6b20a938e&an_uid=0&v=1.1.7

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 02:09:20 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 298ms
298ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=b253130e4accad98012a3abe3f4b4c7a&svisitor=null&visitor=d250bbad-a77d-43ef-8fc4-ff4b385724bc&session=24b13fdb-7276-4d3e-86f4-0726a0e50415&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2020%20Oct%202023%2002%3A09%3A21%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2020%20Oct%202023%2002%3A09%3A20%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%223004%22%7D&isIframe=false&m=%7B%22description%22%3A%22Learn%20more%20about%20the%20latest%20%5C%22Complaint%20Stealer%5C%22%20malware%20campaigns%20targeting%20cryptocurrency%20wallets%20and%20programs%20as%20well%20as%20hospitality%20sector%20credentials.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22New%20%E2%80%9CComplaint%20Stealer%E2%80%9D%20Malware%20Escalates%20%7C%20Cofense%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fnew-complaint-stealer-malware-escalates%2F&pageViewId=dc9588ba-a332-4991-86a3-a6d6b20a938e&an_uid=0&v=1.1.7

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 02:09:22 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H/1.1 204
No Content collect Show response
w.clarity.ms/ 0
307 B 95ms
94ms XHR
text/plain 23.96.124.156
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://w.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.13/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.156 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://cofense2022stg.wpengine.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://cofense2022stg.wpengine.com
Date: Fri, 20 Oct 2023 02:09:22 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
483 B 202ms
202ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=b253130e4accad98012a3abe3f4b4c7a&svisitor=null&visitor=d250bbad-a77d-43ef-8fc4-ff4b385724bc&session=24b13fdb-7276-4d3e-86f4-0726a0e50415&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2020%20Oct%202023%2002%3A09%3A22%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2020%20Oct%202023%2002%3A09%3A21%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224005%22%7D&isIframe=false&m=%7B%22description%22%3A%22Learn%20more%20about%20the%20latest%20%5C%22Complaint%20Stealer%5C%22%20malware%20campaigns%20targeting%20cryptocurrency%20wallets%20and%20programs%20as%20well%20as%20hospitality%20sector%20credentials.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22New%20%E2%80%9CComplaint%20Stealer%E2%80%9D%20Malware%20Escalates%20%7C%20Cofense%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fnew-complaint-stealer-malware-escalates%2F&pageViewId=dc9588ba-a332-4991-86a3-a6d6b20a938e&an_uid=0&v=1.1.7

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 02:09:22 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 18ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-3G76T4W3LR&gtm=45je3ai0&_p=365335309&cid=1795539707.1697767759&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1697767758&sct=1&seg=0&dl=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fnew-complaint-stealer-malware-escalates%2F&dt=New%20%E2%80%9CComplaint%20Stealer%E2%80%9D%20Malware%20Escalates%20%7C%20Cofense&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3G76T4W3LR&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cofense2022stg.wpengine.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 02:09:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cofense2022stg.wpengine.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 212ms
211ms Image
image/gif 95.101.111.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=b253130e4accad98012a3abe3f4b4c7a&svisitor=null&visitor=d250bbad-a77d-43ef-8fc4-ff4b385724bc&session=24b13fdb-7276-4d3e-86f4-0726a0e50415&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2020%20Oct%202023%2002%3A09%3A23%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2020%20Oct%202023%2002%3A09%3A22%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%225005%22%7D&isIframe=false&m=%7B%22description%22%3A%22Learn%20more%20about%20the%20latest%20%5C%22Complaint%20Stealer%5C%22%20malware%20campaigns%20targeting%20cryptocurrency%20wallets%20and%20programs%20as%20well%20as%20hospitality%20sector%20credentials.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22New%20%E2%80%9CComplaint%20Stealer%E2%80%9D%20Malware%20Escalates%20%7C%20Cofense%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fnew-complaint-stealer-malware-escalates%2F&pageViewId=dc9588ba-a332-4991-86a3-a6d6b20a938e&an_uid=0&v=1.1.7

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 02:09:23 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
cofense2022stg.wpengine.com/	1969-12-31 23:59:59	Name: wp-wpml_current_language Value: en
.wpengine.com/	1970-01-20 17:45:43	Name: _gcl_au Value: 1.1.187596580.1697767759
.techtarget.com/	1970-01-20 15:36:09	Name: __cf_bm Value: Gtru95mLbRu386Cdi8nz.hGzwfdWLlpr8L8KJRS6XcA-1697767758-0-AbaWg9IzVHiaNvsXNhoABeGfdDYbPQGDezZwnu8sOwsdaaqvxiJEuXRU2nKDqY98G0BmLCiP6omGYf1x61T0SMQ=
www.clarity.ms/	1970-01-21 00:21:43	Name: CLID Value: 1f8260f6bea04ba4892a76384a9d4e73.20231020.20241019
.wpengine.com/	1970-01-21 01:12:07	Name: _ga Value: GA1.2.1795539707.1697767759
.wpengine.com/	1970-01-20 15:37:34	Name: _gid Value: GA1.2.1214950353.1697767759
.wpengine.com/	1970-01-20 15:36:07	Name: _dc_gtm_UA-114787942-1 Value: 1
.wpengine.com/	1970-01-21 00:21:43	Name: _clck Value: 286nbv\|2\|fg0\|0\|1388
cofense2022stg.wpengine.com/	1970-01-20 15:46:12	Name: _an_uid Value: 0
cofense2022stg.wpengine.com/	1970-01-21 01:12:07	Name: _gd_visitor Value: d250bbad-a77d-43ef-8fc4-ff4b385724bc
cofense2022stg.wpengine.com/	1970-01-20 15:36:22	Name: _gd_session Value: 24b13fdb-7276-4d3e-86f4-0726a0e50415
.wpengine.com/	1970-01-21 01:12:07	Name: _mkto_trk Value: id:404-JHU-612&token:_mch-wpengine.com-1697767758850-10546
.ws.zoominfo.com/	1970-01-21 00:21:43	Name: visitorId Value: 3dc08bee5010e2493198e83220d39fb3d5967e53b2150119d74f547bd660c394
.zoominfo.com/	1970-01-20 15:36:09	Name: __cf_bm Value: Mv8fq4DKnFz.34wUpIUpTJL.BP71TGgSBbRO5HDDEkw-1697767758-0-Aayr19NpilNjtXw5UPbF92w4mlzjrylJyYSDdyEWpbyCJKl0ppchiZC9fhR5f26f/k43S2NEYuTuGm5OOTRrTu8=
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: IbmTL0Jbrq4rXSgiQn.hAH2Uu2VYYXvWXVKDZA1wwoM-1697767758867-0-604800000
.wpengine.com/	1970-01-21 01:12:07	Name: _ga_ZVTRKX60MM Value: GS1.2.1697767758.1.0.1697767758.60.0.0
.linkedin.com/	1970-01-20 17:45:43	Name: li_sugr Value: 0117ff86-abe9-4cf3-8b0e-997e432e370a
.linkedin.com/	1970-01-21 00:21:43	Name: bcookie Value: "v=2&c5af953a-08f9-4da3-8987-4c50c7b2ca94"
.linkedin.com/	1970-01-20 15:37:34	Name: lidc Value: "b=VGST02:s=V:r=V:a=V:p=V:g=3013:u=1:x=1:i=1697767758:t=1697854158:v=2:sig=AQFaD_ow08zzDwE1d2Ee-f4rFujzlrmO"
.wpengine.com/	1970-01-21 01:12:07	Name: __q_state_H3wWDXLUxD4irieG Value: eyJ1dWlkIjoiNDU5ZmVlY2UtMGI5Mi00YjU3LWE2MTktNWZkODM3ZTgzOTgyIiwiY29va2llRG9tYWluIjoid3BlbmdpbmUuY29tIn0=
.wpengine.com/	1970-01-21 01:12:07	Name: _ga_3G76T4W3LR Value: GS1.1.1697767758.1.0.1697767759.59.0.0
.6sc.co/	1970-01-21 01:12:07	Name: 6suuid Value: b8d01702831719004fe131654a00000011230200
.linkedin.com/	1970-01-20 16:19:19	Name: UserMatchHistory Value: AQKc5ooMO36UPwAAAYtK2BzUUneZXOlQteJi0sfYa33tVeiM7G8rHxOdEzy9dtGGikSV9btHPWn-Tg
.linkedin.com/	1970-01-20 16:19:19	Name: AnalyticsSyncHistory Value: AQKKM_IVe2SNiwAAAYtK2BzUpRSlwJ5sghWAiwXiPWR0vpHw2_STLzPamS9pQaqD17jMErKrpql7ylw7WxQhSA
.www.linkedin.com/	1970-01-21 00:21:43	Name: bscookie Value: "v=1&20231020020919bdfad6d6-0a6e-4812-804d-ef2a46b9c37dAQFZHIlkVftQEH97dPqxCqpNOe2xyb7j"
.linkedin.com/	1970-01-20 19:55:19	Name: li_gc Value: MTswOzE2OTc3Njc3NTk7MjswMjECP+zTj1S1auIwyRU38N/0mN85JJCIqUQDC74wA7Kbuw==
.wpengine.com/	1970-01-20 15:37:34	Name: _clsk Value: j24f2k\|1697767759417\|1\|1\|w.clarity.ms/collect
.bing.com/	1970-01-21 00:57:43	Name: MUID Value: 3DBBA638E66B65E01112B588E7006491
.c.bing.com/	1970-01-20 15:46:12	Name: MR Value: 0
.c.bing.com/	1970-01-21 00:57:43	Name: SRM_B Value: 3DBBA638E66B65E01112B588E7006491
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 00:57:43	Name: MUID Value: 3DBBA638E66B65E01112B588E7006491
.c.clarity.ms/	1970-01-20 15:46:12	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 15:36:08	Name: ANONCHK Value: 0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://lltrck.com/scripts/lt-v3.js?llid=19612 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

404-jhu-612.mktoresp.com
app.qualified.com
assets.qualified.com
b.6sc.co
c.6sc.co
c.bing.com
c.clarity.ms
cofense2022stg.wpengine.com
ehhbozgsut3.exactdn.com
epsilon.6sense.com
extend.vimeocdn.com
ibc-flow.techtarget.com
ipv6.6sc.co
j.6sc.co
js.qualified.com
lltrck.com
munchkin.marketo.net
okt.to
p.typekit.net
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
secure.adnxs.com
sentry.io
snap.licdn.com
static.oktopost.com
stats.g.doubleclick.net
trk.techtarget.com
w.clarity.ms
ws.zoominfo.com
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
13.107.42.14
146.75.122.109
18.245.60.70
185.89.210.46
192.28.144.124
2001:4860:4802:34::36
23.96.124.156
2400:52e0:1e00::1080:1
2606:4700:4400::ac40:973c
2606:4700::6810:890f
2606:4700::6812:1005
2606:4700::6812:1105
2620:1ec:21::14
2620:1ec:46::63
2620:1ec:c11::200
2a00:1450:4001:80b::2003
2a00:1450:4001:810::200e
2a00:1450:4001:81c::2008
2a00:1450:4001:82b::2004
2a00:1450:400c:c0a::9c
2a02:26f0:480:23::1726:629c
2a02:26f0:480:f::213:7ed3
2a02:26f0:480:f::213:7edd
3.210.57.98
34.111.208.231
34.74.117.101
35.186.247.156
52.20.195.32
52.29.246.172
52.55.124.205
68.219.88.97
88.221.60.75
95.101.111.184
0078a74cadc02eb3d0642a1d7720580538430708396791fe745f7ff7a89c67b4
0364d368abf457d4e70dbc7a7a360f3486eaea2837b194915b23d4398bee91ac
048d136d592e66896cccc1fe4fada4feb16b7f6af671cd49a2fe6ed6b2276c6c
04ebaf5c0a3da26efcf1f6782f19a7f8269949e13cd04cc00c6be81d06382505
06c5b21ed6beb8535987a718d67db031fd8f9658a06e347946420fece8a2d845
0800c1bcae9fd7a9ab8bb0fc08bb60392cde06279906b58ba73a9d32c0ef0f8d
0849be37650e78cbb632e71850201842af54de736daf749a9db2f0ed2bc99cf5
08d9e28e5a3cf2a632f0a595610c79ae90f8dc50f3dd17914f2e6ef324b100bf
09016600a13dd4825b72516765a8da53d1ab896f7582c4619d014e8ee147ea84
0a828dbd42b518c042d31e8c907ce91c852f06759f79a659341c8c4fa74492b3
0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e
12c3f7bc60c99d1b6b634d6cd16fbb0e26ae75ddda15d7a6e5106cd5dad83f14
136ae09fa1a7c5fc9e017fef8c19b4408a8f4fdf9c9df542652a9746ee3e9b8a
138154c0deed3326477b9b4909175101070a5a3a95342291b53d8cc9879a5f47
13ba7d85cedf2d5b14f9091119f9067689bdc33edde1d37a654787d416fbca34
152261291c938aa5aad6a56d52b47ffcb893d1c0387e76d7f270a7382ff786d5
19fb8fd435c0bce0c7b49c24d128cce686d4a6bba0de63d34d5effa4e1f644f4
1a829e1d6e41d31c49d5da4fc80f0d3a7ec3a42346706e092e19515ac518a057
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c5062c716f15143dd0a8f6f6993a6f8db2900afc49e6193a9664a782a2e1686
1f658d477bca6e8ce0f56bd251d86fdc170fa3267ee10c916406f78645624e91
20aad078c190cf5e3ff7c4a1471020f97a232dbc06b41b80f6a5fc782bd3493d
21a8d9de57277a54200a816f7c852e39febfb766f6fcecd3d7e8d4c90dd5f55f
22376326cd0560a692c6cc23da4d10a35d53e8781635f4d207b05edb6acc9e3a
234cbce3c37318c0a714729e1340c5bbdde1e9ebf444c5480db3ffe149ca9ee8
2689ce69760ffc47c2e0fb1c72f6265a402170b618124f408fd34b86c0fb1aec
2cb2dbcaef23560aab640aaa379e55b607c905a3f8f41b813679e5e503ecdf17
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
30db81ee3fd2296a2f5d01bb41c96067068327115900e2bdb865ffcfed6fdf8b
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
365b620ba7cfdf23e9c6f78bfda3004c9ae0c8deb6605fe0b069c0ae992981b7
395f8a89991e910f414eadf01bac7b8094f1a1b94f53128a3e1067365c3006c8
3c1a5c4b5574a4104a92b2e700e6f0fc5b001c4297ebc5a1e76d67b1fbeb1c2d
3c60f28ac63eb4fed3d219aba2496cb5da8b96a1db54a8d9b5c87ada17e42c00
40866ec78876a63fea371c77acbb0cf7586aff4bd46a0fb5e801d5f442f62c42
41eac43c1137e23dc691d5605126f42c477b739d40867c3022a1c9a857dd3194
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4902421a8e4268518e9435b729b6a50ce42d76cf3afd2a6ed6d1db87b565cc66
4b9257e3e9c959214ddfab833a69a021ae6557403efe76afcbee259621175274
4d8f302eda9307bb0c244cc89f76f5d4eccd84380f4d04d47c49115ca989a983
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
5231072de27cfe7ed0a432f3068a71ae38c8194cfb0f42b2126023fa7c99dc4c
55a584b426a4c83b14dc79e65c48e065d826852bbbd32814c0127f6ac70a922e
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
58f8be459c8d1062283ac072740cb4504fc4b3c06f7f6f1e6b17643115cf2cce
59699f848639a544155d6ba04f1659ba6e0c0edfc7b50dc7ee98e0c1b8a93222
5ae1d0795901f709b38e3a8afa9b791fed006d781b5161bd4ac921c5d4a73c5a
5b3086a886aa8649ecbf496ac913a1aa443926cd2fff610be2d136c9598bcd8b
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5d85bc80086058f285c1ab7628f1e37d2ee27f3a4ed89e7d1577915518fef0d2
5ec0edcab83d68a0bbdaaa014ca2eb993bf8bb3eb9eb5291be25e602a0d50e2b
5fde6eacc077ab58c0a3e25657dcc7bb8c2c21469b7223f8135dd46da6beee25
6395d758d0ce608e17c063bcb631df55129fbdd005e4d9059b465ab433e5d3fd
65d8dd786920a8a2fa4df78fdcb708f06cf67c5febe9cfd5ca83c479a66fdad2
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6
698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f
6c649cc3d4aee7683250622541a6045ad4ac3beb93df1fcdd3ec1f7f12a1ff44
6c64f1f61427b7aff7961cee93a0ee95c454274084a3a9e10aed8496929450d5
6ec35ab99388f6afab345622a22772619b83b7d63705d98df3c404da782fcabb
7133905ab34af03a561d04579421dbc3d3072d65591065869a2b82b25cf6ae8d
74e69ccf2f5cb32c175e328707c515fc9116ddd5cb3c92882d9bd53d3a742d63
77325b6bb54a3b6a76c87044e21e9b65540c5b16f5d836dd1db0d36a6ab93deb
79511acd0ccdbd49e4ece99044497e5de1befd1298f9184d7c3f4f68d04960c8
7dcdd6d49205a7b8a0b5d35b65b6d70c7675bd653e29e18992d6470ece0c3d1b
80ae295e1e684f6903ca3b3896fb69550a5051c018482eae7d601f5a270c5f83
82915a46f223be695a3255845ad875c54ae0bebd58cb30b6e2a2aaa0ef6b06e5
848ebbe22f48bb9cbdef963602e58e60688e934f430b6839500232159560c6de
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
880bd0c057b2118ce8870a412c9bbc9c744ecc1ffc2e0cec852f0822467a5468
89b87d53f74bf77c35b63352937c490fa8e07f70eb549d9307ea8e945fc00bc4
8cbc49b1385bf29debe95333f04795a6e3a2cf218d88b415b29872d06491fd1c
8f9de5ce0bd559fccdcf15f73bef8d60af03428ea4c33222985a6644d1351b35
94b0e9b4abbe9e99299038ddeace0340091f244ec3da58d079620ed8d81ce591
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a0eb0368e9e7b3ceaf152e2ef2212e6c2f1b924e34faa7f9841a4ef702a09da4
a144b7eb90f5589866d0546b15df7c4473c9ff44b079490e449c0ad96bb82511
a5b92372018c41010f3abc7e2508e4f4e1be30c6aa4bad99ae72504ad3e105a7
a7c3b69070e18da88843ce5865aae332f74fae0ada9c0a6004c6615c9813b4d6
a8642bcd147ba3528345f5bd17f788cd524931e093255b2c1c8344677a1ab505
ad2364119e81655c5452420dd9a2e2a488dd6658012ae9db392d4ee441c1e6a9
ae549261b91e3e9a5b932de75d605c5a831db2d3793f1c2e7b48c6fd2f811edd
afbba8cf0d4c31958050c828d83f4f674095838a25b6186919aec0f60d9fd4de
b2e6635e04d9963d4ac52e813fb7c3da30dbc68d68cbd2b5d5e41dd13433f302
b4234e7878e78bc3463dee60b74dabc4249a8858550b89c4f5c23235d033c2d5
b4a73e79ac953f25e7800b5ca583552229ce52f3a8c9dad31ee9da427ffa614e
b4d6f31b12061ce5f7eb43054704209c45634f84c8dcfd0666907f33fa527401
b56b366f67c5c49beade9a2c61c6673272fb4fc57f165b1f9d68d255cfa2e7e0
b65f25f7b3a45d69b2fc6e69fa31b7789349377f3a8210da1aa2a1e3185d18ee
b7aa6ab9df6a0e844f86c52f547756342afab7b158a51c6c54ec5c10ba9e3773
ba537e3957077fcc988d30e467e3464ef916baecec231691a65fd7d66a99c1f8
bab206232a7ed22b16328f93b591887cf8e69c92871ee89fd421c94407b4f9a4
bf685e293d51dc7a9ca630e387c90e436811766ab6a41df5dd0dd660b91f9eaf
c1e32056f64bfc949474b6b8f127b6f75c9724fd5d198461608d54812450a111
c3dfc3f03106f85ab56ceaadf44433f35cca4209d64922d50a1c650c90aa60ad
c3fcdc0c39e62cccf703908dcd72fb7198f261e28128e7878bc8c1115f6c080c
c45f781964e97c179059fb620032eddab4a86bf8af6cd3f7460b2fa839fedb10
ced2d8e02e2fbf08d2edec9b5f13648ed8348588a05f7181632f3c1dd6e1f5c3
cf7e7bef418e30a1109043d1ce9bd96d95871973d9f0f48f453ed8d2e070d3c6
d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d16687a04944f1fe7b82f081d4267457122bc36b26de671c1132ca5fdc938f41
d53336707c39d1ec20a2b1f7399ca9f183c45592e215a42fd596dfa2dbb8ad7a
d55538fba2c0b897ef503920ead14ca39c62396d2a03456ebafd55a82ed8e0b4
d5e15bc5a13a703d32fa45350a363adb85fafb7a4c9c08250c6ce4cf8c4252a0
d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6
d622534d53d3ac1095af275f0b30274fcd835785577df2dde6d9398e6f7a2c8f
daecac5f08c9ca9bdd7b4964baaba005c86e765aa85e071214b87fd437b1f80a
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df77484a84b02f540aa794f6f6d3aa25997a5574d00f719e49ff0f0aa036f8e8
dfed2068b0898ac70605110ec1c8170a0aab611763ed5591c72196817d0b1282
e0aa068ac5dfad098da734d929000446f50930d7411a075c031ea96a9352970b
e2ac5ea7f5449806fb65e42f8c0c97ac9d4c3e83da641340767ab071526da96e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8a99c16a581c4e69330699d00aa4a7763158ed99194087bceebd232d53eb42f
e9ba3d0c5d5408e00becd36ad394fa9ad9c0616741ebdd6dddc8e837db3605ba
eb3487cae40a55bf31dc6e6191ab0d88ec8c8f85c62bf28ad25ad0a40c16a611
edf0c45100bd76408c47b7a27b7cc7a85d776b1baf46de9e33f5b90bff9d5ea2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f18d03ea1db25769e0297f023bbb4f700a35027e4b26c8ce2cea90dd91956cef
f22f932d4024701930979deb0996cc5919e760b0a39fb638fd2d93c13be84305
f2505437c541fbb54d3381687c49fded570dbc01ef97032d3db827f11825e971
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a
f4221e726cd903ea62b23099982f627213f319bad4697da681b33ec82d613500
f7c57b37232dd200e7b27fc6bfce78ec413a3a718e94818248f4fe16570780bd
faddf8c3ff09bbff2375dd94286aef72d1f2816fad00c248b213e0ed4877f441
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
ff0ef2b4514a9a824e24181bd336b7b282a0ff614b16dcc9484470aa337c15a2

cofense2022stg.wpengine.com Open in urlscan Pro 34.74.117.101 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

151 Requests

98 %HTTPS

52 %IPv6

25 Domains

36 Subdomains

32 IPs

4 Countries

2034 kBTransfer

5854 kBSize

34 Cookies

8 Outgoing links

Redirected requests

151 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

cofense2022stg.wpengine.com Open in urlscan Pro
34.74.117.101 Public Scan

Screenshot
Live screenshot

Full Image

151
Requests

98 %
HTTPS

52 %
IPv6

25
Domains

36
Subdomains

32
IPs

4
Countries

2034 kB
Transfer

5854 kB
Size

34
Cookies

151 HTTP transactions
4 data transactions