abnormalsecurity.com Open in urlscan Pro
76.76.21.21 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
Submission: On September 28 via api (September 28th 2023, 2:06:41 am UTC) from TR — Scanned from DE

Summary HTTP 152 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 35 IPs in 4 countries across 26 domains to perform 152 HTTP transactions. The main IP is 76.76.21.21, located in Charlotte, United States and belongs to AMAZON-02, US. The main domain is abnormalsecurity.com. The Cisco Umbrella rank of the primary domain is 997473.
TLS certificate: Issued by R3 on August 22nd 2023. Valid for: 3 months.

This is the only time abnormalsecurity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
46	76.76.21.21 76.76.21.21	16509 (AMAZON-02) (AMAZON-02)
1	52.22.23.118 52.22.23.118	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:214... 2600:9000:214f:de00:3:eee:d40:21	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700:20:... 2606:4700:20::681a:8b5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
10	167.172.14.134 167.172.14.134	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	54.171.44.183 54.171.44.183	16509 (AMAZON-02) (AMAZON-02)
18	151.101.65.195 151.101.65.195	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:223... 2600:9000:223c:3a00:1:57c7:dac0:21	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.2.133 151.101.2.133	54113 (FASTLY) (FASTLY)
1	2600:9000:223... 2600:9000:223e:4200:d:1a25:7e40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.209.198.187 34.209.198.187	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
12	108.128.94.232 108.128.94.232	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:211... 2600:9000:211e:1c00:3:b7e:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
3	151.101.64.143 151.101.64.143	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
8	2.17.100.184 2.17.100.184	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:780... 2a02:26f0:780::210:a423	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	23.197.137.224 23.197.137.224	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
4	54.171.34.82 54.171.34.82	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:480... 2a02:26f0:480:23::1726:62a7	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2607:f5b7:1:5... 2607:f5b7:1:52::11	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
1	169.63.31.200 169.63.31.200	36351 (SOFTLAYER) (SOFTLAYER)
2	35.156.107.46 35.156.107.46	16509 (AMAZON-02) (AMAZON-02)
2	2a02:6ea0:c70... 2a02:6ea0:c700::17	60068 (CDN77 ^_^) (CDN77 ^_^)
152	35

46 76.76.21.21 (Charlotte, United States)

ASN16509 (AMAZON-02, US)

abnormalsecurity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.22.23.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-23-118.compute-1.amazonaws.com

abnormalsecurity.outgrow.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:214f:de00:3:eee:d40:21 (United States)

ASN16509 (AMAZON-02, US)

dyv6f9ner1ir9.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:8b5 (United States)

ASN13335 (CLOUDFLARENET, US)

optimise2.assets-servd.host	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 167.172.14.134 (United States)

ASN14061 (DIGITALOCEAN-ASN, US)

cms.abnormalsecurity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.171.44.183 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-44-183.eu-west-1.compute.amazonaws.com

vitals.vercel-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 151.101.65.195 (United States)

ASN54113 (FASTLY, US)

cdn.outgrow.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:3a00:1:57c7:dac0:21 (United States)

ASN16509 (AMAZON-02, US)

dlvkyia8i4zmz.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.133 (United States)

ASN54113 (FASTLY, US)

static.filestackapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223e:4200:d:1a25:7e40:93a1 (United States)

ASN16509 (AMAZON-02, US)

site-assets.plasmic.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.209.198.187 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-209-198-187.us-west-2.compute.amazonaws.com

analytics.plasmic.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 108.128.94.232 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-94-232.eu-west-1.compute.amazonaws.com

api-n.outgrow.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-live.outgrow.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:1c00:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.64.143 (United States)

ASN54113 (FASTLY, US)

s.swiftypecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.17.100.184 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-100-184.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:780::210:a423 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.197.137.224 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-137-224.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.10 (Dallas, United States) 1 redirects

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

cdn.mouseflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.171.34.82 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-34-82.eu-west-1.compute.amazonaws.com

api-h.outgrow.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:23::1726:62a7 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f5b7:1:52::11 (United States)

ASN30633 (LEASEWEB-USA-WDC, US)

n2.mouseflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.63.31.200 (United States)

ASN36351 (SOFTLAYER, US)
PTR: c8.1f.3fa9.ip4.static.sl-reverse.com

cc.swiftype.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.107.46 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-107-46.eu-central-1.compute.amazonaws.com

epsilon.6sense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:c700::17 (Germany)

ASN60068 (CDN77 ^_^, GB)

maxst.icons8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	abnormalsecurity.com abnormalsecurity.com — Cisco Umbrella Rank: 997473 cms.abnormalsecurity.com	2 MB
19	outgrow.us abnormalsecurity.outgrow.us cdn.outgrow.us — Cisco Umbrella Rank: 422989	1 MB
16	outgrow.co api-n.outgrow.co — Cisco Umbrella Rank: 396897 api-live.outgrow.co — Cisco Umbrella Rank: 557245 api-h.outgrow.co — Cisco Umbrella Rank: 548241	26 KB
12	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 96 region1.google-analytics.com — Cisco Umbrella Rank: 1878	42 KB
9	6sc.co j.6sc.co — Cisco Umbrella Rank: 14010 c.6sc.co — Cisco Umbrella Rank: 19472 ipv6.6sc.co — Cisco Umbrella Rank: 14550 b.6sc.co — Cisco Umbrella Rank: 7792	18 KB
5	mouseflow.com 1 redirects cdn.mouseflow.com — Cisco Umbrella Rank: 11241 n2.mouseflow.com — Cisco Umbrella Rank: 44016	58 KB
3	swiftypecdn.com s.swiftypecdn.com — Cisco Umbrella Rank: 20739	149 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	278 KB
3	assets-servd.host optimise2.assets-servd.host — Cisco Umbrella Rank: 215753	2 KB
3	cloudfront.net dyv6f9ner1ir9.cloudfront.net dlvkyia8i4zmz.cloudfront.net	6 KB
2	icons8.com maxst.icons8.com — Cisco Umbrella Rank: 45615	111 KB
2	6sense.com epsilon.6sense.com — Cisco Umbrella Rank: 23716	595 B
2	bing.com bat.bing.com — Cisco Umbrella Rank: 691	13 KB
2	plasmic.app site-assets.plasmic.app — Cisco Umbrella Rank: 974929 analytics.plasmic.app	1 KB
2	vercel-insights.com vitals.vercel-insights.com — Cisco Umbrella Rank: 15524	331 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 113	1 KB
1	swiftype.com cc.swiftype.com — Cisco Umbrella Rank: 23401	279 B
1	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 7483	1 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1593	4 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1780	50 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 122	455 B
1	osano.com cmp.osano.com — Cisco Umbrella Rank: 7860	60 KB
1	filestackapi.com static.filestackapi.com — Cisco Umbrella Rank: 42747	30 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 410	18 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 558	9 KB
1	gstatic.com fonts.gstatic.com	126 KB
152	26

	Domain	Requested by
46	abnormalsecurity.com	abnormalsecurity.com
18	cdn.outgrow.us	abnormalsecurity.outgrow.us cdn.outgrow.us
10	api-n.outgrow.co	cdn.outgrow.us
10	cms.abnormalsecurity.com	abnormalsecurity.com
9	www.google-analytics.com	abnormalsecurity.outgrow.us www.googletagmanager.com cdn.outgrow.us
6	b.6sc.co
4	api-h.outgrow.co	cdn.outgrow.us
3	n2.mouseflow.com	cdn.mouseflow.com
3	region1.google-analytics.com	www.googletagmanager.com
3	s.swiftypecdn.com	abnormalsecurity.com s.swiftypecdn.com cmp.osano.com
3	www.googletagmanager.com	abnormalsecurity.com www.googletagmanager.com cdn.outgrow.us
3	optimise2.assets-servd.host	abnormalsecurity.com
2	maxst.icons8.com	cdn.outgrow.us maxst.icons8.com
2	epsilon.6sense.com	j.6sc.co
2	api-live.outgrow.co	cdn.outgrow.us
2	cdn.mouseflow.com	1 redirects
2	bat.bing.com	www.googletagmanager.com
2	vitals.vercel-insights.com	abnormalsecurity.com
2	fonts.googleapis.com	abnormalsecurity.com client
2	dyv6f9ner1ir9.cloudfront.net	abnormalsecurity.com
1	cc.swiftype.com
1	ipv6.6sc.co	j.6sc.co
1	c.6sc.co	j.6sc.co
1	munchkin.marketo.net	abnormalsecurity.com
1	snap.licdn.com	www.googletagmanager.com
1	j.6sc.co	abnormalsecurity.com
1	www.googleoptimize.com	www.googletagmanager.com
1	pagead2.googlesyndication.com	www.googletagmanager.com
1	cmp.osano.com	abnormalsecurity.com
1	analytics.plasmic.app	abnormalsecurity.com
1	site-assets.plasmic.app	abnormalsecurity.com
1	static.filestackapi.com	abnormalsecurity.outgrow.us
1	cdnjs.cloudflare.com	abnormalsecurity.outgrow.us
1	dlvkyia8i4zmz.cloudfront.net	abnormalsecurity.outgrow.us
1	cdn.jsdelivr.net	abnormalsecurity.outgrow.us
1	fonts.gstatic.com	fonts.googleapis.com
1	abnormalsecurity.outgrow.us	abnormalsecurity.com
152	37

This site contains links to these domains. Also see Links.

Domain
www.ic3.gov
abnormalsupport.force.com
partners.abnormalsecurity.com
intelligence.abnormalsecurity.com
careers.abnormalsecurity.com
www.abnormalbusinessschool.com
abnormalsecurity.statuspage.io

Subject Issuer	Validity	Valid
abnormalsecurity.com R3	`2023-08-22` - `2023-11-20`	3 months	crt.sh
*.outgrow.us Sectigo RSA Organization Validation Secure Server CA	`2023-07-19` - `2024-08-01`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-26` - `2024-02-26`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
cms.abnormalsecurity.com R3	`2023-08-14` - `2023-11-12`	3 months	crt.sh
vercel-insights.com Amazon RSA 2048 M03	`2023-08-23` - `2024-09-19`	a year	crt.sh
s.zotosu.net GTS CA 1D4	`2023-09-22` - `2023-12-21`	3 months	crt.sh
*.filestackapi.com R3	`2023-08-05` - `2023-11-03`	3 months	crt.sh
site-assets.plasmic.app Amazon RSA 2048 M01	`2023-01-31` - `2024-02-29`	a year	crt.sh
analytics.plasmic.app R3	`2023-08-16` - `2023-11-14`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.outgrow.co Sectigo RSA Organization Validation Secure Server CA	`2023-07-20` - `2024-08-18`	a year	crt.sh
cmp.osano.com Amazon RSA 2048 M02	`2023-02-21` - `2023-09-30`	7 months	crt.sh
s.swiftypecdn.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-07-02` - `2024-08-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
6sc.co R3	`2023-08-19` - `2023-11-17`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 05	`2023-07-26` - `2024-01-22`	6 months	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-06` - `2024-02-05`	a year	crt.sh
*.mouseflow.com Sectigo RSA Domain Validation Secure Server CA	`2023-08-28` - `2024-09-27`	a year	crt.sh
*.swiftype.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-21` - `2024-07-14`	a year	crt.sh
*.6sense.com Amazon RSA 2048 M01	`2023-05-01` - `2024-05-29`	a year	crt.sh
1454623486.rsc.cdn77.org R3	`2023-09-17` - `2023-12-16`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
Frame ID: 9AF1899C2AA9AAB2FEEB56F834D271AF
Requests: 99 HTTP requests in this frame

Frame: https://abnormalsecurity.outgrow.us/64e37afea593954b6e60f08f
Frame ID: 8CA4411D742DC031BE962899ABEA6C7A
Requests: 43 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Healthcare Organizations Experience 279% Increase in… | Abnormal

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

Mouse Flow (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.mouseflow\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

math.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

math(?:\.min)?\.js

Page Statistics

152
Requests

98 %
HTTPS

56 %
IPv6

26
Domains

37
Subdomains

35
IPs

4
Countries

3942 kB
Transfer

15546 kB
Size

14
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ic3.gov/Media/PDF/AnnualReport/2022_IC3Report.pdf
Title: latest research from the FBI

Search URL Search Domain Scan URL

URL: https://abnormalsupport.force.com/knowledgebase/s/
Title: Support Portal

Search URL Search Domain Scan URL

URL: https://partners.abnormalsecurity.com/
Title: Partner Portal

Search URL Search Domain Scan URL

URL: https://partners.abnormalsecurity.com/English/register_email.aspx
Title: Become a Partner

Search URL Search Domain Scan URL

URL: https://intelligence.abnormalsecurity.com/
Title: Abnormal Intelligence

Search URL Search Domain Scan URL

URL: https://careers.abnormalsecurity.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.abnormalbusinessschool.com/
Title: Business School

Search URL Search Domain Scan URL

URL: https://abnormalsecurity.statuspage.io/
Title: Status

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 96

https://cdn.mouseflow.com/projects/55451921-8278-4244-87a2-1e0b878bdae0.js HTTP 301
https://cdn.mouseflow.com/projects/55451921-8278-4244-87a2-1e0b878bdae0_eu.js

152 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request healthcare-organizations-email-attacks-2023 Show response
abnormalsecurity.com/blog/ 625 KB
144 KB 109ms
74ms Document
text/html 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel / Next.js

Resource Hash

c9249972c2fdad8831c4a5213c7f413b3589d67414f71bb10955517ac3599ebd

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: Content-Type
age: 319
cache-control: public, max-age=0, s-maxage=86400, stale-while-revalidate=86400
content-encoding: br
content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
content-type: text/html; charset=utf-8
date: Thu, 28 Sep 2023 02:01:14 GMT
etag: W/"8n02kff2lpdpf0"
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
referrer-policy: same-origin
server: Vercel
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-matched-path: /blog/healthcare-organizations-email-attacks-2023
x-powered-by: Next.js
x-vercel-cache: STALE
x-vercel-id: fra1::sfo1::m4tjw-1695866794637-b1528e55329c
x-xss-protection: 1

GET
H2 200 5ffe9d69e34904a1.css
abnormalsecurity.com/_next/static/css/ 98 KB
20 KB 15ms
15ms Stylesheet
text/css 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/css/5ffe9d69e34904a1.css

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

615d8b5a89e056d7325832ef9a4177796b0e60c603faf98439cf79f872f6784e

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
content-encoding: br
x-content-type-options: nosniff
date: Thu, 28 Sep 2023 02:06:34 GMT
strict-transport-security: max-age=63072000
age: 18758
content-disposition: inline; filename="5ffe9d69e34904a1.css"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::59rdv-1695866794717-63d4a651c3cb
x-matched-path: /_next/static/css/5ffe9d69e34904a1.css
etag: W/"77d74a0f95589d76460a2aabeaa842d7"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 webpack-fc6d028da0e80869.js Show response
abnormalsecurity.com/_next/static/chunks/ 5 KB
3 KB 20ms
19ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/webpack-fc6d028da0e80869.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

ecdf8f51c147127a75df50befbb2243b9f821d602e5f00cd0d8aefcce3f62942

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
content-encoding: br
x-content-type-options: nosniff
date: Thu, 28 Sep 2023 02:06:34 GMT
strict-transport-security: max-age=63072000
age: 18758
content-disposition: inline; filename="webpack-fc6d028da0e80869.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::pmm2p-1695866794718-887cff3fac63
x-matched-path: /_next/static/chunks/webpack-fc6d028da0e80869.js
etag: W/"43fd276d5502441ccdb45cae092b383b"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 framework-183e3429ec55574d.js Show response
abnormalsecurity.com/_next/static/chunks/ 206 KB
60 KB 19ms
16ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/framework-183e3429ec55574d.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

21f913cdec7510a2717672bc4fda25a3b45fc96ae21912aca756c822506b09b7

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
content-encoding: br
x-content-type-options: nosniff
date: Thu, 28 Sep 2023 02:06:34 GMT
strict-transport-security: max-age=63072000
age: 18758
content-disposition: inline; filename="framework-183e3429ec55574d.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::srsz2-1695866794722-ae450bd6eba1
x-matched-path: /_next/static/chunks/framework-183e3429ec55574d.js
etag: W/"b373712e6604e9d1046ff8b123fa534c"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 main-cd8cecc4f4bc68c8.js Show response
abnormalsecurity.com/_next/static/chunks/ 100 KB
32 KB 42ms
38ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/main-cd8cecc4f4bc68c8.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

ff95754c421efe0148bdc43c533e671f10e4e852a521b56c118b8183de80eb71

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
content-encoding: br
x-content-type-options: nosniff
date: Thu, 28 Sep 2023 02:06:34 GMT
strict-transport-security: max-age=63072000
age: 18758
content-disposition: inline; filename="main-cd8cecc4f4bc68c8.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::dcwd7-1695866794723-6d8481247d8a
x-matched-path: /_next/static/chunks/main-cd8cecc4f4bc68c8.js
etag: W/"be870af633731d12933edd6026b14c9c"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 _app-0639cf8ab7964046.js Show response
abnormalsecurity.com/_next/static/chunks/pages/ 1 MB
308 KB 34ms
30ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/pages/_app-0639cf8ab7964046.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

ccd97d625b1e72f9e712cc77abe17d9e2ba3d3480a368549b1723b1d4964d544

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
content-encoding: br
x-content-type-options: nosniff
date: Thu, 28 Sep 2023 02:06:34 GMT
strict-transport-security: max-age=63072000
age: 18758
content-disposition: inline; filename="_app-0639cf8ab7964046.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::qrhls-1695866794723-f8313452f24b
x-matched-path: /_next/static/chunks/pages/_app-0639cf8ab7964046.js
etag: W/"29b912717e7594dcae7a301609fbcabe"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 2edb282b-f81471e903dfd1cd.js Show response
abnormalsecurity.com/_next/static/chunks/ 68 KB
26 KB 18ms
14ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/2edb282b-f81471e903dfd1cd.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

62c6cb71f33e94e6ead3bc223297ef4d65e204900f2b56e81f4916b6c9911486

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
content-encoding: br
x-content-type-options: nosniff
date: Thu, 28 Sep 2023 02:06:34 GMT
strict-transport-security: max-age=63072000
age: 18758
content-disposition: inline; filename="2edb282b-f81471e903dfd1cd.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::59rdv-1695866794723-5e2e53f1f471
x-matched-path: /_next/static/chunks/2edb282b-f81471e903dfd1cd.js
etag: W/"650a06501e32aa366c48d74a85358b4b"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 4372-4d235b5ebc1560aa.js Show response
abnormalsecurity.com/_next/static/chunks/ 29 KB
9 KB 22ms
18ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/4372-4d235b5ebc1560aa.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

b05e0d4ac03265d7321b14015108c0f56af94edf37eb6405bdf93942e7adece5

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
content-encoding: br
x-content-type-options: nosniff
date: Thu, 28 Sep 2023 02:06:34 GMT
strict-transport-security: max-age=63072000
age: 18757
content-disposition: inline; filename="4372-4d235b5ebc1560aa.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::cdmwp-1695866794723-4cc5e4273c13
x-matched-path: /_next/static/chunks/4372-4d235b5ebc1560aa.js
etag: W/"acc79c527cc2d1f86c9a335d0dad9264"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 9011-c1ce5d0e75bf1f8c.js Show response
abnormalsecurity.com/_next/static/chunks/ 197 KB
61 KB 66ms
62ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/9011-c1ce5d0e75bf1f8c.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

01fb38973be6db9bf32851e0982974509126310becd8a1ddb25f607dc63bac1a

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
content-encoding: br
x-content-type-options: nosniff
date: Thu, 28 Sep 2023 02:06:34 GMT
strict-transport-security: max-age=63072000
age: 18757
content-disposition: inline; filename="9011-c1ce5d0e75bf1f8c.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::nhvpp-1695866794727-a3e111ed963d
x-matched-path: /_next/static/chunks/9011-c1ce5d0e75bf1f8c.js
etag: W/"3f93c6982ea0691fafcc30820a703fa2"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 3570-4a28c69e54bd0e85.js Show response
abnormalsecurity.com/_next/static/chunks/ 109 KB
39 KB 25ms
21ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/3570-4a28c69e54bd0e85.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

3f14051e7cfb47b25a86f77e8eda8b9387dbd7180479d162ffd7d6c035590dca

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
content-encoding: br
x-content-type-options: nosniff
date: Thu, 28 Sep 2023 02:06:34 GMT
strict-transport-security: max-age=63072000
age: 18756
content-disposition: inline; filename="3570-4a28c69e54bd0e85.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::znllt-1695866794724-3681a2162581
x-matched-path: /_next/static/chunks/3570-4a28c69e54bd0e85.js
etag: W/"77cbcdde5bd61ce983e630be28a03f45"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 7062-622f54b6e97f6ecb.js Show response
abnormalsecurity.com/_next/static/chunks/ 52 KB
16 KB 35ms
32ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/7062-622f54b6e97f6ecb.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

c4dd3582a34018678a2beda63f772e2916de331f44d6b795ab701767781bbb1b

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
content-encoding: br
x-content-type-options: nosniff
date: Thu, 28 Sep 2023 02:06:34 GMT
strict-transport-security: max-age=63072000
age: 18757
content-disposition: inline; filename="7062-622f54b6e97f6ecb.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::9ptzh-1695866794724-7c61ca6bd337
x-matched-path: /_next/static/chunks/7062-622f54b6e97f6ecb.js
etag: W/"57f8281aa5e6584f8e1c827639ab6efc"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 8988-8bafa0a34afec0d9.js Show response
abnormalsecurity.com/_next/static/chunks/ 8 KB
4 KB 24ms
21ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/8988-8bafa0a34afec0d9.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

f677aee0f89928c0e141a63fb9fd7bddf14c809d91852e51a9d877f09bbcc2b5

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
content-encoding: br
x-content-type-options: nosniff
date: Thu, 28 Sep 2023 02:06:34 GMT
strict-transport-security: max-age=63072000
age: 18757
content-disposition: inline; filename="8988-8bafa0a34afec0d9.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::pmm2p-1695866794724-f8d47ce48614
x-matched-path: /_next/static/chunks/8988-8bafa0a34afec0d9.js
etag: W/"b1f0049086d8c05365cd3adc0d4cbf87"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 2459-26c93fbd5e5c70f4.js Show response
abnormalsecurity.com/_next/static/chunks/ 54 KB
19 KB 28ms
24ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/2459-26c93fbd5e5c70f4.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

daab30dc018c24b75c62521ab4e61c917a390127c2cf4eef5a56506f9e265239

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
content-encoding: br
x-content-type-options: nosniff
date: Thu, 28 Sep 2023 02:06:34 GMT
strict-transport-security: max-age=63072000
age: 18756
content-disposition: inline; filename="2459-26c93fbd5e5c70f4.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::dpjs8-1695866794724-d6198ac4e8df
x-matched-path: /_next/static/chunks/2459-26c93fbd5e5c70f4.js
etag: W/"8eb6c2334f69737a64c994ffa7975b3a"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 1485-3f343ac4590755dd.js Show response
abnormalsecurity.com/_next/static/chunks/ 12 KB
5 KB 22ms
19ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/1485-3f343ac4590755dd.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

3a8065364d42327bd2aafa0c605c23593534f7a3e51ad77ea8a3ba142e7d219a

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
content-encoding: br
x-content-type-options: nosniff
date: Thu, 28 Sep 2023 02:06:34 GMT
strict-transport-security: max-age=63072000
age: 18756
content-disposition: inline; filename="1485-3f343ac4590755dd.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::bjprh-1695866794724-e87168da9356
x-matched-path: /_next/static/chunks/1485-3f343ac4590755dd.js
etag: W/"8de48a30c71860dad81f29d6f1faff63"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 6634-e8dfc0b88aa41609.js Show response
abnormalsecurity.com/_next/static/chunks/ 46 KB
18 KB 62ms
59ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/6634-e8dfc0b88aa41609.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

0b0d5e258caa63b6b4d94b077e65c92540ad7c314a26df07808b21db086e160e

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
content-encoding: br
x-content-type-options: nosniff
date: Thu, 28 Sep 2023 02:06:34 GMT
strict-transport-security: max-age=63072000
age: 18755
content-disposition: inline; filename="6634-e8dfc0b88aa41609.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::bjprh-1695866794729-18257f8af2bf
x-matched-path: /_next/static/chunks/6634-e8dfc0b88aa41609.js
etag: W/"a3c66bc332d9604f1aea385fc8a6d9bd"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 1862-7be4d8afdc2f8f45.js Show response
abnormalsecurity.com/_next/static/chunks/ 51 KB
19 KB 48ms
45ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/1862-7be4d8afdc2f8f45.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

8ae787eebe851df2c8d37b2b4dadbab52b4e6e6b7bf6de8592a23a7216161efa

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
content-encoding: br
x-content-type-options: nosniff
date: Thu, 28 Sep 2023 02:06:34 GMT
strict-transport-security: max-age=63072000
age: 18756
content-disposition: inline; filename="1862-7be4d8afdc2f8f45.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::pmm2p-1695866794728-1b69b75b7a8c
x-matched-path: /_next/static/chunks/1862-7be4d8afdc2f8f45.js
etag: W/"7fceec19241f4261c8fe031bd7a259f8"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 1620-02c3a80752fd7dfe.js Show response
abnormalsecurity.com/_next/static/chunks/ 18 KB
6 KB 55ms
52ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/1620-02c3a80752fd7dfe.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

bfa1307f65a89a7aa9baa04b08c4ea77179286afc87645cb795a3056e59f25ac

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
content-encoding: br
x-content-type-options: nosniff
date: Thu, 28 Sep 2023 02:06:34 GMT
strict-transport-security: max-age=63072000
age: 18755
content-disposition: inline; filename="1620-02c3a80752fd7dfe.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::dpjs8-1695866794729-48e0605a5cf5
x-matched-path: /_next/static/chunks/1620-02c3a80752fd7dfe.js
etag: W/"2def411a2592577f235f3b99d2208b5b"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 4289-e8890ea9a04456e0.js Show response
abnormalsecurity.com/_next/static/chunks/ 15 KB
5 KB 51ms
48ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/4289-e8890ea9a04456e0.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

7452557d6b899f506b6e4f32a86d9df898615dfc648e034afb6d88f2ce0c26e0

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
content-encoding: br
x-content-type-options: nosniff
date: Thu, 28 Sep 2023 02:06:34 GMT
strict-transport-security: max-age=63072000
age: 18755
content-disposition: inline; filename="4289-e8890ea9a04456e0.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::g9grw-1695866794728-2454d34bae9d
x-matched-path: /_next/static/chunks/4289-e8890ea9a04456e0.js
etag: W/"02678bf4d68776a7320e671634c4b0b4"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 3936-cbb5c8afcffa58d0.js Show response
abnormalsecurity.com/_next/static/chunks/ 21 KB
7 KB 51ms
48ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/3936-cbb5c8afcffa58d0.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

96e1863c4adb1b1458836f4c2345f2f1db8b9a0b1ecefbd7098248e9fecb890b

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
content-encoding: br
x-content-type-options: nosniff
date: Thu, 28 Sep 2023 02:06:34 GMT
strict-transport-security: max-age=63072000
age: 18755
content-disposition: inline; filename="3936-cbb5c8afcffa58d0.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::59rdv-1695866794729-ab99b7b4f32e
x-matched-path: /_next/static/chunks/3936-cbb5c8afcffa58d0.js
etag: W/"f6a65b84729e0d33175e4b24a369ce7b"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 3836-d5ffc550928d0b79.js Show response
abnormalsecurity.com/_next/static/chunks/ 98 KB
24 KB 56ms
54ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/3836-d5ffc550928d0b79.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

3c30777d8c9aae080e6d47f1eb2b4717a2dfcc3c2fd039dfcd09ebdff7183b89

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
content-encoding: br
x-content-type-options: nosniff
date: Thu, 28 Sep 2023 02:06:34 GMT
strict-transport-security: max-age=63072000
age: 18754
content-disposition: inline; filename="3836-d5ffc550928d0b79.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::dcwd7-1695866794728-a343f8ad8580
x-matched-path: /_next/static/chunks/3836-d5ffc550928d0b79.js
etag: W/"dd97bd9a86c8091084687bf4da7a2d3c"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 %5Bslug%5D-27e6783048d54441.js Show response
abnormalsecurity.com/_next/static/chunks/pages/blog/ 17 KB
6 KB 77ms
75ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/pages/blog/%5Bslug%5D-27e6783048d54441.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e90ffcd82ca0de762838aaf90e5fb735a64749aa44c750dd8812fcd6939093f8

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
content-encoding: br
x-content-type-options: nosniff
date: Thu, 28 Sep 2023 02:06:34 GMT
strict-transport-security: max-age=63072000
age: 15395
content-disposition: inline; filename="[slug]-27e6783048d54441.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::m4tjw-1695866794731-2266f641ce02
x-matched-path: /_next/static/chunks/pages/blog/%5Bslug%5D-27e6783048d54441.js
etag: W/"fbec7b79d13fcd9983b2d71ce56b10e8"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 _buildManifest.js Show response
abnormalsecurity.com/_next/static/nIw8c29F75V6W4WPQaedI/ 7 KB
2 KB 54ms
51ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/nIw8c29F75V6W4WPQaedI/_buildManifest.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

2dc47fb98a6c4cc09538fc1e267ec7e22cff5e0144c1faebd37c8ae78e091f11

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
content-encoding: br
x-content-type-options: nosniff
date: Thu, 28 Sep 2023 02:06:34 GMT
strict-transport-security: max-age=63072000
age: 18754
content-disposition: inline; filename="_buildManifest.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::59rdv-1695866794729-5bfd6fd0f951
x-matched-path: /_next/static/nIw8c29F75V6W4WPQaedI/_buildManifest.js
etag: W/"18c03139c0e57198e42660e5b1afbd12"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 _ssgManifest.js Show response
abnormalsecurity.com/_next/static/nIw8c29F75V6W4WPQaedI/ 1 KB
546 B 48ms
45ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/nIw8c29F75V6W4WPQaedI/_ssgManifest.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

815755b9ab99608198875734c24bfe4c2e26cbcd6811caae13ad8a8500c19fd1

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
content-encoding: br
x-content-type-options: nosniff
date: Thu, 28 Sep 2023 02:06:34 GMT
strict-transport-security: max-age=63072000
age: 18754
content-disposition: inline; filename="_ssgManifest.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::bjprh-1695866794729-612bd2ece6ec
x-matched-path: /_next/static/nIw8c29F75V6W4WPQaedI/_ssgManifest.js
etag: W/"21a8968b1b5dd8a98ebe5151fcc0348a"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 64e37afea593954b6e60f08f Show response
abnormalsecurity.outgrow.us/ Frame 8CA4 6 KB
7 KB 360ms
99ms Document
text/html 52.22.23.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.outgrow.us/64e37afea593954b6e60f08f

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.22.23.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-23-118.compute-1.amazonaws.com

Software

Apache/2.4.57 () OpenSSL/1.0.2k-fips /

Resource Hash

75685d1434befafbef4b1516d437de3c7bf5ca6b255c44db8c7f03679eaf5c0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=600
content-length: 6614
content-type: text/html; charset=UTF-8
date: Thu, 28 Sep 2023 02:06:35 GMT
etag: "19d6-605eeede7a300"
expires: Thu, 28 Sep 2023 02:16:35 GMT
last-modified: Fri, 22 Sep 2023 09:06:52 GMT
server: Apache/2.4.57 () OpenSSL/1.0.2k-fips
strict-transport-security: max-age=63072000; includeSubdomains;preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 80 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b0132cf0dae0361cd4feca1b230ee0655f885036718e51f479fa5d128a4e4107

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 chatV2.css
dyv6f9ner1ir9.cloudfront.net/assets/css/shared/ 8 KB
3 KB 83ms
8ms Stylesheet
text/css 2600:9000:214f:de00:3:eee:d40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dyv6f9ner1ir9.cloudfront.net/assets/css/shared/chatV2.css

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/css/5ffe9d69e34904a1.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:de00:3:eee:d40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ad567b1d6b357690a4aad1a0a76618c552cc0f90befc02200b5e0872c889d5a0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; base-uri 'none'; form-action 'self'; block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 07:14:01 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'; base-uri 'none'; form-action 'self'; block-all-mixed-content
content-encoding: gzip
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
age: 5856754
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 14 Jul 2023 11:10:29 GMT
server: AmazonS3
etag: W/"dd55910e9135810e13bc857aaaa0085b"
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31622400
permissions-policy: interest-cohort=()
x-amz-cf-id: dvVPWjHMPJCUMmY-qpbK0CRQVNKLZ2eN6ARRdBP4K3H2iKAEatjp9w==

GET
H2 200 icon
fonts.googleapis.com/ 569 B
775 B 39ms
16ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/css/5ffe9d69e34904a1.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 28 Sep 2023 02:06:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 02:06:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Sep 2023 02:06:34 GMT

GET
H2 200 Healthcare1.png
optimise2.assets-servd.host/gifted-zorilla/production/images/blog/ 339 B
901 B 116ms
72ms Image
image/jpeg 2606:4700:20::681a:8b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimise2.assets-servd.host/gifted-zorilla/production/images/blog/Healthcare1.png?w=10&h=10&q=80&fm=jpg&fit=crop&crop=focalpoint&fp-x=0.5&fp-y=0.5&dm=1695231458&s=96f40f118045774a1c30479059c12625
Requested by: Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 609f9e4c24c94d72bc7a1bd7c8a6a3d968ec942f2d78e226c0eb189552533848

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from: Cache EU
date: Thu, 28 Sep 2023 02:06:34 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2F37KvB%2BcuzYCQbmnaNyxa4d1G%2BDUt7w%2Fmpv0aE%2FsuZQmgtzP0zaCnSmVNn9%2B%2F6%2FvCKI0fdAMAQ2IW7BBIwZhkFblpuKAsJYdMMFy9hc7Na%2BODioNWIu4fi5BF2N%2F5lmqwuRt7e04juaLUSyEu3xW1m%2FIrvdKE2bPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000
cross-origin-resource-policy: cross-origin
x-servd-hash: ac2295d44104cdc30a40a91ec0f9b382
cf-ray: 80d86d8bf9e53808-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 TWKEverett-Regular-web.woff2
abnormalsecurity.com/fonts/ 53 KB
54 KB 12ms
12ms Font
font/woff2 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/fonts/TWKEverett-Regular-web.woff2

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/css/5ffe9d69e34904a1.css

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

94de5c66331cd244e69ce3df84813f93c2213d748c7eefdbb20ac6e461faac0e

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://abnormalsecurity.com/_next/static/css/5ffe9d69e34904a1.css
Origin: https://abnormalsecurity.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
date: Thu, 28 Sep 2023 02:06:34 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
age: 18988
content-disposition: inline; filename="TWKEverett-Regular-web.woff2"
content-length: 54524
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::59rdv-1695866794837-7c1db16dcfec
x-matched-path: /fonts/TWKEverett-Regular-web.woff2
etag: "f9a6c0ce187482f10a21a2d865025278"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=315360000
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
accept-ranges: bytes
access-control-allow-headers: Content-Type

GET
H2 200 Healthcare2.png
optimise2.assets-servd.host/gifted-zorilla/production/images/blog/ 344 B
663 B 115ms
73ms Image
image/jpeg 2606:4700:20::681a:8b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimise2.assets-servd.host/gifted-zorilla/production/images/blog/Healthcare2.png?w=10&h=10&q=80&fm=jpg&fit=crop&crop=focalpoint&fp-x=0.5&fp-y=0.5&dm=1695231460&s=7db5b366ca5275d83bb4deacc55097a0
Requested by: Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 641a10316e6b12175c46755787ff673be36d5c5937e06acb7d4744b54b0659d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from: Cache EU
date: Thu, 28 Sep 2023 02:06:34 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tj9wjuQttRlsL9AYzctUzhzp9aI%2FjBLNKLeLmYQz6kh1zdQT2502fQD99D6PBtZd45E8VDXiltvwFzAlgOnDhsVRksiVVBfeA8rLf6MjXVPd66ke%2FUAJfDusppmNwqdwesQ1mIKLyMUGTbVo61vaB8vqeLeMg5ByhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000
cross-origin-resource-policy: cross-origin
x-servd-hash: 4fcca80727c989e14e1a8b2afa843dd0
cf-ray: 80d86d8bf9e73808-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 Healthcare3.png
optimise2.assets-servd.host/gifted-zorilla/production/images/blog/ 318 B
661 B 911ms
870ms Image
image/jpeg 2606:4700:20::681a:8b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optimise2.assets-servd.host/gifted-zorilla/production/images/blog/Healthcare3.png?w=10&h=10&q=80&fm=jpg&fit=crop&crop=focalpoint&fp-x=0.5&fp-y=0.5&dm=1695231462&s=bf88485eda8c6a77b4d00249d60dc827
Requested by: Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f669cbcad98c7c7a6884d7cf7619b34640088a61d732bdf131ef177dae05ab8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-servd-from: Cache EU
date: Thu, 28 Sep 2023 02:06:35 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XxsUa%2F6Iq6nx%2FVGCoOHi7O0Bt4vwZg1pnXWn%2FMo2vzHy4irrbwHHdy6VDga6eSJo3U7xeyb8tCaxi30V91jPmWkzEEBRQJehcNFxhbeDRoKkh0nTxvT8sy1j2se0gdqK7aqLqmFgCv8rhFpXEX2a3Jys0ZsgyPgMsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000
cross-origin-resource-policy: cross-origin
x-servd-hash: 971094eecc2f7edf9886ec6f61c7ba70
cf-ray: 80d86d8bf9e83808-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 125 KB
126 KB 30ms
8ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://abnormalsecurity.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 07:35:16 GMT
x-content-type-options: nosniff
age: 498678
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Sep 2024 07:35:16 GMT

GET
H2 200 TWKEverett-Bold-web.woff2
abnormalsecurity.com/fonts/ 60 KB
60 KB 13ms
12ms Font
font/woff2 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/fonts/TWKEverett-Bold-web.woff2

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/css/5ffe9d69e34904a1.css

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

4a6588416e2d67985b8e7595c5ae89d32b3176197566f8e256a1bc8d75e26b32

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://abnormalsecurity.com/_next/static/css/5ffe9d69e34904a1.css
Origin: https://abnormalsecurity.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
date: Thu, 28 Sep 2023 02:06:34 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
age: 18749
content-disposition: inline; filename="TWKEverett-Bold-web.woff2"
content-length: 61376
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::bjprh-1695866794844-8316a3b42780
x-matched-path: /fonts/TWKEverett-Bold-web.woff2
etag: "5c80ceb188e4930bccf3be1166b8f115"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=315360000
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
accept-ranges: bytes
access-control-allow-headers: Content-Type

GET
H2 200 TWKEverett-BoldItalic-web.woff2
abnormalsecurity.com/fonts/ 63 KB
63 KB 12ms
12ms Font
font/woff2 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/fonts/TWKEverett-BoldItalic-web.woff2

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/css/5ffe9d69e34904a1.css

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

fcd5fc46e77728b0e5da04b51d40abd649eabcf637eb29ef884f668a52164d57

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://abnormalsecurity.com/_next/static/css/5ffe9d69e34904a1.css
Origin: https://abnormalsecurity.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
date: Thu, 28 Sep 2023 02:06:34 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
age: 199
content-disposition: inline; filename="TWKEverett-BoldItalic-web.woff2"
content-length: 64112
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::59rdv-1695866794845-247f81dc27c1
x-matched-path: /fonts/TWKEverett-BoldItalic-web.woff2
etag: "4291e56bdaa232615ce51b3d3b67fb2d"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=315360000
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
accept-ranges: bytes
access-control-allow-headers: Content-Type

GET
H2 200 image
abnormalsecurity.com/_next/ 4 KB
4 KB 11ms
10ms Image
image/avif 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abnormalsecurity.com/_next/image?url=https%3A%2F%2Foptimise2.assets-servd.host%2Fgifted-zorilla%2Fproduction%2Fimages%2Fblog%2Fauthor-mike-britton.png%3Fw%3D30%26h%3D30%26auto%3Dcompress%252Cformat%26fit%3Dcrop%26dm%3D1675097633%26s%3Da41db20d07e66478a0bb222ab6994419&w=90&q=75

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

3e8c8ce8d9b11dbfe75e3e449d459dd6a14a53fc787de6dd54496c0ef11bd5a2

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
date: Thu, 28 Sep 2023 02:00:43 GMT
strict-transport-security: max-age=63072000
age: 350
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="author-mike-britton.avif"
content-length: 3677
last-modified: Thu, 28 Sep 2023 02:00:43 GMT
server: Vercel
x-vercel-id: fra1::bjprh-1695866794863-dbfa67616082
x-vercel-cache: HIT
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=2073600, must-revalidate
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 image
abnormalsecurity.com/_next/ 6 KB
6 KB 12ms
12ms Image
image/avif 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abnormalsecurity.com/_next/image?url=https%3A%2F%2Foptimise2.assets-servd.host%2Fgifted-zorilla%2Fproduction%2Fimages%2Fblog%2FB_HealthCare.png%3Fw%3D760%26h%3D760%26q%3D80%26fm%3Djpg%26fit%3Dcrop%26crop%3Dfocalpoint%26fp-x%3D0.5%26fp-y%3D0.5%26dm%3D1695306710%26s%3De8ac5992170b7a8c44aee77b76efd49f&w=380&q=75

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e9d78f1add662ac34c5323dbc2c18c1427db3aa89a28de2fd43aaf88a640b4d1

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
date: Tue, 26 Sep 2023 13:22:19 GMT
strict-transport-security: max-age=63072000
age: 132255
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="B_HealthCare.avif"
content-length: 6019
last-modified: Tue, 26 Sep 2023 13:22:19 GMT
server: Vercel
x-vercel-id: fra1::m4tjw-1695866794863-df639ad005cd
x-vercel-cache: HIT
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=2073600, must-revalidate
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 image
abnormalsecurity.com/_next/ 22 KB
23 KB 141ms
141ms Image
image/avif 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abnormalsecurity.com/_next/image?url=https%3A%2F%2Foptimise2.assets-servd.host%2Fgifted-zorilla%2Fproduction%2Fimages%2Fproduct%2FIntegrates-Insights-Reporting-09.08.22.png%3Fw%3D2006%26h%3D992%26auto%3Dcompress%252Cformat%26fit%3Dcrop%26dm%3D1675097758%26s%3Db6cf30a4050cda175029a9b7913246cc&w=1050&q=75

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

8a7b40c29ae8221a5fadfcd80d46d448e36c37f8fed6e988bb47f7e28a30a6c3

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
date: Wed, 27 Sep 2023 18:58:16 GMT
strict-transport-security: max-age=63072000
age: 25698
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="Integrates-Insights-Reporting-09.avif"
content-length: 22964
last-modified: Wed, 27 Sep 2023 18:58:16 GMT
server: Vercel
x-vercel-id: fra1::pmm2p-1695866794863-7593db26df5e
x-vercel-cache: HIT
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=2073600, must-revalidate
accept-ranges: bytes
timing-allow-origin: *

OPTIONS
H2 200 graphql
cms.abnormalsecurity.com/ Frame 0
0 390ms
128ms Preflight
text/html 167.172.14.134
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cms.abnormalsecurity.com/graphql

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.14.134 , United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://abnormalsecurity.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, X-Craft-Authorization, X-Craft-Token
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 28 Sep 2023 02:06:35 GMT
strict-transport-security: max-age=15724800
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 graphql Show response
cms.abnormalsecurity.com/ 6 KB
1 KB 167ms
164ms Fetch
application/json 167.172.14.134
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cms.abnormalsecurity.com/graphql

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/9011-c1ce5d0e75bf1f8c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.14.134 , United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

79bbba7d7d24ffc8e5b1e3ed0131e709be8f87b5cd16c3e72871910859f56379

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
accept-language: de-DE,de;q=0.9
Authorization: Bearer he3ov7WMe88DxirU9L5BeVDxGCGYnzCF
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 28 Sep 2023 02:06:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, X-Craft-Authorization, X-Craft-Token
x-xss-protection: 1; mode=block

GET
H2 200 script.js Show response
abnormalsecurity.com/_vercel/insights/ 2 KB
1 KB 17ms
17ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_vercel/insights/script.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/pages/_app-0639cf8ab7964046.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

19c62c2417f2a4d1cebe829a2bd29bcf48f108fbb8b01c39d98f1dff2643f7b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:06:35 GMT
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: Vercel
x-vercel-id: fra1:fra1:fra1::swwdn-1695866795265-3c37781e3d94
age: 95
etag: W/"2824a07c23a57160bc15c909089e0b89"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=600
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="script.js"

POST
H2 200 vitals
vitals.vercel-insights.com/v1/ 2 B
166 B 117ms
31ms Ping
text/plain 54.171.44.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vitals.vercel-insights.com/v1/vitals
Requested by: Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/main-cd8cecc4f4bc68c8.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.44.183 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-44-183.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 28 Sep 2023 02:06:35 GMT
x-ratelimit-reset: 60
x-ratelimit-limit: 1000
cross-origin-resource-policy: cross-origin
content-length: 2
x-ratelimit-remaining: 999
content-type: text/plain; charset=utf-8

GET
H2 200 bootstrap.min.css
cdn.outgrow.us/assets/css/shared/ Frame 8CA4 118 KB
16 KB 45ms
10ms Stylesheet
text/css 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.outgrow.us/assets/css/shared/bootstrap.min.css

Requested by

Host: abnormalsecurity.outgrow.us
URL: https://abnormalsecurity.outgrow.us/64e37afea593954b6e60f08f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

49486fb624bd05fb1ef21c3ba7c375bfc893034458b8330c5472b381ce21cea9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.outgrow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
x-content-type-options: nosniff
date: Thu, 28 Sep 2023 02:06:35 GMT
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16074
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230055-FRA
x-ua-compatible: ie=edge
last-modified: Fri, 22 Sep 2023 09:07:05 GMT
x-timer: S1695866795.332947,VS0,VE0
etag: "79382494882cfee6696fdd420c9898ff2278e369633d90e9f7a4e8600f597bcc-br"
vary: x-fh-requested-host, accept-encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31556952
accept-ranges: bytes
x-cache-hits: 40

GET
H2 200 jquery.min.js Show response
cdn.outgrow.us/assets/js/ Frame 8CA4 84 KB
26 KB 45ms
11ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.outgrow.us/assets/js/jquery.min.js

Requested by

Host: abnormalsecurity.outgrow.us
URL: https://abnormalsecurity.outgrow.us/64e37afea593954b6e60f08f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fdce77a6d0053f32d231518a84a71bcab5c86045ed52369da00b89d4284aef46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.outgrow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
x-content-type-options: nosniff
date: Thu, 28 Sep 2023 02:06:35 GMT
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26924
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230055-FRA
x-ua-compatible: ie=edge
last-modified: Fri, 22 Sep 2023 09:07:05 GMT
x-timer: S1695866795.332929,VS0,VE0
etag: "a34f05ebcf2a3dd89b7da3636523f954e9e2f2b078ba512870a4aa90eb8fe4be-br"
vary: x-fh-requested-host, accept-encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31556952
accept-ranges: bytes
x-cache-hits: 40

GET
H2 200 handsontable.full.min.css
cdn.jsdelivr.net/npm/handsontable@12.0/dist/ Frame 8CA4 37 KB
9 KB 36ms
17ms Stylesheet
text/css 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/handsontable@12.0/dist/handsontable.full.min.css

Requested by

Host: abnormalsecurity.outgrow.us
URL: https://abnormalsecurity.outgrow.us/64e37afea593954b6e60f08f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d392de8e184fb7a20e74b3d9100c85ad80c44948185894b9f52e88924724225

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.outgrow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:06:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 26541
x-jsd-version: 12.0.1
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230081-FRA, cache-yyz4564-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"92df-WpqL2FuRD7Gl+yZe1fniGbMQMpY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YrxZhHtuukl65UjrsIfcbbxc4QjGMBzIVxzvDmCi39L6T5ZTK0GponB9kkhqm3ahbLeKwu4j99p4r8bX63eS6abnGX7ZvaJIqrTfRKfuP1U83GnQX72qpJM7WpWx8iu9x3U6ZhKnvY8J9lS%2FzXI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 80d86d8ebc1f9207-FRA

GET
H2 200 styles.31d6cfe0d16ae931b73c.css
cdn.outgrow.us/ Frame 8CA4 0
412 B 44ms
10ms Stylesheet
text/css 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.outgrow.us/styles.31d6cfe0d16ae931b73c.css

Requested by

Host: abnormalsecurity.outgrow.us
URL: https://abnormalsecurity.outgrow.us/64e37afea593954b6e60f08f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.outgrow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
date: Thu, 28 Sep 2023 02:06:35 GMT
x-content-type-options: nosniff
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 0
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230055-FRA
x-ua-compatible: ie=edge
last-modified: Fri, 22 Sep 2023 09:07:05 GMT
x-timer: S1695866795.332936,VS0,VE0
etag: "f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec"
vary: x-fh-requested-host, accept-encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31556952
accept-ranges: bytes
x-cache-hits: 41

GET
H2 200 65cWdRURGyuAMNnIltNw_og_logo.png
dlvkyia8i4zmz.cloudfront.net/ Frame 8CA4 1 KB
2 KB 58ms
7ms Image
image/png 2600:9000:223c:3a00:1:57c7:dac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dlvkyia8i4zmz.cloudfront.net/65cWdRURGyuAMNnIltNw_og_logo.png
Requested by: Host: abnormalsecurity.outgrow.us
URL: https://abnormalsecurity.outgrow.us/64e37afea593954b6e60f08f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:3a00:1:57c7:dac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8e12b9fe62d0f82f3731ab55c398ae09def0d738416247e3e16dd19b6d1594f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.outgrow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 00:06:58 GMT
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
last-modified: Tue, 16 Mar 2021 10:37:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 9856778
etag: "5528f7af37c18bcc67be36c5901d42cc"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=31622400
accept-ranges: bytes
content-length: 1525
x-amz-cf-id: eExzBzyzu7XgnP2Yw5RPjNRmubG6B5Jz9MNtChb2cIbTtP0YHEIV0g==

GET
H2 200 bootstrap.min.js Show response
cdn.outgrow.us/assets/js/ Frame 8CA4 36 KB
9 KB 9ms
7ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.outgrow.us/assets/js/bootstrap.min.js

Requested by

Host: abnormalsecurity.outgrow.us
URL: https://abnormalsecurity.outgrow.us/64e37afea593954b6e60f08f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.outgrow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
x-content-type-options: nosniff
date: Thu, 28 Sep 2023 02:06:35 GMT
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8653
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230055-FRA
x-ua-compatible: ie=edge
last-modified: Fri, 22 Sep 2023 09:07:05 GMT
x-timer: S1695866796.562759,VS0,VE0
etag: "25723d427bb9af0ca520667f115a1034b89ed2cbb5cb17124ddce4fcb5ce686c-br"
vary: x-fh-requested-host, accept-encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31556952
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.14.1/ Frame 8CA4 57 KB
18 KB 36ms
13ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.14.1/moment.min.js

Requested by

Host: abnormalsecurity.outgrow.us
URL: https://abnormalsecurity.outgrow.us/64e37afea593954b6e60f08f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0defdc819a00920beaa312fdc89a49ccf1f2a335044c59d2bfb11019f416438a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.outgrow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:06:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4063299
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 18022
last-modified: Thu, 22 Jun 2023 11:09:23 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942be3-4666"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hQ8gKt0zHr7q0OHHamNydF8jALPIWO35qz%2F0UuyW2%2FtN4Se34YjJYyIYJNE1M5346dKXEb1IodNe4rNanu%2FYkzDKoyjwE5l6KHnhkKhIL2U5qNcLKXR4piOuntc78IgnCmYcHP8K0IvUZCPOe9Jwe41B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 80d86d906d799bd4-FRA
expires: Tue, 17 Sep 2024 02:06:35 GMT

GET
H2 200 filestack.js Show response
static.filestackapi.com/v3/ Frame 8CA4 104 KB
30 KB 76ms
6ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.filestackapi.com/v3/filestack.js
Requested by: Host: abnormalsecurity.outgrow.us
URL: https://abnormalsecurity.outgrow.us/64e37afea593954b6e60f08f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f1bf8dac3f25110d991fa77fc2668d67f0f88e89771a539ee50db3b4b4d563d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.outgrow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:06:35 GMT
content-encoding: gzip
via: 1.1 varnish
x-amz-request-id: FP6A6RM1M5MHT96H
age: 95655
x-cache: HIT
content-length: 30471
x-amz-id-2: T+97D1hxCxn2kMQw0qe01+FMoU9EQrSAHWkYrK6PYQDbuWEmb/aZEPOUvs04LtrlxNfT4n/wmwA=
x-served-by: cache-fra-eddf8230080-FRA
last-modified: Fri, 18 May 2018 20:03:25 GMT
x-timer: S1695866796.631048,VS0,VE0
etag: "f13ab0f0db3e033473cd5ef24bf3a7b8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 runtime-es2015.cf463a8db284ba53b9a8.js Show response
cdn.outgrow.us/ Frame 8CA4 4 KB
2 KB 41ms
7ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.outgrow.us/runtime-es2015.cf463a8db284ba53b9a8.js

Requested by

Host: abnormalsecurity.outgrow.us
URL: https://abnormalsecurity.outgrow.us/64e37afea593954b6e60f08f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ae9306f2b4c411706252921683cfdd3dc2a648cb504ee3e12820c25894b32294

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://abnormalsecurity.outgrow.us/
Origin: https://abnormalsecurity.outgrow.us
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
x-content-type-options: nosniff
date: Thu, 28 Sep 2023 02:06:35 GMT
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1897
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230113-FRA
x-ua-compatible: ie=edge
last-modified: Fri, 22 Sep 2023 09:07:05 GMT
x-timer: S1695866795.332769,VS0,VE0
etag: "2acd718b59f1030b9face717276414af552e70c5bf80980545f4efb51bb5aa37-br"
vary: x-fh-requested-host, accept-encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31556952
accept-ranges: bytes
x-cache-hits: 5

GET
H2 200 polyfills-es2015.777b39586274a08d5f72.js Show response
cdn.outgrow.us/ Frame 8CA4 44 KB
13 KB 42ms
8ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.outgrow.us/polyfills-es2015.777b39586274a08d5f72.js

Requested by

Host: abnormalsecurity.outgrow.us
URL: https://abnormalsecurity.outgrow.us/64e37afea593954b6e60f08f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f1be6617ba107f1e96bcd79ac78ab26e281b1f1b2bda9a46f4d39e241b8ed829

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://abnormalsecurity.outgrow.us/
Origin: https://abnormalsecurity.outgrow.us
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
x-content-type-options: nosniff
date: Thu, 28 Sep 2023 02:06:35 GMT
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 13275
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230113-FRA
x-ua-compatible: ie=edge
last-modified: Fri, 22 Sep 2023 09:07:05 GMT
x-timer: S1695866795.332736,VS0,VE0
etag: "4bd5c12290c4509969ea72c66b66c17884ac60c25e6c59179ccd9de33edf8db5-br"
vary: x-fh-requested-host, accept-encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31556952
accept-ranges: bytes
x-cache-hits: 4

GET
H2 200 main-es2015.f54a06ceb4e366e37cc4.js Show response
cdn.outgrow.us/ Frame 8CA4 1010 KB
187 KB 43ms
9ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.outgrow.us/main-es2015.f54a06ceb4e366e37cc4.js

Requested by

Host: abnormalsecurity.outgrow.us
URL: https://abnormalsecurity.outgrow.us/64e37afea593954b6e60f08f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ab3a4b08ba84d781c4143e5769b485b225ed5af0e4ef91a926009241f3b60c99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://abnormalsecurity.outgrow.us/
Origin: https://abnormalsecurity.outgrow.us
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
x-content-type-options: nosniff
date: Thu, 28 Sep 2023 02:06:35 GMT
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 191662
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230113-FRA
x-ua-compatible: ie=edge
last-modified: Fri, 22 Sep 2023 09:07:05 GMT
x-timer: S1695866795.332921,VS0,VE1
etag: "5f04f5d08ce1b3162916c436f1fb7711e5a11e8cb3d0bb566f25dfa7f2a70352-br"
vary: x-fh-requested-host, accept-encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31556952
accept-ranges: bytes
x-cache-hits: 1

OPTIONS
H2 200 graphql
cms.abnormalsecurity.com/ Frame 0
0 276ms
126ms Preflight
text/html 167.172.14.134
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cms.abnormalsecurity.com/graphql

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.14.134 , United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://abnormalsecurity.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, X-Craft-Authorization, X-Craft-Token
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 28 Sep 2023 02:06:35 GMT
strict-transport-security: max-age=15724800
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 graphql Show response
cms.abnormalsecurity.com/ 6 KB
1 KB 161ms
160ms Fetch
application/json 167.172.14.134
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cms.abnormalsecurity.com/graphql

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/9011-c1ce5d0e75bf1f8c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.14.134 , United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

79bbba7d7d24ffc8e5b1e3ed0131e709be8f87b5cd16c3e72871910859f56379

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
accept-language: de-DE,de;q=0.9
Authorization: Bearer he3ov7WMe88DxirU9L5BeVDxGCGYnzCF
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 28 Sep 2023 02:06:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, X-Craft-Authorization, X-Craft-Token
x-xss-protection: 1; mode=block

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
661 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inconsolata%3Aital%2Cwght%400%2C400%3B0%2C500%3B0%2C600%3B0%2C700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6dea60f79962ab2bff00343db7d9ab8dd9d8c442c94328ffe1e395a9fa81ef1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 28 Sep 2023 02:06:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 01:02:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Sep 2023 02:06:35 GMT

GET
DATA 200
OK truncated
/ 83 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a8b145bb3ef6dae8eda87fc0762994f6134b33b66b106bfcf508eb745f1de158

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 5b44b2eaae896b504d4f83df72a96cba.svg
site-assets.plasmic.app/ 3 KB
950 B 85ms
8ms Image
image/svg+xml 2600:9000:223e:4200:d:1a25:7e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://site-assets.plasmic.app/5b44b2eaae896b504d4f83df72a96cba.svg
Requested by: Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:4200:d:1a25:7e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ac4e49ff0d6f85af4ad5d6694a17031c7f32c9209c771c5c8ddb8f020888e3b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 01:10:10 GMT
x-amz-version-id: UEf87VnS1C0wPqysr3re_lXo60gy5TJO
content-encoding: br
via: 1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 13568186
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 19 Apr 2023 18:16:05 GMT
server: AmazonS3
etag: W/"5b44b2eaae896b504d4f83df72a96cba"
vary: Accept-Encoding, Origin
content-type: image/svg+xml
cache-control: max-age=3600, s-maxage=31536000
x-robots-tag: noindex
x-amz-cf-id: UtzDFxuBM_BVoOOyCZrdXDFr6uV3TuuvSHZfu4VEU5eM08OfZfFE7Q==

POST
H2 200 capture Show response
analytics.plasmic.app/ 13 B
349 B 609ms
193ms Fetch
application/json 34.209.198.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.plasmic.app/capture

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/pages/_app-0639cf8ab7964046.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.209.198.187 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-209-198-187.us-west-2.compute.amazonaws.com

Software

Resource Hash

7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 28 Sep 2023 02:06:35 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
referrer-policy: same-origin
x-frame-options: DENY
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://abnormalsecurity.com
vary: Cookie
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With
content-length: 13

OPTIONS
H2 200 graphql
cms.abnormalsecurity.com/ Frame 0
0 122ms
121ms Preflight
text/html 167.172.14.134
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cms.abnormalsecurity.com/graphql

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.14.134 , United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://abnormalsecurity.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, X-Craft-Authorization, X-Craft-Token
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 28 Sep 2023 02:06:35 GMT
strict-transport-security: max-age=15724800
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 graphql Show response
cms.abnormalsecurity.com/ 6 KB
1 KB 158ms
157ms Fetch
application/json 167.172.14.134
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cms.abnormalsecurity.com/graphql

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/9011-c1ce5d0e75bf1f8c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.14.134 , United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

79bbba7d7d24ffc8e5b1e3ed0131e709be8f87b5cd16c3e72871910859f56379

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
accept-language: de-DE,de;q=0.9
Authorization: Bearer he3ov7WMe88DxirU9L5BeVDxGCGYnzCF
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 28 Sep 2023 02:06:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, X-Craft-Authorization, X-Craft-Token
x-xss-protection: 1; mode=block

GET
H2 200 image
abnormalsecurity.com/_next/ 31 KB
31 KB 193ms
193ms Image
image/avif 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abnormalsecurity.com/_next/image?url=https%3A%2F%2Foptimise2.assets-servd.host%2Fgifted-zorilla%2Fproduction%2Fimages%2Fblog%2FHealthcare1.png%3Fw%3D1536%26h%3D950%26auto%3Dcompress%252Cformat%26fit%3Dcrop%26dm%3D1695231458%26s%3D26efa4927c4676699954280ccb7ed0c8&w=828&q=75

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

4712b5866cf8104d41bb89fbbbbafa4d8dc1077a8495af4033426594b478d36c

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
date: Tue, 26 Sep 2023 13:50:02 GMT
strict-transport-security: max-age=63072000
age: 130593
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="Healthcare1.avif"
content-length: 31738
last-modified: Tue, 26 Sep 2023 13:50:02 GMT
server: Vercel
x-vercel-id: fra1::qrhls-1695866795494-14590886d986
x-vercel-cache: HIT
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=2073600, must-revalidate
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 index.json Show response
abnormalsecurity.com/_next/data/nIw8c29F75V6W4WPQaedI/ 881 KB
173 KB 36ms
35ms Fetch
application/json 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/data/nIw8c29F75V6W4WPQaedI/index.json

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/main-cd8cecc4f4bc68c8.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

54de3d590bc637376fefe86891978b1df1fa237365d792ac3d2d31e380d02145

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

purpose: prefetch
x-nextjs-data: 1
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
accept-language: de-DE,de;q=0.9
x-middleware-prefetch: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
content-encoding: br
x-content-type-options: nosniff
date: Wed, 27 Sep 2023 22:35:11 GMT
strict-transport-security: max-age=63072000
age: 12683
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::sfo1::j2ntq-1695866795549-fff9ddcd26af
x-matched-path: /_next/data/nIw8c29F75V6W4WPQaedI/[[...slug]].json
etag: W/"kzrhywerl1jc4l"
x-vercel-cache: STALE
x-frame-options: SAMEORIGIN
content-type: application/json
cache-control: public, max-age=0, s-maxage=86400, stale-while-revalidate=86400
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
x-nextjs-rewrite: /__pm__plasmic_seed=4
access-control-allow-headers: Content-Type

GET
H2 200 demo.json Show response
abnormalsecurity.com/_next/data/nIw8c29F75V6W4WPQaedI/ 832 KB
172 KB 58ms
57ms Fetch
application/json 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/data/nIw8c29F75V6W4WPQaedI/demo.json?slug=demo

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/main-cd8cecc4f4bc68c8.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

457a5c36349e0ba1d8612340491b9dc6bcf448a70e9975edd9ff5f92e08e15c8

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

purpose: prefetch
x-nextjs-data: 1
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
accept-language: de-DE,de;q=0.9
x-middleware-prefetch: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
content-encoding: br
x-nextjs-matched-path: /[[...slug]]
date: Wed, 27 Sep 2023 20:46:34 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
age: 19201
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::sfo1::pmm2p-1695866795549-d8b64c842ce5
x-matched-path: /_next/data/nIw8c29F75V6W4WPQaedI/[[...slug]].json
etag: W/"1165me4jng8i96o"
x-vercel-cache: STALE
x-frame-options: SAMEORIGIN
content-type: application/json
cache-control: public, max-age=0, s-maxage=86400, stale-while-revalidate=86400
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
x-nextjs-rewrite: /demo/__pm__plasmic_seed=14?slug=demo
access-control-allow-headers: Content-Type

GET
H2 200 mike-britton.json Show response
abnormalsecurity.com/_next/data/nIw8c29F75V6W4WPQaedI/blog/author/ 536 KB
129 KB 35ms
35ms Fetch
application/json 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/data/nIw8c29F75V6W4WPQaedI/blog/author/mike-britton.json?authorSlug=mike-britton

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/main-cd8cecc4f4bc68c8.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

fc257f5783bf52d885a348c51d3839db03e6026c17318872975e0bb98dfe7b33

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

purpose: prefetch
x-nextjs-data: 1
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
accept-language: de-DE,de;q=0.9
x-middleware-prefetch: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
content-encoding: br
x-content-type-options: nosniff
date: Thu, 28 Sep 2023 01:18:49 GMT
strict-transport-security: max-age=63072000
age: 2865
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::sfo1::kkws7-1695866795549-7585afa606e2
x-matched-path: /_next/data/nIw8c29F75V6W4WPQaedI/blog/author/[authorSlug].json
etag: W/"10zzdrmx8o0brik"
x-vercel-cache: STALE
x-frame-options: SAMEORIGIN
content-type: application/json
cache-control: public, max-age=0, s-maxage=86400, stale-while-revalidate=86400
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 demo.json Show response
abnormalsecurity.com/_next/data/nIw8c29F75V6W4WPQaedI/ 832 KB
173 KB 144ms
144ms Fetch
application/json 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/data/nIw8c29F75V6W4WPQaedI/demo.json

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/main-cd8cecc4f4bc68c8.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

44cc14855746def1429a8ec9410f4eff563a6e75fb949cfd7d6a1697c9932442

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

purpose: prefetch
x-nextjs-data: 1
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
content-encoding: br
x-content-type-options: nosniff
date: Thu, 28 Sep 2023 02:05:05 GMT
strict-transport-security: max-age=63072000
age: 89
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::sfo1::9ptzh-1695866795549-364d3a6b29a8
x-matched-path: /_next/data/nIw8c29F75V6W4WPQaedI/[[...slug]].json
etag: W/"i55x7vt0p6i96q"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/json
cache-control: public, max-age=0, s-maxage=86400, stale-while-revalidate=86400
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
x-nextjs-rewrite: /demo/__pm__plasmic_seed=7
access-control-allow-headers: Content-Type

GET
H2 200 2803-023f561e2aabaef6.js
abnormalsecurity.com/_next/static/chunks/ 0
39 KB 12ms
11ms Other
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/2803-023f561e2aabaef6.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/main-cd8cecc4f4bc68c8.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
content-encoding: br
x-content-type-options: nosniff
date: Thu, 28 Sep 2023 02:06:35 GMT
strict-transport-security: max-age=63072000
age: 18756
content-disposition: inline; filename="2803-023f561e2aabaef6.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::bjprh-1695866795550-e16c281b64eb
x-matched-path: /_next/static/chunks/2803-023f561e2aabaef6.js
etag: W/"236aa1a2d050b8ff9da58a8820301233"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 9358-fc56e7c3ae1b37cd.js
abnormalsecurity.com/_next/static/chunks/ 0
6 KB 19ms
18ms Other
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/9358-fc56e7c3ae1b37cd.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/main-cd8cecc4f4bc68c8.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
content-encoding: br
x-content-type-options: nosniff
date: Thu, 28 Sep 2023 02:06:35 GMT
strict-transport-security: max-age=63072000
age: 18717
content-disposition: inline; filename="9358-fc56e7c3ae1b37cd.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::m4tjw-1695866795550-af4afae8c858
x-matched-path: /_next/static/chunks/9358-fc56e7c3ae1b37cd.js
etag: W/"994b4f9a3f78460ec7934fdaa90cad10"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 5192-678adbdbde7ba437.js
abnormalsecurity.com/_next/static/chunks/ 0
30 KB 20ms
19ms Other
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/5192-678adbdbde7ba437.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/main-cd8cecc4f4bc68c8.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
content-encoding: br
x-content-type-options: nosniff
date: Thu, 28 Sep 2023 02:06:35 GMT
strict-transport-security: max-age=63072000
age: 18755
content-disposition: inline; filename="5192-678adbdbde7ba437.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::l27jc-1695866795550-5735eaacd74a
x-matched-path: /_next/static/chunks/5192-678adbdbde7ba437.js
etag: W/"2af58f85b866362885e33f6f0cfdfaf3"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 %5B%5B...slug%5D%5D-cbaca033dae1f6bb.js
abnormalsecurity.com/_next/static/chunks/pages/ 0
4 KB 12ms
12ms Other
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/pages/%5B%5B...slug%5D%5D-cbaca033dae1f6bb.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/main-cd8cecc4f4bc68c8.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
content-encoding: br
x-content-type-options: nosniff
date: Thu, 28 Sep 2023 02:06:35 GMT
strict-transport-security: max-age=63072000
age: 18717
content-disposition: inline; filename="[[...slug]]-cbaca033dae1f6bb.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::srsz2-1695866795550-407721279e7e
x-matched-path: /_next/static/chunks/pages/%5B%5B...slug%5D%5D-cbaca033dae1f6bb.js
etag: W/"4fc2ea92a684698e45b0f473cbd6f5af"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 8CA4 52 KB
21 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: abnormalsecurity.outgrow.us
URL: https://abnormalsecurity.outgrow.us/64e37afea593954b6e60f08f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.outgrow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 28 Sep 2023 01:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1012
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 28 Sep 2023 03:49:43 GMT

POST
H2 200 view Show response
abnormalsecurity.com/_vercel/insights/ 2 B
220 B 118ms
118ms Fetch
text/plain 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_vercel/insights/view

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_vercel/insights/script.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 28 Sep 2023 02:06:35 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::znllt-1695866795574-8ea58eb21e49
x-vercel-cache: MISS
x-ratelimit-remaining: 999
content-type: text/plain; charset=utf-8
cache-control: public, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
x-ratelimit-limit: 1000
x-ratelimit-reset: 60
content-length: 2

OPTIONS
H2 200 graphql
cms.abnormalsecurity.com/ Frame 0
0 129ms
129ms Preflight
text/html 167.172.14.134
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cms.abnormalsecurity.com/graphql

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.14.134 , United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://abnormalsecurity.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, X-Craft-Authorization, X-Craft-Token
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 28 Sep 2023 02:06:35 GMT
strict-transport-security: max-age=15724800
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 graphql Show response
cms.abnormalsecurity.com/ 6 KB
1 KB 158ms
158ms Fetch
application/json 167.172.14.134
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cms.abnormalsecurity.com/graphql

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/9011-c1ce5d0e75bf1f8c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.14.134 , United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

79bbba7d7d24ffc8e5b1e3ed0131e709be8f87b5cd16c3e72871910859f56379

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
accept-language: de-DE,de;q=0.9
Authorization: Bearer he3ov7WMe88DxirU9L5BeVDxGCGYnzCF
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 28 Sep 2023 02:06:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, X-Craft-Authorization, X-Craft-Token
x-xss-protection: 1; mode=block

OPTIONS
H2 204 abnormalsecurity
api-n.outgrow.co/api/v1/builder/get_company_calculator/64e37afea593954b6e60f08f/ Frame 0
0 133ms
37ms Preflight 108.128.94.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-n.outgrow.co/api/v1/builder/get_company_calculator/64e37afea593954b6e60f08f/abnormalsecurity

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.94.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-94-232.eu-west-1.compute.amazonaws.com

Software

nginx/1.22.1 / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://abnormalsecurity.outgrow.us
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-HTTP-Method-Override,Content-Type,Accept,Content-Encoding,Authorization,api-key,employee,content-t
access-control-allow-methods: OPTIONS,GET,POST,PUT,HEAD,DELETE,PATCH
access-control-allow-origin: https://abnormalsecurity.outgrow.us
access-control-expose-headers: content-t
access-control-max-age: 86400
date: Thu, 28 Sep 2023 02:06:35 GMT
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
server: nginx/1.22.1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: deny
x-powered-by: Express
x-xss-protection: 1; mode=block

GET
H2 200 abnormalsecurity Show response
api-n.outgrow.co/api/v1/builder/get_company_calculator/64e37afea593954b6e60f08f/ Frame 8CA4 155 KB
16 KB 175ms
107ms XHR
application/json 108.128.94.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-n.outgrow.co/api/v1/builder/get_company_calculator/64e37afea593954b6e60f08f/abnormalsecurity

Requested by

Host: cdn.outgrow.us
URL: https://cdn.outgrow.us/polyfills-es2015.777b39586274a08d5f72.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.94.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-94-232.eu-west-1.compute.amazonaws.com

Software

nginx/1.22.1 / Express

Resource Hash

f2b5d884aa8c0655e8539fb07fa26dd427b1fa8c67bb5f88cbffa79fd923900c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://abnormalsecurity.outgrow.us/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 28 Sep 2023 02:06:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
x-powered-by: Express
x-cache: Hit from cache
x-xss-protection: 1; mode=block
server: nginx/1.22.1
etag: W/"26d09-2cpjUY78yctFBBI1WpliWLFevag"
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,GET,POST,PUT,HEAD,DELETE,PATCH
content-type: application/json; charset=utf-8
access-control-allow-origin: https://abnormalsecurity.outgrow.us
access-control-expose-headers: content-t
x-frame-options: deny
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-HTTP-Method-Override,Content-Type,Accept,Content-Encoding,Authorization,api-key,employee,content-t

GET
H2 200 %5BauthorSlug%5D-4505cfe318c4173e.js
abnormalsecurity.com/_next/static/chunks/pages/blog/author/ 0
6 KB 15ms
15ms Other
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/pages/blog/author/%5BauthorSlug%5D-4505cfe318c4173e.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/main-cd8cecc4f4bc68c8.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
content-encoding: br
x-content-type-options: nosniff
date: Thu, 28 Sep 2023 02:06:35 GMT
strict-transport-security: max-age=63072000
age: 15392
content-disposition: inline; filename="[authorSlug]-4505cfe318c4173e.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::dcwd7-1695866795711-e8ae52880a71
x-matched-path: /_next/static/chunks/pages/blog/author/%5BauthorSlug%5D-4505cfe318c4173e.js
etag: W/"61d7a94eaca289b9f6c844c9e81b9ec4"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

OPTIONS
H2 200 graphql
cms.abnormalsecurity.com/ Frame 0
0 122ms
122ms Preflight
text/html 167.172.14.134
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cms.abnormalsecurity.com/graphql

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.14.134 , United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://abnormalsecurity.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, X-Craft-Authorization, X-Craft-Token
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 28 Sep 2023 02:06:35 GMT
strict-transport-security: max-age=15724800
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 graphql Show response
cms.abnormalsecurity.com/ 6 KB
1 KB 160ms
160ms Fetch
application/json 167.172.14.134
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cms.abnormalsecurity.com/graphql

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/9011-c1ce5d0e75bf1f8c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.14.134 , United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

79bbba7d7d24ffc8e5b1e3ed0131e709be8f87b5cd16c3e72871910859f56379

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
accept-language: de-DE,de;q=0.9
Authorization: Bearer he3ov7WMe88DxirU9L5BeVDxGCGYnzCF
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 28 Sep 2023 02:06:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, X-Craft-Authorization, X-Craft-Token
x-xss-protection: 1; mode=block

GET
H2 200 2803-023f561e2aabaef6.js Show response
abnormalsecurity.com/_next/static/chunks/ 117 KB
38 KB 14ms
13ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/2803-023f561e2aabaef6.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/main-cd8cecc4f4bc68c8.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

f8ca6673e94dc2e235bca0c68959cc8ce1e7a365b4aaf5cdb3e364b4eb7ba655

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
content-encoding: br
x-content-type-options: nosniff
date: Thu, 28 Sep 2023 02:06:35 GMT
strict-transport-security: max-age=63072000
age: 18756
content-disposition: inline; filename="2803-023f561e2aabaef6.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::dpjs8-1695866795746-37c174a86264
x-matched-path: /_next/static/chunks/2803-023f561e2aabaef6.js
etag: W/"236aa1a2d050b8ff9da58a8820301233"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 9358-fc56e7c3ae1b37cd.js Show response
abnormalsecurity.com/_next/static/chunks/ 17 KB
6 KB 15ms
14ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/9358-fc56e7c3ae1b37cd.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/main-cd8cecc4f4bc68c8.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

157d48a8d90c0d76a7c4b55a11d8058770d75c47485e8a85d8932520d82fc9d2

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
content-encoding: br
x-content-type-options: nosniff
date: Thu, 28 Sep 2023 02:06:35 GMT
strict-transport-security: max-age=63072000
age: 18717
content-disposition: inline; filename="9358-fc56e7c3ae1b37cd.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::wjl2b-1695866795746-818c8e1ee6dd
x-matched-path: /_next/static/chunks/9358-fc56e7c3ae1b37cd.js
etag: W/"994b4f9a3f78460ec7934fdaa90cad10"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 5192-678adbdbde7ba437.js Show response
abnormalsecurity.com/_next/static/chunks/ 287 KB
30 KB 13ms
12ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/5192-678adbdbde7ba437.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/main-cd8cecc4f4bc68c8.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

aa7b85ca08af6648df3d8755429e970e920d57570ad270ab7d1aacf8da594045

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
content-encoding: br
x-content-type-options: nosniff
date: Thu, 28 Sep 2023 02:06:35 GMT
strict-transport-security: max-age=63072000
age: 18755
content-disposition: inline; filename="5192-678adbdbde7ba437.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::cdmwp-1695866795746-6ccdea7c3e90
x-matched-path: /_next/static/chunks/5192-678adbdbde7ba437.js
etag: W/"2af58f85b866362885e33f6f0cfdfaf3"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 %5B%5B...slug%5D%5D-cbaca033dae1f6bb.js Show response
abnormalsecurity.com/_next/static/chunks/pages/ 9 KB
4 KB 12ms
11ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/pages/%5B%5B...slug%5D%5D-cbaca033dae1f6bb.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/main-cd8cecc4f4bc68c8.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

63e390aab33c2fd04fab725ef83792c740303cd4f580752293de1ccd5884185e

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
content-encoding: br
x-content-type-options: nosniff
date: Thu, 28 Sep 2023 02:06:35 GMT
strict-transport-security: max-age=63072000
age: 18717
content-disposition: inline; filename="[[...slug]]-cbaca033dae1f6bb.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::kkws7-1695866795746-2d4806732506
x-matched-path: /_next/static/chunks/pages/%5B%5B...slug%5D%5D-cbaca033dae1f6bb.js
etag: W/"4fc2ea92a684698e45b0f473cbd6f5af"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

GET
H2 200 %5BauthorSlug%5D-4505cfe318c4173e.js Show response
abnormalsecurity.com/_next/static/chunks/pages/blog/author/ 17 KB
6 KB 14ms
14ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://abnormalsecurity.com/_next/static/chunks/pages/blog/author/%5BauthorSlug%5D-4505cfe318c4173e.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/main-cd8cecc4f4bc68c8.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.21 Charlotte, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

7169027a78f62b5ec56ee57a6d44b5d95c3884f8d39e35a4defc8d21e2533be3

Security Headers

Name	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
content-encoding: br
x-content-type-options: nosniff
date: Thu, 28 Sep 2023 02:06:35 GMT
strict-transport-security: max-age=63072000
age: 15392
content-disposition: inline; filename="[authorSlug]-4505cfe318c4173e.js"
x-xss-protection: 1
referrer-policy: same-origin
server: Vercel
x-vercel-id: fra1::bjprh-1695866795750-634e38de583c
x-matched-path: /_next/static/chunks/pages/blog/author/%5BauthorSlug%5D-4505cfe318c4173e.js
etag: W/"61d7a94eaca289b9f6c844c9e81b9ec4"
x-vercel-cache: HIT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), serial=(), sync-script=(), trust-token-redemption=()
access-control-allow-headers: Content-Type

POST
H2 200 vitals
vitals.vercel-insights.com/v1/ 2 B
165 B 34ms
33ms Ping
text/plain 54.171.44.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vitals.vercel-insights.com/v1/vitals
Requested by: Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/_next/static/chunks/main-cd8cecc4f4bc68c8.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.44.183 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-44-183.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 28 Sep 2023 02:06:35 GMT
x-ratelimit-reset: 60
x-ratelimit-limit: 1000
cross-origin-resource-policy: cross-origin
content-length: 2
x-ratelimit-remaining: 999
content-type: text/plain; charset=utf-8

GET
H2 200 osano.js Show response
cmp.osano.com/169lRDSj6676CDt8D/88b78aa1-c424-4eeb-96cb-59809bf84390/ 237 KB
60 KB 81ms
10ms Script
application/javascript 2600:9000:211e:1c00:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/169lRDSj6676CDt8D/88b78aa1-c424-4eeb-96cb-59809bf84390/osano.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:1c00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

58777e2b967af5cdf00a0715ef80c1e984c2e3bb56785f060b66f39f727c643c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 01:01:59 GMT
content-encoding: br
via: 1.1 1c12254585d1d316d9380549d59e3c80.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA56-C2
age: 3876
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 60947
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 14 Sep 2022 18:38:53 GMT
server: CloudFront
etag: "53359b8e9d1895c11660356678f863aa"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=86400, must-revalidate, no-transform
x-amz-cf-id: yezffkKCIGE4bICKt5qF2z6gdHUm64h5Cw-LKpJz1XDalTKcY-g2fQ==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 272 KB
95 KB 50ms
28ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5DSW3JC

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f1622ad087bc54cef5341d8e011b1775da553f6788df2bb5deeaef5b902c1241

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:06:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96678
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 28 Sep 2023 02:06:35 GMT

GET
H/1.1 200
OK st.js Show response
s.swiftypecdn.com/install/v2/ 416 KB
110 KB 58ms
7ms Script
text/javascript 151.101.64.143
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.swiftypecdn.com/install/v2/st.js
Requested by: Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.143 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2d7c7930eb39d59cd8c2dc00652977da3ed72347e7cd465f7b540e10e2121c22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Thu, 28 Sep 2023 02:06:35 GMT
Content-Encoding: gzip
Via: 1.1 varnish
Age: 89
X-Cache: HIT
Connection: keep-alive
Content-Length: 112326
X-Served-By: cache-fra-eddf8230102-FRA
X-Timer: S1695866796.935113,VS0,VE1
ETag: "644bc37e-1b6c6"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, public, max-age=300, public
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H2 200 chatV2.js Show response
dyv6f9ner1ir9.cloudfront.net/assets/js/ 998 B
2 KB 9ms
9ms Script
application/javascript 2600:9000:214f:de00:3:eee:d40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dyv6f9ner1ir9.cloudfront.net/assets/js/chatV2.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:de00:3:eee:d40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

333d71153215f5f9299fa750c8b4b1e774e62f69ba13ee47e14d6385afcc69ec

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; base-uri 'none'; form-action 'self'; block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 06:29:19 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'; base-uri 'none'; form-action 'self'; block-all-mixed-content
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 28928237
x-cache: Hit from cloudfront
content-length: 998
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 28 Oct 2022 06:29:00 GMT
server: AmazonS3
etag: "6e836226ec0cee4ccc1b1ef7c684584d"
x-frame-options: sameorigin
content-type: application/javascript
cache-control: public, max-age=31622400
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-amz-cf-id: nMPCMLkB7ajACDvRVOxbGKQ2YHM1Sd0jTwNEFEt3D5OtWq29HDIPdg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 279 KB
92 KB 26ms
25ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-F60FHP0104&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DSW3JC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

515df4e1aacd33d6a8d1250f3e83ae7c7c6651774f7d9f89a0802f87e0d54ee1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:06:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94304
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 28 Sep 2023 02:06:35 GMT

POST
H2 200 landing
pagead2.googlesyndication.com/pagead/ 42 B
455 B 88ms
24ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=G100&rnd=196198913.1695866796&url=https%3A%2F%2Fabnormalsecurity.com%2Fblog%2Fhealthcare-organizations-email-attacks-2023&gtm=45He39p0n815DSW3JC

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DSW3JC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Sep 2023 02:06:36 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 127 KB
50 KB 61ms
35ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-W9FCZP9

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DSW3JC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3883a1fabb193a3d37f34679fccb3b48485f3123553759231697dacc21f0fd54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:06:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50568
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 28 Sep 2023 02:06:36 GMT

GET
H2 200 6si.min.js Show response
j.6sc.co/ 51 KB
15 KB 95ms
8ms Script
application/javascript 2.17.100.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.184 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

3ac0c589d242920586289eabdd93bf71f3d85bb1c6c8333d3e2deb4e173b61a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Sep 2023 02:06:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 24 Aug 2023 22:29:49 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "64e7d9dd-cc38"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 14993
expires: Thu, 28 Sep 2023 02:06:36 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DSW3JC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 28 Sep 2023 01:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1012
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 28 Sep 2023 03:49:43 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 12 KB
4 KB 61ms
9ms Script
application/x-javascript 2a02:26f0:780::210:a423
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DSW3JC

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::210:a423 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:06:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Sep 2023 13:41:52 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=15621
accept-ranges: bytes
content-length: 3822

GET
H2 200 bat.js Show response
bat.bing.com/ 44 KB
13 KB 97ms
31ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DSW3JC

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 28 Sep 2023 02:06:35 GMT
last-modified: Wed, 06 Sep 2023 22:41:28 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E6DF8AB39F564BAF894029D7AA4751BA Ref B: FRAEDGE1209 Ref C: 2023-09-28T02:06:36Z
etag: "09cc4613e1d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12981

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 54ms
13ms Script
application/x-javascript 23.197.137.224
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: abnormalsecurity.com
URL: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.137.224 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-137-224.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Thu, 28 Sep 2023 02:06:36 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H2

200

55451921-8278-4244-87a2-1e0b878bdae0_eu.js Show response
cdn.mouseflow.com/projects/
Redirect Chain

https://cdn.mouseflow.com/projects/55451921-8278-4244-87a2-1e0b878bdae0.js
https://cdn.mouseflow.com/projects/55451921-8278-4244-87a2-1e0b878bdae0_eu.js

195 KB
58 KB

12ms
12ms

Script
application/javascript

151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.mouseflow.com/projects/55451921-8278-4244-87a2-1e0b878bdae0_eu.js

Protocol

Server

151.139.128.10 Dallas, United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Mouseflow /

Resource Hash

bb79cf544e2d1752c931e446f0bea263d24493d7d6af35acb25f58e13f5c785c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:06:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Tue, 26 Sep 2023 15:00:58 GMT
server: Mouseflow
etag: W/"201022428af0d91:0"
x-cache-status: MISS
x-hw: 1695866796.cds202.fr8.hn,1695866796.cds225.fr8.c
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 58696

Redirect headers

date: Thu, 28 Sep 2023 02:06:36 GMT
x-hw: 1695866796.cds202.fr8.hn,1695866796.cds326.fr8.c
location: https://cdn.mouseflow.com/projects/55451921-8278-4244-87a2-1e0b878bdae0_eu.js
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-hw-loc: https://cdn.mouseflow.com/projects/55451921-8278-4244-87a2-1e0b878bdae0.js
content-length: 0

GET
H/1.1 200
OK MPCTbKVvgW6arYio-yHr.json Show response
s.swiftypecdn.com/install/v2/config/ 19 KB
5 KB 57ms
17ms XHR
application/json 151.101.64.143
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://s.swiftypecdn.com/install/v2/config/MPCTbKVvgW6arYio-yHr.json

Requested by

Host: s.swiftypecdn.com
URL: https://s.swiftypecdn.com/install/v2/st.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.64.143 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e927d7fbd371b71537496dd2bc52f767f2e0f5c23e873075b367b8a5e7a26215

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Thu, 28 Sep 2023 02:06:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Via: 1.1 varnish
X-Permitted-Cross-Domain-Policies: none
Age: 263
X-Cache: HIT
Connection: keep-alive
Content-Length: 4250
X-XSS-Protection: 1; mode=block
X-Request-Id: 290b2c7a96fd97794bcc95614565d106
X-Served-By: cache-fra-eddf8230025-FRA
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 06 Jan 2023 17:39:17 GMT
X-Timer: S1695866796.051275,VS0,VE10
ETag: W/"41ea9ae29cb453065d6ee8ac2b35f23e"
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Access-Control-Max-Age: 7200
Access-Control-Allow-Methods: GET, POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: max-age=300, public
Access-Control-Allow-Credentials: true
Vary: Accept-Encoding, Origin
Accept-Ranges: bytes
X-Cache-Hits: 1

OPTIONS
H2 204 get_pklist
api-n.outgrow.co/api/v1/analytic/ Frame 0
0 41ms
37ms Preflight 108.128.94.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-n.outgrow.co/api/v1/analytic/get_pklist

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.94.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-94-232.eu-west-1.compute.amazonaws.com

Software

nginx/1.22.1 / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://abnormalsecurity.outgrow.us
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-HTTP-Method-Override,Content-Type,Accept,Content-Encoding,Authorization,api-key,employee,content-t
access-control-allow-methods: OPTIONS,GET,POST,PUT,HEAD,DELETE,PATCH
access-control-allow-origin: https://abnormalsecurity.outgrow.us
access-control-expose-headers: content-t
access-control-max-age: 86400
date: Thu, 28 Sep 2023 02:06:36 GMT
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
server: nginx/1.22.1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: deny
x-powered-by: Express
x-xss-protection: 1; mode=block

GET
H2 200 get_pklist Show response
api-n.outgrow.co/api/v1/analytic/ Frame 8CA4 5 KB
3 KB 36ms
36ms XHR
application/json 108.128.94.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-n.outgrow.co/api/v1/analytic/get_pklist

Requested by

Host: cdn.outgrow.us
URL: https://cdn.outgrow.us/polyfills-es2015.777b39586274a08d5f72.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.94.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-94-232.eu-west-1.compute.amazonaws.com

Software

nginx/1.22.1 / Express

Resource Hash

ed18301d8e080d3bb4f4a498b0c4b1ce149f8cd65240fb0175436c861be5f346

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://abnormalsecurity.outgrow.us/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 28 Sep 2023 02:06:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
x-powered-by: Express
x-cache: Hit from cache
x-xss-protection: 1; mode=block
server: nginx/1.22.1
etag: W/"12c6-Pnua+o92KDkknEU+t6SvA+3jIe4"
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,GET,POST,PUT,HEAD,DELETE,PATCH
content-type: application/json; charset=utf-8
access-control-allow-origin: https://abnormalsecurity.outgrow.us
access-control-expose-headers: content-t
x-frame-options: deny
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-HTTP-Method-Override,Content-Type,Accept,Content-Encoding,Authorization,api-key,employee,content-t

GET
H2 200 abnormalsecurity Show response
api-live.outgrow.co/api/v1/companies/sub_domain/ Frame 8CA4 527 B
919 B 81ms
41ms XHR
application/json 108.128.94.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-live.outgrow.co/api/v1/companies/sub_domain/abnormalsecurity

Requested by

Host: cdn.outgrow.us
URL: https://cdn.outgrow.us/polyfills-es2015.777b39586274a08d5f72.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.94.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-94-232.eu-west-1.compute.amazonaws.com

Software

nginx/1.22.1 / Express

Resource Hash

9c1cfecfcb0f198b177bf78c68fad5f85e15917477789c4d6e8d0c175f299600

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://abnormalsecurity.outgrow.us/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:06:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
server: nginx/1.22.1
etag: W/"20f-L8rCFuicRbbhLlePeJpsbPMThsE"
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,GET,POST,PUT,HEAD,DELETE,PATCH
content-type: application/json; charset=utf-8
access-control-allow-origin: https://abnormalsecurity.outgrow.us
access-control-expose-headers: content-t
x-frame-options: deny
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-HTTP-Method-Override,Content-Type,Accept,Content-Encoding,Authorization,api-key,employee,content-t

GET
H2 200 6365434fe10da466c0ef383b Show response
api-live.outgrow.co/api/v1/company/getCompanyCreatedAt/ Frame 8CA4 258 B
805 B 76ms
36ms XHR
application/json 108.128.94.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-live.outgrow.co/api/v1/company/getCompanyCreatedAt/6365434fe10da466c0ef383b

Requested by

Host: cdn.outgrow.us
URL: https://cdn.outgrow.us/polyfills-es2015.777b39586274a08d5f72.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.94.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-94-232.eu-west-1.compute.amazonaws.com

Software

nginx/1.22.1 / Express

Resource Hash

71554d56e302c7431e3a07ea88900e5993ac95933344b86b0c61ef7f3c7bff50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://abnormalsecurity.outgrow.us/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:06:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
server: nginx/1.22.1
etag: W/"102-WcCsgKdkQl9k5x+dqdCsUq4qU4w"
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,GET,POST,PUT,HEAD,DELETE,PATCH
content-type: application/json; charset=utf-8
access-control-allow-origin: https://abnormalsecurity.outgrow.us
access-control-expose-headers: content-t
x-frame-options: deny
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-HTTP-Method-Override,Content-Type,Accept,Content-Encoding,Authorization,api-key,employee,content-t

GET
H3 200 selectize.min.js Show response
cdn.outgrow.us/assets/js/ Frame 8CA4 59 KB
15 KB 16ms
13ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.outgrow.us/assets/js/selectize.min.js

Requested by

Host: cdn.outgrow.us
URL: https://cdn.outgrow.us/main-es2015.f54a06ceb4e366e37cc4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

aadeb6afa8eca318fda70cc6cc6be87b3a7e6657ea64051a0d899115708fe855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.outgrow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
x-content-type-options: nosniff
date: Thu, 28 Sep 2023 02:06:36 GMT
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 14545
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230026-FRA
x-ua-compatible: ie=edge
last-modified: Fri, 22 Sep 2023 09:07:05 GMT
x-timer: S1695866796.035366,VS0,VE0
etag: "168e4c1a6eb5f7b48c5496a63637ec60c998aeed56e5b2c023fb03d9ceef29a9-br"
vary: x-fh-requested-host, accept-encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31556952
accept-ranges: bytes
x-cache-hits: 11

GET
H3 200 math.min.js Show response
cdn.outgrow.us/assets/js/ Frame 8CA4 697 KB
161 KB 23ms
20ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.outgrow.us/assets/js/math.min.js

Requested by

Host: cdn.outgrow.us
URL: https://cdn.outgrow.us/main-es2015.f54a06ceb4e366e37cc4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0a4d88f548b76c4bc0472708cf2500b202a1c618b6e18b6ae97370af87422994

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.outgrow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
x-content-type-options: nosniff
date: Thu, 28 Sep 2023 02:06:36 GMT
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 164342
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230026-FRA
x-ua-compatible: ie=edge
last-modified: Fri, 22 Sep 2023 09:07:05 GMT
x-timer: S1695866796.035547,VS0,VE1
etag: "240aa280959ab3e0ebb2bb1955cdfaa12d0118e80a7b7edaf891c4128404effa-br"
vary: x-fh-requested-host, accept-encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31556952
accept-ranges: bytes
x-cache-hits: 1

GET
H3 200 iFrameResizer.js Show response
cdn.outgrow.us/assets/js/ Frame 8CA4 14 KB
5 KB 17ms
14ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.outgrow.us/assets/js/iFrameResizer.js

Requested by

Host: cdn.outgrow.us
URL: https://cdn.outgrow.us/main-es2015.f54a06ceb4e366e37cc4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

37e06e1f9f0b894fb7ca088663d48a397ec743acc9acbf605945a120d408294f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.outgrow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
x-content-type-options: nosniff
date: Thu, 28 Sep 2023 02:06:36 GMT
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4588
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230026-FRA
x-ua-compatible: ie=edge
last-modified: Fri, 22 Sep 2023 09:07:05 GMT
x-timer: S1695866796.035551,VS0,VE0
etag: "4d9cba3dd945032c63b2aa240aa7106b920f6cdaa394739d95959fa6d950f443-br"
vary: x-fh-requested-host, accept-encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31556952
accept-ranges: bytes
x-cache-hits: 11

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame 8CA4 3 B
23 B 21ms
20ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1195029343&t=pageview&_s=1&dl=https%3A%2F%2Fabnormalsecurity.outgrow.us%2F64e37afea593954b6e60f08f&dr=https%3A%2F%2Fabnormalsecurity.com%2Fblog%2Fhealthcare-organizations-email-attacks-2023&ul=en-us&de=UTF-8&dt=Outgrow&sd=24-bit&sr=1600x1200&vp=400x700&je=0&_u=KEBAAEABEAAAACAAsD~&jid=38291475&gjid=689312216&cid=549720275.1695866796&tid=UA-82253758-1&_gid=1210155897.1695866796&_r=1&_slc=1&z=1487106442

Requested by

Host: cdn.outgrow.us
URL: https://cdn.outgrow.us/polyfills-es2015.777b39586274a08d5f72.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://abnormalsecurity.outgrow.us/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 28 Sep 2023 02:06:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://abnormalsecurity.outgrow.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 8CA4 273 KB
91 KB 29ms
24ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-99F3Z2K9LL&l=ga4dataLayer&debug_mode=true

Requested by

Host: cdn.outgrow.us
URL: https://cdn.outgrow.us/main-es2015.f54a06ceb4e366e37cc4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

85e4b157df11f7946c8354112aa50987f2b0f0fabf3111715b68fbcc9c5a7d82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.outgrow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:06:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93069
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 28 Sep 2023 02:06:36 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame 8CA4 35 B
55 B 14ms
10ms Image
image/gif 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1195029343&t=pageview&_s=2&dl=https%3A%2F%2Fabnormalsecurity.outgrow.us%2F64e37afea593954b6e60f08f&dr=https%3A%2F%2Fabnormalsecurity.com%2Fblog%2Fhealthcare-organizations-email-attacks-2023&dp=%2F64e37afea593954b6e60f08f&ul=en-us&de=UTF-8&dt=Outgrow&sd=24-bit&sr=1600x1200&vp=400x700&je=0&_u=KEBAAEABEAAAACAAsD~&jid=&gjid=&cid=549720275.1695866796&tid=UA-82253758-1&_gid=1210155897.1695866796&z=1060326548

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.outgrow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 06:02:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 72222
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame 8CA4 35 B
55 B 15ms
10ms Image
image/gif 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1195029343&t=pageview&_s=3&dl=https%3A%2F%2Fabnormalsecurity.outgrow.us%2F64e37afea593954b6e60f08f&dr=https%3A%2F%2Fabnormalsecurity.com%2Fblog%2Fhealthcare-organizations-email-attacks-2023&dp=%2F6365434fe10da466c0ef383b&ul=en-us&de=UTF-8&dt=Outgrow&sd=24-bit&sr=1600x1200&vp=400x700&je=0&_u=KEBAAEABEAAAACAAsD~&jid=&gjid=&cid=549720275.1695866796&tid=UA-82253758-1&_gid=1210155897.1695866796&z=1618555667

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.outgrow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 06:02:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 72222
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame 8CA4 35 B
55 B 15ms
10ms Image
image/gif 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1195029343&t=event&_s=4&dl=https%3A%2F%2Fabnormalsecurity.outgrow.us%2F64e37afea593954b6e60f08f&dr=https%3A%2F%2Fabnormalsecurity.com%2Fblog%2Fhealthcare-organizations-email-attacks-2023&ul=en-us&de=UTF-8&dt=Outgrow&sd=24-bit&sr=1600x1200&vp=400x700&je=0&ec=Calculator%20Opened&ea=abnormalsecurity&el=https%3A%2F%2Fabnormalsecurity.outgrow.us%2F64e37afea593954b6e60f08f&_u=KEBAAEABEAAAACAAsD~&jid=&gjid=&cid=549720275.1695866796&tid=UA-82253758-1&_gid=1210155897.1695866796&z=1719760319

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.outgrow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 06:02:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 72222
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK new_embed-2552d8d62d9c60f59b3b11a5d083d1ebd090c72de809fc7c76fb339825302241.css
s.swiftypecdn.com/assets/ 89 KB
34 KB 8ms
8ms Stylesheet
text/css 151.101.64.143
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.swiftypecdn.com/assets/new_embed-2552d8d62d9c60f59b3b11a5d083d1ebd090c72de809fc7c76fb339825302241.css
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/169lRDSj6676CDt8D/88b78aa1-c424-4eeb-96cb-59809bf84390/osano.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.143 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2552d8d62d9c60f59b3b11a5d083d1ebd090c72de809fc7c76fb339825302241

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

X-Cache-Hits: 4390
Date: Thu, 28 Sep 2023 02:06:36 GMT
Content-Encoding: gzip
Via: 1.1 varnish
Age: 2303267
X-Cache: HIT
Connection: keep-alive
Content-Length: 33983
X-Served-By: cache-fra-eddf8230102-FRA
X-Timer: S1695866796.122471,VS0,VE0
ETag: "62b9d076-84bf"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Expires: Sat, 31 Aug 2024 10:18:48 GMT

GET
BLOB 200
OK 58c45b82-53e4-4f85-8c8f-9b214d300757
https://abnormalsecurity.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://abnormalsecurity.com/58c45b82-53e4-4f85-8c8f-9b214d300757
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

POST
H2 204 collect
region1.google-analytics.com/g/ 0
257 B 37ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-F60FHP0104&gtm=45je39p0&_p=150648533&gcs=G100&cid=1158359347.1695866796&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1695866796&sct=1&seg=0&dl=https%3A%2F%2Fabnormalsecurity.com%2Fblog%2Fhealthcare-organizations-email-attacks-2023&dt=Healthcare%20Organizations%20Experience%20279%25%20Increase%20in%E2%80%A6%20%7C%20Abnormal&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-F60FHP0104&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Sep 2023 02:06:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://abnormalsecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 6365434fe10da466c0ef383b
api-n.outgrow.co/api/v1/subscriptionStatus/ Frame 0
0 73ms
73ms Preflight 108.128.94.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-n.outgrow.co/api/v1/subscriptionStatus/6365434fe10da466c0ef383b

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.94.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-94-232.eu-west-1.compute.amazonaws.com

Software

nginx/1.22.1 / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://abnormalsecurity.outgrow.us
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-HTTP-Method-Override,Content-Type,Accept,Content-Encoding,Authorization,api-key,employee,content-t
access-control-allow-methods: OPTIONS,GET,POST,PUT,HEAD,DELETE,PATCH
access-control-allow-origin: https://abnormalsecurity.outgrow.us
access-control-expose-headers: content-t
access-control-max-age: 86400
date: Thu, 28 Sep 2023 02:06:36 GMT
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
server: nginx/1.22.1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: deny
x-powered-by: Express
x-xss-protection: 1; mode=block

OPTIONS
H2 204 visitor_key
api-h.outgrow.co/api/v1/analytic/ Frame 0
0 133ms
35ms Preflight 54.171.34.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-h.outgrow.co/api/v1/analytic/visitor_key

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.171.34.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-34-82.eu-west-1.compute.amazonaws.com

Software

nginx/1.22.1 / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://abnormalsecurity.outgrow.us
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-HTTP-Method-Override,Content-Type,Accept,Content-Encoding,Authorization,api-key,employee,content-t
access-control-allow-methods: OPTIONS,GET,POST,PUT,HEAD,DELETE,PATCH
access-control-allow-origin: https://abnormalsecurity.outgrow.us
access-control-expose-headers: content-t
access-control-max-age: 86400
date: Thu, 28 Sep 2023 02:06:36 GMT
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
server: nginx/1.22.1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: deny
x-powered-by: Express
x-xss-protection: 1; mode=block

OPTIONS
H2 204 en
api-n.outgrow.co/api/v1/locale/get_locale/ Frame 0
0 31ms
31ms Preflight 108.128.94.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-n.outgrow.co/api/v1/locale/get_locale/en

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.94.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-94-232.eu-west-1.compute.amazonaws.com

Software

nginx/1.22.1 / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://abnormalsecurity.outgrow.us
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-HTTP-Method-Override,Content-Type,Accept,Content-Encoding,Authorization,api-key,employee,content-t
access-control-allow-methods: OPTIONS,GET,POST,PUT,HEAD,DELETE,PATCH
access-control-allow-origin: https://abnormalsecurity.outgrow.us
access-control-expose-headers: content-t
access-control-max-age: 86400
date: Thu, 28 Sep 2023 02:06:36 GMT
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
server: nginx/1.22.1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: deny
x-powered-by: Express
x-xss-protection: 1; mode=block

OPTIONS
H2 204 get_file_hash
api-h.outgrow.co/api/v1/builder/ Frame 0
0 132ms
35ms Preflight 54.171.34.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-h.outgrow.co/api/v1/builder/get_file_hash

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.171.34.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-34-82.eu-west-1.compute.amazonaws.com

Software

nginx/1.22.1 / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://abnormalsecurity.outgrow.us
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-HTTP-Method-Override,Content-Type,Accept,Content-Encoding,Authorization,api-key,employee,content-t
access-control-allow-methods: OPTIONS,GET,POST,PUT,HEAD,DELETE,PATCH
access-control-allow-origin: https://abnormalsecurity.outgrow.us
access-control-expose-headers: content-t
access-control-max-age: 86400
date: Thu, 28 Sep 2023 02:06:36 GMT
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
server: nginx/1.22.1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: deny
x-powered-by: Express
x-xss-protection: 1; mode=block

GET
H2 200 6365434fe10da466c0ef383b Show response
api-n.outgrow.co/api/v1/subscriptionStatus/ Frame 8CA4 215 B
775 B 46ms
46ms XHR
application/json 108.128.94.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-n.outgrow.co/api/v1/subscriptionStatus/6365434fe10da466c0ef383b

Requested by

Host: cdn.outgrow.us
URL: https://cdn.outgrow.us/polyfills-es2015.777b39586274a08d5f72.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.94.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-94-232.eu-west-1.compute.amazonaws.com

Software

nginx/1.22.1 / Express

Resource Hash

0f3f1b88e5184dfb3dff0f47e6b9918dc291422f5371763e3ed040282af76d57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://abnormalsecurity.outgrow.us/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 28 Sep 2023 02:06:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
server: nginx/1.22.1
etag: W/"d7-NSe5cu/CqASmnC4imV5kMeF7XS4"
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,GET,POST,PUT,HEAD,DELETE,PATCH
content-type: application/json; charset=utf-8
access-control-allow-origin: https://abnormalsecurity.outgrow.us
access-control-expose-headers: content-t
x-frame-options: deny
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-HTTP-Method-Override,Content-Type,Accept,Content-Encoding,Authorization,api-key,employee,content-t

GET
H3 200 258-es2015.b1f4e24efb297aab1179.js Show response
cdn.outgrow.us/ Frame 8CA4 38 KB
9 KB 8ms
7ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.outgrow.us/258-es2015.b1f4e24efb297aab1179.js

Requested by

Host: cdn.outgrow.us
URL: https://cdn.outgrow.us/runtime-es2015.cf463a8db284ba53b9a8.js

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

49517832730175e88ef1745d25a86aba87092cd3b0ec8056a3585296fc06d76e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.outgrow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
x-content-type-options: nosniff
date: Thu, 28 Sep 2023 02:06:36 GMT
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8498
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230026-FRA
x-ua-compatible: ie=edge
last-modified: Fri, 22 Sep 2023 09:07:05 GMT
x-timer: S1695866796.233508,VS0,VE0
etag: "6ae8b418b4d959838cc9fb07bb1247a5cfd8fa81daf8a706b1159a129b567219-br"
vary: x-fh-requested-host, accept-encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31556952
accept-ranges: bytes
x-cache-hits: 13

GET
H3 200 299-es2015.5a3065d5cab3137dbe3d.js Show response
cdn.outgrow.us/ Frame 8CA4 650 KB
135 KB 9ms
9ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.outgrow.us/299-es2015.5a3065d5cab3137dbe3d.js

Requested by

Host: cdn.outgrow.us
URL: https://cdn.outgrow.us/runtime-es2015.cf463a8db284ba53b9a8.js

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

770fbd6f60607d70164e5717ca22bbad03ab83221a959fabd141028d48e52ff4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.outgrow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
x-content-type-options: nosniff
date: Thu, 28 Sep 2023 02:06:36 GMT
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 137921
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230026-FRA
x-ua-compatible: ie=edge
last-modified: Fri, 22 Sep 2023 09:07:05 GMT
x-timer: S1695866796.233805,VS0,VE1
etag: "14a75d527c635e33ec91d3b1e00411a1a23d33dcfb60fd906f918683524540ae-br"
vary: x-fh-requested-host, accept-encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31556952
accept-ranges: bytes
x-cache-hits: 1

GET
H3 200 124-es2015.067d4c90ce5c65bc1d3a.js Show response
cdn.outgrow.us/ Frame 8CA4 948 KB
161 KB 11ms
10ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.outgrow.us/124-es2015.067d4c90ce5c65bc1d3a.js

Requested by

Host: cdn.outgrow.us
URL: https://cdn.outgrow.us/runtime-es2015.cf463a8db284ba53b9a8.js

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0062e38c4ae2670541000af088d0edecfa951242b9f0baf03d959fe2a770c53f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.outgrow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
x-content-type-options: nosniff
date: Thu, 28 Sep 2023 02:06:36 GMT
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 164640
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230026-FRA
x-ua-compatible: ie=edge
last-modified: Fri, 22 Sep 2023 09:07:05 GMT
x-timer: S1695866796.234147,VS0,VE2
etag: "adb6766be23386f57adea6f6a37a2d70be35a3a704e29857e47d8da8dfc0aa42-br"
vary: x-fh-requested-host, accept-encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31556952
accept-ranges: bytes
x-cache-hits: 1

GET
H3 200 common-es2015.22a0c3e12bc4f6e2d2ab.js Show response
cdn.outgrow.us/ Frame 8CA4 13 KB
4 KB 8ms
7ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.outgrow.us/common-es2015.22a0c3e12bc4f6e2d2ab.js

Requested by

Host: cdn.outgrow.us
URL: https://cdn.outgrow.us/runtime-es2015.cf463a8db284ba53b9a8.js

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9aa3fb65ca76e62bd12a44296e4be03f5d863c8c79f47dba4abc38034556c866

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.outgrow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
x-content-type-options: nosniff
date: Thu, 28 Sep 2023 02:06:36 GMT
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3240
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230026-FRA
x-ua-compatible: ie=edge
last-modified: Fri, 22 Sep 2023 09:07:05 GMT
x-timer: S1695866796.234136,VS0,VE0
etag: "b50fd5efb3ea5a6b0194d739fd28113e431b4b38c7bca8139a64155f41463a61-br"
vary: x-fh-requested-host, accept-encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31556952
accept-ranges: bytes
x-cache-hits: 12

GET
H3 200 57-es2015.77b73d67d187f0974779.js Show response
cdn.outgrow.us/ Frame 8CA4 2 MB
251 KB 15ms
15ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.outgrow.us/57-es2015.77b73d67d187f0974779.js

Requested by

Host: cdn.outgrow.us
URL: https://cdn.outgrow.us/runtime-es2015.cf463a8db284ba53b9a8.js

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a2bcac10ab4c0f68c51891ed563bef057a4898281e65e0424efb34dc690e7192

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.outgrow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
x-content-type-options: nosniff
date: Thu, 28 Sep 2023 02:06:36 GMT
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 256167
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230026-FRA
x-ua-compatible: ie=edge
last-modified: Fri, 22 Sep 2023 09:07:05 GMT
x-timer: S1695866796.234445,VS0,VE2
etag: "bc6bac57f512ba7a2056a7dd867ea3cef17943704177c1c00c2d52bfc684a659-br"
vary: x-fh-requested-host, accept-encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31556952
accept-ranges: bytes
x-cache-hits: 1

POST
H2 200 visitor_key Show response
api-h.outgrow.co/api/v1/analytic/ Frame 8CA4 267 B
809 B 178ms
108ms XHR
application/json 54.171.34.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-h.outgrow.co/api/v1/analytic/visitor_key

Requested by

Host: cdn.outgrow.us
URL: https://cdn.outgrow.us/polyfills-es2015.777b39586274a08d5f72.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.171.34.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-34-82.eu-west-1.compute.amazonaws.com

Software

nginx/1.22.1 / Express

Resource Hash

1eaf852edcfb37cd54541b1117063045b875ddc2aa1c14e69baea0db1a0adf2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://abnormalsecurity.outgrow.us/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 28 Sep 2023 02:06:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
server: nginx/1.22.1
etag: W/"10b-yrI6w+1BxP6pQYZ/njevSsx5i9E"
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,GET,POST,PUT,HEAD,DELETE,PATCH
content-type: application/json; charset=utf-8
access-control-allow-origin: https://abnormalsecurity.outgrow.us
access-control-expose-headers: content-t
x-frame-options: deny
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-HTTP-Method-Override,Content-Type,Accept,Content-Encoding,Authorization,api-key,employee,content-t

GET
H2 200 en Show response
api-n.outgrow.co/api/v1/locale/get_locale/ Frame 8CA4 3 KB
2 KB 45ms
45ms XHR
application/json 108.128.94.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-n.outgrow.co/api/v1/locale/get_locale/en

Requested by

Host: cdn.outgrow.us
URL: https://cdn.outgrow.us/polyfills-es2015.777b39586274a08d5f72.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.94.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-94-232.eu-west-1.compute.amazonaws.com

Software

nginx/1.22.1 / Express

Resource Hash

df5e74453c8957e1a92a158baab658d2dc5a1afdca62ac3559b9fe19c838dd2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://abnormalsecurity.outgrow.us/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 28 Sep 2023 02:06:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
x-powered-by: Express
x-cache: Hit from HCache
x-xss-protection: 1; mode=block
server: nginx/1.22.1
etag: W/"a66-4nzXXwGW84XKvNiQCEAL72y+dO0"
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,GET,POST,PUT,HEAD,DELETE,PATCH
content-type: application/json; charset=utf-8
access-control-allow-origin: https://abnormalsecurity.outgrow.us
access-control-expose-headers: content-t
x-frame-options: deny
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-HTTP-Method-Override,Content-Type,Accept,Content-Encoding,Authorization,api-key,employee,content-t

GET
H2 200 get_file_hash Show response
api-h.outgrow.co/api/v1/builder/ Frame 8CA4 199 B
773 B 109ms
39ms XHR
application/json 54.171.34.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-h.outgrow.co/api/v1/builder/get_file_hash

Requested by

Host: cdn.outgrow.us
URL: https://cdn.outgrow.us/polyfills-es2015.777b39586274a08d5f72.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.171.34.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-34-82.eu-west-1.compute.amazonaws.com

Software

nginx/1.22.1 / Express

Resource Hash

04916b31dd4a247299fdec9e44af3ef27df440be0c87d6cba13e7bbaf096826f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://abnormalsecurity.outgrow.us/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 28 Sep 2023 02:06:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
server: nginx/1.22.1
etag: W/"c7-4Iw97GTf8MyhVOp4euMzM6r4pZU"
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,GET,POST,PUT,HEAD,DELETE,PATCH
content-type: application/json; charset=utf-8
access-control-allow-origin: https://abnormalsecurity.outgrow.us
access-control-expose-headers: content-t
x-frame-options: deny
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-HTTP-Method-Override,Content-Type,Accept,Content-Encoding,Authorization,api-key,employee,content-t

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=150648533&t=pageview&_s=1&dl=https%3A%2F%2Fabnormalsecurity.com%2Fblog%2Fhealthcare-organizations-email-attacks-2023&ul=en-us&de=UTF-8&dt=Healthcare%20Organizations%20Experience%20279%25%20Increase%20in%E2%80%A6%20%7C%20Abnormal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aAgAAAABQAAAAAAAIk~&cid=1158359347.1695866796&tid=UA-135379382-1&_gid=106531194.1695866796&gtm=45He39p0n815DSW3JC&gcs=G100&z=1518141876

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 06:02:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 72222
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
196 B 28ms
7ms XHR
text/html 2.17.100.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.100.184 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-100-184.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:06:36 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://abnormalsecurity.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 24 B
319 B 59ms
8ms XHR
text/html 2a02:26f0:480:23::1726:62a7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:23::1726:62a7 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f88018ccd0130d185511681a282284d4f797f33d76715b44b3ebea7e6d349dfc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Sep 2023 02:06:36 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://abnormalsecurity.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2a00:c98:2050:a007:2::14
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1695866796301_388391911_48768695_24_967_6_16_219";dur=1
content-length: 24
expires: Thu, 28 Sep 2023 02:06:36 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 211ms
200ms Image
image/gif 2.17.100.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=bbf40b2956d4bb7805e99ad643493df0&svisitor=null&visitor=b478191f-d94f-42ba-8f7b-455d935fa560&session=bd7a477c-44c4-46c4-8f63-54879274b7bd&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Thu%2C%2028%20Sep%202023%2002%3A06%3A36%20GMT%22%2C%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2028%20Sep%202023%2002%3A06%3A36%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22bbf40b2956d4bb7805e99ad643493df0%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2028%20Sep%202023%2002%3A06%3A36%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%22fd01a97e4bdb20630a440f57b6e3085b2ff29834%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2028%20Sep%202023%2002%3A06%3A36%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2028%20Sep%202023%2002%3A06%3A36%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22%5Btrue%2Cnull%2C3%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2028%20Sep%202023%2002%3A06%3A36%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22Email%20attacks%20like%20BEC%20against%20the%20healthcare%20industry%20are%20on%20the%20rise%20in%202023.%20Protect%20yourself%20with%20sophisticated%20cloud-native%20email%20security.%22%2C%22keywords%22%3A%22email%2C%20attacks%2C%20cloud-native%2C%20like%2C%20healthcare%2C%20industry%2C%20rise%2C%20sophisticated%2C%20security%2C%202023%2C%20protect%22%2C%22title%22%3A%22Healthcare%20Organizations%20Experience%20279%25%20Increase%20in%E2%80%A6%20%7C%20Abnormal%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fabnormalsecurity.com%2Fblog%2Fhealthcare-organizations-email-attacks-2023&pageViewId=fcb70bb1-962d-4493-851a-c848fe6ee18c&v=1.1.6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.184 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:06:36 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
284 B 30ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=56361138&tm=gtm002&Ver=2&mid=1f327f68-3ad8-4aec-8224-40c82e6a2600&sid=a7589b205da311ee9d1dfdfbe27a22b5&vid=a75905a05da311eeb4b70b8b9be1302a&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Healthcare%20Organizations%20Experience%20279%25%20Increase%20in%E2%80%A6%20%7C%20Abnormal&kw=email,%20attacks,%20cloud-native,%20like,%20healthcare,%20industry,%20rise,%20sophisticated,%20security,%202023,%20protect&p=https%3A%2F%2Fabnormalsecurity.com%2Fblog%2Fhealthcare-organizations-email-attacks-2023&r=&lt=1276&evt=pageLoad&sv=1&rn=692465

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 28 Sep 2023 02:06:36 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D661BC160A354AFC8B78A49B91D30FB9 Ref B: FRAEDGE1209 Ref C: 2023-09-28T02:06:36Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=150648533&t=timing&_s=2&dl=https%3A%2F%2Fabnormalsecurity.com%2Fblog%2Fhealthcare-organizations-email-attacks-2023&ul=en-us&de=UTF-8&dt=Healthcare%20Organizations%20Experience%20279%25%20Increase%20in%E2%80%A6%20%7C%20Abnormal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1276&pdt=22&dns=14&rrt=1&srt=74&tcp=21&dit=146&clt=429&_gst=1375&_gbt=1603&_u=aAgAAAABQAAAAAAAIk~&cid=1158359347.1695866796&tid=UA-135379382-1&_gid=106531194.1695866796&gtm=45He39p0n815DSW3JC&gcs=G100&z=1280051224

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 06:02:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 72222
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ Frame 8CA4 0
80 B 15ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-99F3Z2K9LL&gtm=45je39p0&_p=1195029343&cid=549720275.1695866796&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1695866796&sct=1&seg=0&dl=https%3A%2F%2Fabnormalsecurity.outgrow.us%2F64e37afea593954b6e60f08f&dr=https%3A%2F%2Fabnormalsecurity.com%2Fblog%2Fhealthcare-organizations-email-attacks-2023&dt=Outgrow&en=page_view&_fv=1&_ss=1&_ee=1&ep.debug_mode=true
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-99F3Z2K9LL&l=ga4dataLayer&debug_mode=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.outgrow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Sep 2023 02:06:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://abnormalsecurity.outgrow.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ Frame 8CA4 0
17 B 15ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-99F3Z2K9LL&gtm=45je39p0&_p=1195029343&cid=549720275.1695866796&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1695866796&sct=1&seg=0&dl=https%3A%2F%2Fabnormalsecurity.outgrow.us%2F64e37afea593954b6e60f08f&dr=https%3A%2F%2Fabnormalsecurity.com%2Fblog%2Fhealthcare-organizations-email-attacks-2023&dt=Outgrow&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-99F3Z2K9LL&l=ga4dataLayer&debug_mode=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://abnormalsecurity.outgrow.us/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 28 Sep 2023 02:06:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://abnormalsecurity.outgrow.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 init Show response
n2.mouseflow.com/ 0
220 B 278ms
92ms XHR
text/plain 2607:f5b7:1:52::11
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL

https://n2.mouseflow.com/init?v=17.97&p=55451921-8278-4244-87a2-1e0b878bdae0&s=f4410d135fec610ee693752def36b15c&page=09283624844fd91e8ce8c839d683f211f881333a&ret=0&u=d0138cd930aef2b801c60cb519656faa&href=https%3A%2F%2Fabnormalsecurity.com%2Fblog%2Fhealthcare-organizations-email-attacks-2023&url=%2Fblog%2Fhealthcare-organizations-email-attacks-2023&ref=&title=Healthcare%20Organizations%20Experience%20279%25%20Increase%20in%E2%80%A6%20%7C%20Abnormal&res=1600x1200&tz=-60&to=0&dnt=0&ori=&dw=1600&dh=1200&time=1714&pxr=1&gdpr=1

Requested by

Host: cdn.mouseflow.com
URL: https://cdn.mouseflow.com/projects/55451921-8278-4244-87a2-1e0b878bdae0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2607:f5b7:1:52::11 , United States, ASN30633 (LEASEWEB-USA-WDC, US),

Reverse DNS

Software

Mouseflow /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-type: text/plain

Response headers

date: Thu, 28 Sep 2023 02:06:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: Mouseflow
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://abnormalsecurity.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK cc.js
cc.swiftype.com/ 43 B
279 B 557ms
129ms Image
image/gif 169.63.31.200
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc.swiftype.com/cc.js?engine_key=Jf5CnSM-5QHr_uqSbubJ&url=https%3A%2F%2Fabnormalsecurity.com%2Fblog%2Fhealthcare-organizations-email-attacks-2023
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 169.63.31.200 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: c8.1f.3fa9.ip4.static.sl-reverse.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/gif
Date: Thu, 28 Sep 2023 02:06:36 GMT
Cache-Control: no-cache
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Connection: keep-alive
Content-Length: 43
Expires: Thu, 28 Sep 2023 02:06:35 GMT

GET
H2 200 details Show response
epsilon.6sense.com/v3/company/ 756 B
595 B 30ms
14ms XHR
application/json 35.156.107.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.107.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-107-46.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 74777181b7df96d20497f3cea6dbb496eb3d4b220cd225e2677ee0dbccf6f220

Request headers

Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
accept-language: de-DE,de;q=0.9
Authorization: Token fd01a97e4bdb20630a440f57b6e3085b2ff29834
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
X-6s-CustomID: WebTag1.0 bbf40b2956d4bb7805e99ad643493df0

Response headers

date: Thu, 28 Sep 2023 02:06:36 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://abnormalsecurity.com
access-control-allow-credentials: true
content-length: 407

OPTIONS
H2 200 details
epsilon.6sense.com/v3/company/ Frame 0
0 50ms
10ms Preflight 35.156.107.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.107.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-107-46.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-6s-customid
Access-Control-Request-Method: GET
Origin: https://abnormalsecurity.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,x-6s-customid
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://abnormalsecurity.com
access-control-max-age: 1800
date: Thu, 28 Sep 2023 02:06:36 GMT
server: nginx

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 189ms
187ms Image
image/gif 2.17.100.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=bbf40b2956d4bb7805e99ad643493df0&svisitor=null&visitor=b478191f-d94f-42ba-8f7b-455d935fa560&session=bd7a477c-44c4-46c4-8f63-54879274b7bd&event=ipv6&q=%7B%22address%22%3A%222a00%3Ac98%3A2050%3Aa007%3A2%3A%3A14%22%7D&isIframe=false&m=%7B%22description%22%3A%22Email%20attacks%20like%20BEC%20against%20the%20healthcare%20industry%20are%20on%20the%20rise%20in%202023.%20Protect%20yourself%20with%20sophisticated%20cloud-native%20email%20security.%22%2C%22keywords%22%3A%22email%2C%20attacks%2C%20cloud-native%2C%20like%2C%20healthcare%2C%20industry%2C%20rise%2C%20sophisticated%2C%20security%2C%202023%2C%20protect%22%2C%22title%22%3A%22Healthcare%20Organizations%20Experience%20279%25%20Increase%20in%E2%80%A6%20%7C%20Abnormal%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fabnormalsecurity.com%2Fblog%2Fhealthcare-organizations-email-attacks-2023&pageViewId=fcb70bb1-962d-4493-851a-c848fe6ee18c&v=1.1.6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.184 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:06:36 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

OPTIONS
H2 204 fetch_app_conditionsV2
api-n.outgrow.co/api/v1/app_conditions/ Frame 0
0 31ms
31ms Preflight 108.128.94.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-n.outgrow.co/api/v1/app_conditions/fetch_app_conditionsV2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.94.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-94-232.eu-west-1.compute.amazonaws.com

Software

nginx/1.22.1 / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://abnormalsecurity.outgrow.us
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-HTTP-Method-Override,Content-Type,Accept,Content-Encoding,Authorization,api-key,employee,content-t
access-control-allow-methods: OPTIONS,GET,POST,PUT,HEAD,DELETE,PATCH
access-control-allow-origin: https://abnormalsecurity.outgrow.us
access-control-expose-headers: content-t
access-control-max-age: 86400
date: Thu, 28 Sep 2023 02:06:36 GMT
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
server: nginx/1.22.1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: deny
x-powered-by: Express
x-xss-protection: 1; mode=block

GET
H2 200 line-awesome.min.css
maxst.icons8.com/vue-static/landings/line-awesome/line-awesome/1.3.0/css/ Frame 8CA4 88 KB
16 KB 81ms
18ms Stylesheet
text/css 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://maxst.icons8.com/vue-static/landings/line-awesome/line-awesome/1.3.0/css/line-awesome.min.css

Requested by

Host: cdn.outgrow.us
URL: https://cdn.outgrow.us/57-es2015.77b73d67d187f0974779.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::17 , Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

ce61a18cf084f15003798340044643f329ac5f90045acb2d9e778368bd799854

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.outgrow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 28 Sep 2023 02:06:36 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
server-timing: -;dur=0;desc="Generate"
x-age: 40567192
x-accel-date: 1655299604
x-77-nzt: AZySIYhk8sH/mAFrAg
x-accel-expires: @1970659604
x-77-age: 40567192
last-modified: 2022-06-14T10:09:13.275Z
server: CDN77-Turbo
etag: W/"15e81-wb0UGHttyzbvrSHlFxH4lBgB3g8"
x-77-nzt-ray: f6587a1dd404e7d8acdf14656251b326
vary: Accept-Encoding, Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
access-control-allow-credentials: true
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Roboto_Regular.css
cdn.outgrow.us/assets/fonts/templateFonts/fonts_varient/ Frame 8CA4 1 KB
550 B 7ms
7ms Stylesheet
text/css 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.outgrow.us/assets/fonts/templateFonts/fonts_varient/Roboto_Regular.css

Requested by

Host: cdn.outgrow.us
URL: https://cdn.outgrow.us/assets/js/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

882655fb98b618018e3c8c4848a3620879371cdede22a4da2fefa87cce3ee70c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.outgrow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
x-content-type-options: nosniff
date: Thu, 28 Sep 2023 02:06:36 GMT
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 199
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230026-FRA
x-ua-compatible: ie=edge
last-modified: Fri, 22 Sep 2023 09:07:05 GMT
x-timer: S1695866797.593819,VS0,VE0
etag: "c08860f5c733b559559793649ed4def1abfde4e86fa24fe5b93db4d204363bfb-br"
vary: x-fh-requested-host, accept-encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31556952
accept-ranges: bytes
x-cache-hits: 2

GET
H3 200 inter.css
cdn.outgrow.us/assets/fonts/templateFonts/fonts_varient/ Frame 8CA4 7 KB
920 B 8ms
7ms Stylesheet
text/css 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.outgrow.us/assets/fonts/templateFonts/fonts_varient/inter.css

Requested by

Host: cdn.outgrow.us
URL: https://cdn.outgrow.us/assets/js/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

24c9c565136897fe5d74cc0d1157745b241b76146688aae44021a641a5893ea0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.outgrow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
x-content-type-options: nosniff
date: Thu, 28 Sep 2023 02:06:36 GMT
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 569
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230026-FRA
x-ua-compatible: ie=edge
last-modified: Fri, 22 Sep 2023 09:07:05 GMT
x-timer: S1695866797.593903,VS0,VE1
etag: "4fb63eb461af67f24489c5b5389139832e9bbecd99c48d49a3b7e43b93f3de26-br"
vary: x-fh-requested-host, accept-encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31556952
accept-ranges: bytes
x-cache-hits: 1

POST
H2 200 fetch_app_conditionsV2 Show response
api-n.outgrow.co/api/v1/app_conditions/ Frame 8CA4 7 KB
1 KB 40ms
39ms XHR
application/json 108.128.94.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-n.outgrow.co/api/v1/app_conditions/fetch_app_conditionsV2

Requested by

Host: cdn.outgrow.us
URL: https://cdn.outgrow.us/polyfills-es2015.777b39586274a08d5f72.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.94.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-94-232.eu-west-1.compute.amazonaws.com

Software

nginx/1.22.1 / Express

Resource Hash

cc46869bede0a80ce30e0563dff8a6e5297d79f072ba03bb98d66f232cd4c392

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://abnormalsecurity.outgrow.us/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 28 Sep 2023 02:06:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
server: nginx/1.22.1
etag: W/"1c2d-Qc9K0cyjQMiW37SlNkMDRxRnMgk"
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,GET,POST,PUT,HEAD,DELETE,PATCH
content-type: application/json; charset=utf-8
access-control-allow-origin: https://abnormalsecurity.outgrow.us
access-control-expose-headers: content-t
x-frame-options: deny
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-HTTP-Method-Override,Content-Type,Accept,Content-Encoding,Authorization,api-key,employee,content-t

GET
H3 200 collect
www.google-analytics.com/ Frame 8CA4 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1195029343&t=pageview&_s=5&dl=https%3A%2F%2Fabnormalsecurity.outgrow.us%2F64e37afea593954b6e60f08f&dr=https%3A%2F%2Fabnormalsecurity.com%2Fblog%2Fhealthcare-organizations-email-attacks-2023&dp=%2F6514dfac3d68cf141fdf6956&ul=en-us&de=UTF-8&dt=Outgrow&sd=24-bit&sr=1600x1200&vp=400x700&je=0&_u=KEBAAEABEAAAACAAsD~&jid=&gjid=&cid=549720275.1695866796&tid=UA-82253758-1&_gid=1210155897.1695866796&z=142063831

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.outgrow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 06:02:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 72222
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 187ms
186ms Image
image/gif 2.17.100.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.184 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:06:37 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 la-solid-900.woff2
maxst.icons8.com/vue-static/landings/line-awesome/line-awesome/1.3.0/fonts/ Frame 8CA4 94 KB
95 KB 43ms
17ms Font
font/woff2 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://maxst.icons8.com/vue-static/landings/line-awesome/line-awesome/1.3.0/fonts/la-solid-900.woff2

Requested by

Host: maxst.icons8.com
URL: https://maxst.icons8.com/vue-static/landings/line-awesome/line-awesome/1.3.0/css/line-awesome.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::17 , Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

10a68e01209d939afa9318ee71601b0a6e10f025d4cd6d98a492d340b73941fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://maxst.icons8.com/vue-static/landings/line-awesome/line-awesome/1.3.0/css/line-awesome.min.css
Origin: https://abnormalsecurity.outgrow.us
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 28 Sep 2023 02:06:37 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-cache: HIT
x-77-cache: HIT
server-timing: -;dur=0;desc="Generate"
x-age: 40567192
x-accel-date: 1655299605
content-length: 96752
x-77-nzt: AZySIYhNGTf/mAFrAg
x-accel-expires: @1970659605
x-77-age: 40567192
last-modified: 2022-06-14T10:09:13.271Z
server: CDN77-Turbo
etag: "179f0-idlTHAxwqHUd/4PBkXuqsfFqIHE"
x-77-nzt-ray: f6587a1d93042de0addf1465faa2d620
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Inter-latin.woff2
cdn.outgrow.us/assets/fonts/templateFonts/fonts_varient/fonts/Inter/ Frame 8CA4 37 KB
37 KB 14ms
13ms Font
font/woff2 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.outgrow.us/assets/fonts/templateFonts/fonts_varient/fonts/Inter/Inter-latin.woff2

Requested by

Host: cdn.outgrow.us
URL: https://cdn.outgrow.us/assets/fonts/templateFonts/fonts_varient/inter.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.outgrow.us/assets/fonts/templateFonts/fonts_varient/inter.css
Origin: https://abnormalsecurity.outgrow.us
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
date: Thu, 28 Sep 2023 02:06:37 GMT
x-content-type-options: nosniff
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 37924
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230113-FRA
x-ua-compatible: ie=edge
last-modified: Fri, 22 Sep 2023 09:07:05 GMT
x-timer: S1695866798.528049,VS0,VE6
etag: "0c90522504ed89982038242c7710e08d9a35f8c8bdb71dfea3f8840b9e7c6a4f"
vary: x-fh-requested-host, accept-encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556952
accept-ranges: bytes
x-cache-hits: 1

POST
H3 200 html Show response
n2.mouseflow.com/ 0
214 B 399ms
111ms XHR
text/plain 2607:f5b7:1:52::11
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL

https://n2.mouseflow.com/html?website=55451921-8278-4244-87a2-1e0b878bdae0&session=f4410d135fec610ee693752def36b15c&page=09283624844fd91e8ce8c839d683f211f881333a&gz=1

Requested by

Host: cdn.mouseflow.com
URL: https://cdn.mouseflow.com/projects/55451921-8278-4244-87a2-1e0b878bdae0.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2607:f5b7:1:52::11 , United States, ASN30633 (LEASEWEB-USA-WDC, US),

Reverse DNS

Software

Mouseflow /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-type: text/plain

Response headers

date: Thu, 28 Sep 2023 02:06:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: Mouseflow
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://abnormalsecurity.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 187ms
187ms Image
image/gif 2.17.100.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.184 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:06:38 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
BLOB 200
OK 95754837-e214-4bc9-9058-8a635b774c83
https://abnormalsecurity.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://abnormalsecurity.com/95754837-e214-4bc9-9058-8a635b774c83
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 186ms
186ms Image
image/gif 2.17.100.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.184 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:06:39 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 185ms
185ms Image
image/gif 2.17.100.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.184 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:06:40 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H3 200 dom Show response
n2.mouseflow.com/ 0
214 B 93ms
93ms XHR
text/plain 2607:f5b7:1:52::11
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL

https://n2.mouseflow.com/dom?gz=1

Requested by

Host: cdn.mouseflow.com
URL: https://cdn.mouseflow.com/projects/55451921-8278-4244-87a2-1e0b878bdae0.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2607:f5b7:1:52::11 , United States, ASN30633 (LEASEWEB-USA-WDC, US),

Reverse DNS

Software

Mouseflow /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://abnormalsecurity.com/blog/healthcare-organizations-email-attacks-2023
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-type: text/plain

Response headers

date: Thu, 28 Sep 2023 02:06:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: Mouseflow
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://abnormalsecurity.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=86400
content-length: 0

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
abnormalsecurity.com/blog	1970-01-20 15:06:00	Name: urlParams Value: %7B%22slug%22%3A%22healthcare-organizations-email-attacks-2023%22%7D
.outgrow.us/	1969-12-31 23:59:59	Name: _OG_GDPR_COOKIE_ Value: false
abnormalsecurity.com/	1969-12-31 23:59:59	Name: plasmic_seed Value: 7
.outgrow.us/	1970-01-21 00:40:26	Name: gaCookie1 Value: GA1.2.549720275.1695866796
.outgrow.us/	1970-01-20 15:05:53	Name: gaCookie1_gid Value: GA1.2.1210155897.1695866796
.outgrow.us/	1970-01-20 15:04:26	Name: _gat_devteam Value: 1
abnormalsecurity.com/	1970-01-21 00:40:26	Name: _gd_visitor Value: b478191f-d94f-42ba-8f7b-455d935fa560
abnormalsecurity.com/	1970-01-20 15:04:41	Name: _gd_session Value: bd7a477c-44c4-46c4-8f63-54879274b7bd
.outgrow.us/	1970-01-21 00:40:26	Name: _ga Value: GA1.1.549720275.1695866796
.bing.com/	1970-01-21 00:26:02	Name: MUID Value: 129C003813D969B1165613A2120B688A
.outgrow.us/	1970-01-21 00:40:26	Name: _ga_99F3Z2K9LL Value: GS1.1.1695866796.1.0.1695866796.0.0.0
.abnormalsecurity.com/	1970-01-20 17:14:02	Name: mf_user Value: d0138cd930aef2b801c60cb519656faa\|
.abnormalsecurity.com/	1969-12-31 23:59:59	Name: mf_55451921-8278-4244-87a2-1e0b878bdae0 Value: f4410d135fec610ee693752def36b15c\|09283624844fd91e8ce8c839d683f211f881333a.-4452169759.1695866796430\|1695866796424\|\|0\|\|\|\|0\|17.97\|56.16767
.6sc.co/	1970-01-21 00:40:26	Name: 6suuid Value: b4641102edf40700acdf146593020000e96a6d00

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'battery'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'navigation-override'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'speaker-selection'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'conversion-measurement'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'sync-script'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'trust-token-redemption'.
other	warning	URL: https://cdn.outgrow.us/main-es2015.f54a06ceb4e366e37cc4.js Message: <link rel=preload> has an invalid `href` value

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	object-src data:; base-uri 'self' studio.plasmic.app; frame-ancestors 'self' studio.plasmic.app partners.abnormalsecurity.com
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abnormalsecurity.com
abnormalsecurity.outgrow.us
analytics.plasmic.app
api-h.outgrow.co
api-live.outgrow.co
api-n.outgrow.co
b.6sc.co
bat.bing.com
c.6sc.co
cc.swiftype.com
cdn.jsdelivr.net
cdn.mouseflow.com
cdn.outgrow.us
cdnjs.cloudflare.com
cmp.osano.com
cms.abnormalsecurity.com
dlvkyia8i4zmz.cloudfront.net
dyv6f9ner1ir9.cloudfront.net
epsilon.6sense.com
fonts.googleapis.com
fonts.gstatic.com
ipv6.6sc.co
j.6sc.co
maxst.icons8.com
munchkin.marketo.net
n2.mouseflow.com
optimise2.assets-servd.host
pagead2.googlesyndication.com
region1.google-analytics.com
s.swiftypecdn.com
site-assets.plasmic.app
snap.licdn.com
static.filestackapi.com
vitals.vercel-insights.com
www.google-analytics.com
www.googleoptimize.com
www.googletagmanager.com
108.128.94.232
151.101.2.133
151.101.64.143
151.101.65.195
151.139.128.10
167.172.14.134
169.63.31.200
2.17.100.184
2001:4860:4802:32::36
23.197.137.224
2600:9000:211e:1c00:3:b7e:8940:93a1
2600:9000:214f:de00:3:eee:d40:21
2600:9000:223c:3a00:1:57c7:dac0:21
2600:9000:223e:4200:d:1a25:7e40:93a1
2606:4700:20::681a:8b5
2606:4700::6810:5614
2606:4700::6811:180e
2607:f5b7:1:52::11
2620:1ec:c11::200
2a00:1450:4001:802::200e
2a00:1450:4001:809::200a
2a00:1450:4001:80b::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:81c::2008
2a00:1450:4001:82a::200e
2a02:26f0:480:23::1726:62a7
2a02:26f0:780::210:a423
2a02:6ea0:c700::17
34.209.198.187
35.156.107.46
52.22.23.118
54.171.34.82
54.171.44.183
76.76.21.21
0062e38c4ae2670541000af088d0edecfa951242b9f0baf03d959fe2a770c53f
01fb38973be6db9bf32851e0982974509126310becd8a1ddb25f607dc63bac1a
04916b31dd4a247299fdec9e44af3ef27df440be0c87d6cba13e7bbaf096826f
0a4d88f548b76c4bc0472708cf2500b202a1c618b6e18b6ae97370af87422994
0b0d5e258caa63b6b4d94b077e65c92540ad7c314a26df07808b21db086e160e
0defdc819a00920beaa312fdc89a49ccf1f2a335044c59d2bfb11019f416438a
0f3f1b88e5184dfb3dff0f47e6b9918dc291422f5371763e3ed040282af76d57
10a68e01209d939afa9318ee71601b0a6e10f025d4cd6d98a492d340b73941fb
157d48a8d90c0d76a7c4b55a11d8058770d75c47485e8a85d8932520d82fc9d2
19c62c2417f2a4d1cebe829a2bd29bcf48f108fbb8b01c39d98f1dff2643f7b2
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1eaf852edcfb37cd54541b1117063045b875ddc2aa1c14e69baea0db1a0adf2e
21f913cdec7510a2717672bc4fda25a3b45fc96ae21912aca756c822506b09b7
24c9c565136897fe5d74cc0d1157745b241b76146688aae44021a641a5893ea0
2552d8d62d9c60f59b3b11a5d083d1ebd090c72de809fc7c76fb339825302241
28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
2d7c7930eb39d59cd8c2dc00652977da3ed72347e7cd465f7b540e10e2121c22
2dc47fb98a6c4cc09538fc1e267ec7e22cff5e0144c1faebd37c8ae78e091f11
333d71153215f5f9299fa750c8b4b1e774e62f69ba13ee47e14d6385afcc69ec
37e06e1f9f0b894fb7ca088663d48a397ec743acc9acbf605945a120d408294f
3883a1fabb193a3d37f34679fccb3b48485f3123553759231697dacc21f0fd54
3a8065364d42327bd2aafa0c605c23593534f7a3e51ad77ea8a3ba142e7d219a
3ac0c589d242920586289eabdd93bf71f3d85bb1c6c8333d3e2deb4e173b61a4
3c30777d8c9aae080e6d47f1eb2b4717a2dfcc3c2fd039dfcd09ebdff7183b89
3e8c8ce8d9b11dbfe75e3e449d459dd6a14a53fc787de6dd54496c0ef11bd5a2
3f14051e7cfb47b25a86f77e8eda8b9387dbd7180479d162ffd7d6c035590dca
3f669cbcad98c7c7a6884d7cf7619b34640088a61d732bdf131ef177dae05ab8
44cc14855746def1429a8ec9410f4eff563a6e75fb949cfd7d6a1697c9932442
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
457a5c36349e0ba1d8612340491b9dc6bcf448a70e9975edd9ff5f92e08e15c8
4712b5866cf8104d41bb89fbbbbafa4d8dc1077a8495af4033426594b478d36c
49486fb624bd05fb1ef21c3ba7c375bfc893034458b8330c5472b381ce21cea9
49517832730175e88ef1745d25a86aba87092cd3b0ec8056a3585296fc06d76e
4a6588416e2d67985b8e7595c5ae89d32b3176197566f8e256a1bc8d75e26b32
4d392de8e184fb7a20e74b3d9100c85ad80c44948185894b9f52e88924724225
515df4e1aacd33d6a8d1250f3e83ae7c7c6651774f7d9f89a0802f87e0d54ee1
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
54de3d590bc637376fefe86891978b1df1fa237365d792ac3d2d31e380d02145
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
58777e2b967af5cdf00a0715ef80c1e984c2e3bb56785f060b66f39f727c643c
609f9e4c24c94d72bc7a1bd7c8a6a3d968ec942f2d78e226c0eb189552533848
615d8b5a89e056d7325832ef9a4177796b0e60c603faf98439cf79f872f6784e
62c6cb71f33e94e6ead3bc223297ef4d65e204900f2b56e81f4916b6c9911486
63e390aab33c2fd04fab725ef83792c740303cd4f580752293de1ccd5884185e
641a10316e6b12175c46755787ff673be36d5c5937e06acb7d4744b54b0659d7
6dea60f79962ab2bff00343db7d9ab8dd9d8c442c94328ffe1e395a9fa81ef1e
71554d56e302c7431e3a07ea88900e5993ac95933344b86b0c61ef7f3c7bff50
7169027a78f62b5ec56ee57a6d44b5d95c3884f8d39e35a4defc8d21e2533be3
7452557d6b899f506b6e4f32a86d9df898615dfc648e034afb6d88f2ce0c26e0
74777181b7df96d20497f3cea6dbb496eb3d4b220cd225e2677ee0dbccf6f220
75685d1434befafbef4b1516d437de3c7bf5ca6b255c44db8c7f03679eaf5c0a
770fbd6f60607d70164e5717ca22bbad03ab83221a959fabd141028d48e52ff4
79bbba7d7d24ffc8e5b1e3ed0131e709be8f87b5cd16c3e72871910859f56379
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
815755b9ab99608198875734c24bfe4c2e26cbcd6811caae13ad8a8500c19fd1
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85e4b157df11f7946c8354112aa50987f2b0f0fabf3111715b68fbcc9c5a7d82
882655fb98b618018e3c8c4848a3620879371cdede22a4da2fefa87cce3ee70c
8a7b40c29ae8221a5fadfcd80d46d448e36c37f8fed6e988bb47f7e28a30a6c3
8ae787eebe851df2c8d37b2b4dadbab52b4e6e6b7bf6de8592a23a7216161efa
8e12b9fe62d0f82f3731ab55c398ae09def0d738416247e3e16dd19b6d1594f8
94de5c66331cd244e69ce3df84813f93c2213d748c7eefdbb20ac6e461faac0e
96e1863c4adb1b1458836f4c2345f2f1db8b9a0b1ecefbd7098248e9fecb890b
9aa3fb65ca76e62bd12a44296e4be03f5d863c8c79f47dba4abc38034556c866
9c1cfecfcb0f198b177bf78c68fad5f85e15917477789c4d6e8d0c175f299600
a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1
a2bcac10ab4c0f68c51891ed563bef057a4898281e65e0424efb34dc690e7192
a8b145bb3ef6dae8eda87fc0762994f6134b33b66b106bfcf508eb745f1de158
aa7b85ca08af6648df3d8755429e970e920d57570ad270ab7d1aacf8da594045
aadeb6afa8eca318fda70cc6cc6be87b3a7e6657ea64051a0d899115708fe855
ab3a4b08ba84d781c4143e5769b485b225ed5af0e4ef91a926009241f3b60c99
ac4e49ff0d6f85af4ad5d6694a17031c7f32c9209c771c5c8ddb8f020888e3b9
ad567b1d6b357690a4aad1a0a76618c552cc0f90befc02200b5e0872c889d5a0
ae9306f2b4c411706252921683cfdd3dc2a648cb504ee3e12820c25894b32294
b0132cf0dae0361cd4feca1b230ee0655f885036718e51f479fa5d128a4e4107
b05e0d4ac03265d7321b14015108c0f56af94edf37eb6405bdf93942e7adece5
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5
bb79cf544e2d1752c931e446f0bea263d24493d7d6af35acb25f58e13f5c785c
bfa1307f65a89a7aa9baa04b08c4ea77179286afc87645cb795a3056e59f25ac
c4dd3582a34018678a2beda63f772e2916de331f44d6b795ab701767781bbb1b
c9249972c2fdad8831c4a5213c7f413b3589d67414f71bb10955517ac3599ebd
cc46869bede0a80ce30e0563dff8a6e5297d79f072ba03bb98d66f232cd4c392
ccd97d625b1e72f9e712cc77abe17d9e2ba3d3480a368549b1723b1d4964d544
ce61a18cf084f15003798340044643f329ac5f90045acb2d9e778368bd799854
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
daab30dc018c24b75c62521ab4e61c917a390127c2cf4eef5a56506f9e265239
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df5e74453c8957e1a92a158baab658d2dc5a1afdca62ac3559b9fe19c838dd2e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e90ffcd82ca0de762838aaf90e5fb735a64749aa44c750dd8812fcd6939093f8
e927d7fbd371b71537496dd2bc52f767f2e0f5c23e873075b367b8a5e7a26215
e9d78f1add662ac34c5323dbc2c18c1427db3aa89a28de2fd43aaf88a640b4d1
ecdf8f51c147127a75df50befbb2243b9f821d602e5f00cd0d8aefcce3f62942
ed18301d8e080d3bb4f4a498b0c4b1ce149f8cd65240fb0175436c861be5f346
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1622ad087bc54cef5341d8e011b1775da553f6788df2bb5deeaef5b902c1241
f1be6617ba107f1e96bcd79ac78ab26e281b1f1b2bda9a46f4d39e241b8ed829
f1bf8dac3f25110d991fa77fc2668d67f0f88e89771a539ee50db3b4b4d563d4
f2b5d884aa8c0655e8539fb07fa26dd427b1fa8c67bb5f88cbffa79fd923900c
f677aee0f89928c0e141a63fb9fd7bddf14c809d91852e51a9d877f09bbcc2b5
f88018ccd0130d185511681a282284d4f797f33d76715b44b3ebea7e6d349dfc
f8ca6673e94dc2e235bca0c68959cc8ce1e7a365b4aaf5cdb3e364b4eb7ba655
fc257f5783bf52d885a348c51d3839db03e6026c17318872975e0bb98dfe7b33
fcd5fc46e77728b0e5da04b51d40abd649eabcf637eb29ef884f668a52164d57
fdce77a6d0053f32d231518a84a71bcab5c86045ed52369da00b89d4284aef46
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
ff95754c421efe0148bdc43c533e671f10e4e852a521b56c118b8183de80eb71

abnormalsecurity.com Open in urlscan Pro 76.76.21.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

152 Requests

98 %HTTPS

56 %IPv6

26 Domains

37 Subdomains

35 IPs

4 Countries

3942 kBTransfer

15546 kBSize

14 Cookies

8 Outgoing links

Redirected requests

152 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

abnormalsecurity.com Open in urlscan Pro
76.76.21.21 Public Scan

Screenshot
Live screenshot

Full Image

152
Requests

98 %
HTTPS

56 %
IPv6

26
Domains

37
Subdomains

35
IPs

4
Countries

3942 kB
Transfer

15546 kB
Size

14
Cookies

152 HTTP transactions
3 data transactions