cofense.com Open in urlscan Pro
141.193.213.21 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all...
Submission: On May 03 via api (May 3rd 2023, 2:13:10 am UTC) from TR — Scanned from DE

Summary HTTP 236 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 37 IPs in 4 countries across 31 domains to perform 236 HTTP transactions. The main IP is 141.193.213.21, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is cofense.com. The Cisco Umbrella rank of the primary domain is 963850.
TLS certificate: Issued by R3 on February 26th 2023. Valid for: 3 months.

This is the only time cofense.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 92	141.193.213.21 141.193.213.21	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6812:1005	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:1494	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
10	23.36.162.208 23.36.162.208	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:480... 2a02:26f0:480:f::213:7edd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.73.0.225 52.73.0.225	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6810:650c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.102.38.132 104.102.38.132	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.165.183.96 18.165.183.96	16509 (AMAZON-02) (AMAZON-02)
71	18.66.112.39 18.66.112.39	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:c9f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:1ec:4e:1... 2620:1ec:4e:1::44	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	185.89.210.141 185.89.210.141	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:bb58	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	34.111.208.231 34.111.208.231	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:212... 2600:9000:2127:c400:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	34.200.97.200 34.200.97.200	14618 (AMAZON-AES) (AMAZON-AES)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	35.156.45.170 35.156.45.170	16509 (AMAZON-02) (AMAZON-02)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
1	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
3	20.231.53.73 20.231.53.73	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	3.222.81.88 3.222.81.88	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700::68... 2606:4700::6812:1105	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	50.16.7.188 50.16.7.188	14618 (AMAZON-AES) (AMAZON-AES)
1	35.188.42.15 35.188.42.15	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a04:4e42:8d:... 2a04:4e42:8d::720	54113 (FASTLY) (FASTLY)
1	3.5.17.107 3.5.17.107	14618 (AMAZON-AES) (AMAZON-AES)
236	37

92 141.193.213.21 (United States) 2 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

cofense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:1005 (United States)

ASN13335 (CLOUDFLARENET, US)

js.qualified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.qualified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:1494 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 23.36.162.208 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-208.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:f::213:7edd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.73.0.225 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-0-225.compute-1.amazonaws.com

lltrck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:650c (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.102.38.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-38-132.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.165.183.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-183-96.zrh55.r.cloudfront.net

static.oktopost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

71 18.66.112.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-39.fra56.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:c9f (United States)

ASN13335 (CLOUDFLARENET, US)

trk.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:4e:1::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.141 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:bb58 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.208.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.208.111.34.bc.googleusercontent.com

ibc-flow.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:c400:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.200.97.200 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-97-200.compute-1.amazonaws.com

okt.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.45.170 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-45-170.eu-central-1.compute.amazonaws.com

epsilon.6sense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

404-jhu-612.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.231.53.73 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

q.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.222.81.88 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-81-88.compute-1.amazonaws.com

app.qualified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:1105 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.qualified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 50.16.7.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-7-188.compute-1.amazonaws.com

bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
event.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
targeting.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
flow.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.188.42.15 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 15.42.188.35.bc.googleusercontent.com

sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:8d::720 (United States)

ASN54113 (FASTLY, US)

driftt.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.5.17.107 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3.us-east-1.amazonaws.com

qualified-production.s3.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
92	cofense.com 2 redirects cofense.com — Cisco Umbrella Rank: 963850	980 KB
71	driftt.com js.driftt.com — Cisco Umbrella Rank: 10855	860 KB
12	drift.com bootstrap.api.drift.com — Cisco Umbrella Rank: 14354 metrics.api.drift.com — Cisco Umbrella Rank: 14407 event.api.drift.com — Cisco Umbrella Rank: 15898 targeting.api.drift.com — Cisco Umbrella Rank: 16256 flow.api.drift.com — Cisco Umbrella Rank: 28170	11 KB
12	6sc.co j.6sc.co — Cisco Umbrella Rank: 12305 c.6sc.co — Cisco Umbrella Rank: 16337 ipv6.6sc.co — Cisco Umbrella Rank: 13024 b.6sc.co — Cisco Umbrella Rank: 7606	15 KB
9	qualified.com js.qualified.com — Cisco Umbrella Rank: 46399 app.qualified.com — Cisco Umbrella Rank: 56683 assets.qualified.com — Cisco Umbrella Rank: 52092	798 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1265 q.clarity.ms — Cisco Umbrella Rank: 9771 c.clarity.ms — Cisco Umbrella Rank: 1901	22 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 733 www.linkedin.com — Cisco Umbrella Rank: 779 px4.ads.linkedin.com — Cisco Umbrella Rank: 6554	4 KB
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2930 www.google.com — Cisco Umbrella Rank: 16	713 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 91	21 KB
3	techtarget.com trk.techtarget.com — Cisco Umbrella Rank: 37767 ibc-flow.techtarget.com — Cisco Umbrella Rank: 47960	2 KB
2	6sense.com epsilon.6sense.com — Cisco Umbrella Rank: 18375	585 B
2	google.de www.google.de — Cisco Umbrella Rank: 3425	515 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 166	402 B
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 6272	6 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	184 KB
1	amazonaws.com qualified-production.s3.us-east-1.amazonaws.com — Cisco Umbrella Rank: 83491	7 KB
1	imgix.net driftt.imgix.net — Cisco Umbrella Rank: 36439	24 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 413	740 B
1	sentry.io sentry.io — Cisco Umbrella Rank: 324	442 B
1	mktoresp.com 404-jhu-612.mktoresp.com	318 B
1	okt.to okt.to — Cisco Umbrella Rank: 70592	100 B
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1604	376 B
1	adnxs.com secure.adnxs.com — Cisco Umbrella Rank: 604	817 B
1	oktopost.com static.oktopost.com — Cisco Umbrella Rank: 79993	4 KB
1	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 9097	2 KB
1	lltrck.com lltrck.com — Cisco Umbrella Rank: 66321
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1365	5 KB
1	gstatic.com fonts.gstatic.com	38 KB
1	typekit.net p.typekit.net — Cisco Umbrella Rank: 1162	195 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119	1 KB
0	wpengine.com Failed cofense2022stg.wpengine.com Failed
236	31

	Domain	Requested by
92	cofense.com	2 redirects cofense.com
71	js.driftt.com	cofense.com js.driftt.com
7	assets.qualified.com	cofense.com app.qualified.com
7	b.6sc.co	cofense.com
4	targeting.api.drift.com	js.driftt.com
3	q.clarity.ms	www.clarity.ms
3	www.google-analytics.com	www.googletagmanager.com cofense.com
2	flow.api.drift.com	js.driftt.com
2	event.api.drift.com	js.driftt.com
2	metrics.api.drift.com	js.driftt.com
2	c.clarity.ms	1 redirects
2	bootstrap.api.drift.com	js.driftt.com
2	epsilon.6sense.com	j.6sc.co
2	www.google.de	cofense.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.analytics.google.com	www.googletagmanager.com
2	px.ads.linkedin.com	2 redirects
2	ibc-flow.techtarget.com	trk.techtarget.com
2	ipv6.6sc.co	j.6sc.co
2	c.6sc.co	j.6sc.co
2	www.clarity.ms	cofense.com www.clarity.ms
2	munchkin.marketo.net	cofense.com munchkin.marketo.net
2	www.googletagmanager.com	cofense.com www.googletagmanager.com
1	qualified-production.s3.us-east-1.amazonaws.com
1	driftt.imgix.net
1	c.bing.com	1 redirects
1	sentry.io	assets.qualified.com
1	app.qualified.com	js.qualified.com
1	www.google.com	cofense.com
1	404-jhu-612.mktoresp.com	munchkin.marketo.net
1	okt.to	static.oktopost.com
1	px4.ads.linkedin.com	cofense.com
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	secure.adnxs.com	j.6sc.co
1	trk.techtarget.com	cofense.com
1	static.oktopost.com	cofense.com
1	ws.zoominfo.com	cofense.com
1	lltrck.com	cofense.com
1	snap.licdn.com	www.googletagmanager.com
1	j.6sc.co	cofense.com
1	fonts.gstatic.com	fonts.googleapis.com
1	p.typekit.net	cofense.com
1	js.qualified.com	cofense.com
1	fonts.googleapis.com	cofense.com
0	cofense2022stg.wpengine.com Failed	cofense.com
236	46

This site contains links to these domains. Also see Links.

Domain
cofense.zendesk.com
go.cofense.com
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com
wpml.org

Subject Issuer	Validity	Valid
cofense.com R3	`2023-02-26` - `2023-05-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-11` - `2024-04-10`	a year	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
6sc.co R3	`2023-03-11` - `2023-06-09`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
lltrck.com Go Daddy Secure Certificate Authority - G2	`2022-07-25` - `2023-08-26`	a year	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2023-04-04` - `2024-04-03`	a year	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-06` - `2024-02-05`	a year	crt.sh
*.oktopost.com Amazon RSA 2048 M01	`2023-02-28` - `2023-10-27`	8 months	crt.sh
drift.com Amazon RSA 2048 M02	`2023-03-01` - `2023-09-21`	7 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-12-01` - `2023-12-01`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
ibc-flow.techtarget.com GTS CA 1D4	`2023-04-03` - `2023-07-03`	3 months	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-02-24` - `2023-08-06`	5 months	crt.sh
okt.to R3	`2023-03-24` - `2023-06-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.6sense.com Amazon RSA 2048 M01	`2023-05-01` - `2024-05-29`	a year	crt.sh
*.mktoresp.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-05` - `2023-11-05`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
app.qualified.com R3	`2023-03-22` - `2023-06-20`	3 months	crt.sh
sentry.io DigiCert TLS RSA SHA256 2020 CA1	`2022-06-03` - `2023-07-04`	a year	crt.sh
*.imgix.com GlobalSign Atlas R3 DV TLS CA 2023 Q1	`2023-03-05` - `2024-04-05`	a year	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2023-04-11` - `2023-12-20`	8 months	crt.sh

This page contains 4 frames:

Primary Page: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Frame ID: 046D279178D599FB005A2C26D6E3E9DC
Requests: 146 HTTP requests in this frame

Frame: https://app.qualified.com/w/1/H3wWDXLUxD4irieG/messenger?uuid=e1e7246a-3783-475c-833e-42f370b17d46
Frame ID: E26CAC91321433855E2351754BD7E849
Requests: 10 HTTP requests in this frame

Frame: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=e2c19a7e-2e5e-4674-a774-182dc3b73543&sessionStarted=1683079985.831&campaignRefreshToken=a900e136-6d5d-4597-892a-8017618a2e2d&hideController=false&pageLoadStartTime=1683079984116&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
Frame ID: C0B0810CDFE50E871D3BB4BD2D18573E
Requests: 41 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683079984116
Frame ID: 3F1F38A32212B64E91E2FC3F76663076
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

(1) New Messages!

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

236
Requests

97 %
HTTPS

53 %
IPv6

31
Domains

46
Subdomains

37
IPs

4
Countries

2984 kB
Transfer

8317 kB
Size

38
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://cofense.zendesk.com/auth/v2/login/signin
Title: Customer Resource Center

Search URL Search Domain Scan URL

URL: https://go.cofense.com/live-demo/
Title: Get a Demo

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Cofense/
Title: Facebook-f

Search URL Search Domain Scan URL

URL: https://twitter.com/cofense
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/11500065/
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCbvJmFk-Pwf85UbGI9-EGxw
Title: Youtube

Search URL Search Domain Scan URL

URL: https://wpml.org/
Title: wpml.org

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://cofense.com/wp-content/themes/cofense/css/custom.css?ver=6.1.1 HTTP 301
https://cofense.com/?ver=6.1.1

Request Chain 8

https://cofense.com/wp-content/themes/cofense/css/testing.css?ver=6.1.1 HTTP 301
https://cofense.com/?ver=6.1.1

Request Chain 116

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=300721&time=1683079985201&url=https%3A%2F%2Fcofense.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F&tm=gtmv2 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D300721%26time%3D1683079985201%26url%3Dhttps%253A%252F%252Fcofense.com%252Fblog%252Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%252F%26tm%3Dgtmv2%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=300721&time=1683079985201&url=https%3A%2F%2Fcofense.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F&tm=gtmv2&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=300721&time=1683079985201&url=https%3A%2F%2Fcofense.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F&tm=gtmv2&liSync=true&e_ipv6=AQKn6RVOFh4grwAAAYffYnn2VCyj2Vh5zgOExxkIbhX8g9WJmXNHFl9O9UC0c7eVMjXjVOSS6qGx

Request Chain 210

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=404E62E1963F4FDA82AB7672C4169A15&RedC=c.clarity.ms&MXFR=2149E3779B8D612B13A2F0719F8D6FEB HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=404E62E1963F4FDA82AB7672C4169A15&MUID=044D4C65E22961AB0EB85F63E3426035

236 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/ 135 KB
25 KB 455ms
432ms Document
text/html 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / WP Engine
Resource Hash: 1d062040841c8459896c9946963775e6983183f4b5a8f01e40ad5da0c0328022

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7c14fb89fc442ba6-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 03 May 2023 02:13:04 GMT
link: <https://cofense.com/wp-json/>; rel="https://api.w.org/" <https://cofense.com/wp-json/wp/v2/posts/100526>; rel="alternate"; type="application/json" <https://cofense.com/?p=100526>; rel=shortlink
server: cloudflare
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 5
x-cache-group: normal
x-cacheable: SHORT
x-pingback: https://cofense.com/xmlrpc.php
x-powered-by: WP Engine

GET
H2 200 css
fonts.googleapis.com/ 21 KB
1 KB 83ms
25ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Inter%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap

Requested by

Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

560abbd7d0555a1eaf630c3487f47ffdc097772b00227e5bfcb85aafcdcb3491

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 03 May 2023 01:25:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 May 2023 02:13:04 GMT

GET
H2 200 style.min.css
cofense.com/wp-includes/css/dist/block-library/ 93 KB
12 KB 288ms
266ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Apr 2023 20:40:39 GMT
server: cloudflare
etag: W/"644051c7-172a9"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfe052ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 classic-themes.min.css
cofense.com/wp-includes/css/ 217 B
227 B 300ms
278ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Apr 2023 20:40:39 GMT
server: cloudflare
etag: W/"644051c7-d9"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfe042ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 styles.css
cofense.com/wp-content/cache/min/1/wp-content/plugins/sitepress-multilingual-cms/dist/css/blocks/ 57 KB
7 KB 297ms
275ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/cache/min/1/wp-content/plugins/sitepress-multilingual-cms/dist/css/blocks/styles.css?ver=1683062895
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cc15bc3d3dda4e699624aae9727570dd1cb7cfa4535a074a453e1437e279d21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 May 2023 21:28:15 GMT
server: cloudflare
etag: W/"6451806f-e379"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfe032ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.min.css
cofense.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/ 908 B
383 B 502ms
482ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/style.min.css?ver=1
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22a79f1fbcc70373c7021bae2164d9232d1e9dd3c6a163df9f9f54070e5f6b50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Apr 2023 20:42:14 GMT
server: cloudflare
etag: W/"64405226-38c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cedce2ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.min.css
cofense.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/menu-item/ 258 B
211 B 280ms
261ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/menu-item/style.min.css?ver=1
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b9257e3e9c959214ddfab833a69a021ae6557403efe76afcbee259621175274

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Apr 2023 20:42:14 GMT
server: cloudflare
etag: W/"64405226-102"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cedcf2ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.css
cofense.com/wp-content/cache/min/1/wp-content/themes/cofense/ 8 KB
3 KB 224ms
204ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/cache/min/1/wp-content/themes/cofense/style.css?ver=1683062895
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3dfc3f03106f85ab56ceaadf44433f35cca4209d64922d50a1c650c90aa60ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 May 2023 21:28:15 GMT
server: cloudflare
etag: W/"6451806f-1fc3"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cedd02ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

/
cofense.com/
Redirect Chain

https://cofense.com/wp-content/themes/cofense/css/custom.css?ver=6.1.1
https://cofense.com/?ver=6.1.1

147 KB
27 KB

147ms
146ms

Stylesheet
text/html

141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/?ver=6.1.1
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H3
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / WP Engine
Resource Hash: 57bd8aad7f73b73ff23c5fd9c5e7a911548b5184f9a416041e72a1a0e6d3dbf9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
x-cache-group: normal
content-encoding: br
cf-cache-status: DYNAMIC
x-cacheable: SHORT
server: cloudflare
x-powered-by: WP Engine
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
x-cache: HIT: 10
content-type: text/html; charset=UTF-8
cache-control: max-age=600, must-revalidate
cf-ray: 7c14fb8e59231913-FRA
link: <https://cofense.com/wp-json/>; rel="https://api.w.org/", <https://cofense.com/wp-json/wp/v2/pages/4>; rel="alternate"; type="application/json", <https://cofense.com/>; rel=shortlink
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Wed, 03 May 2023 02:13:04 GMT
cf-cache-status: EXPIRED
server: cloudflare
vary: Accept-Encoding
content-type: text/html
location: https://cofense.com/?ver=6.1.1
cf-ray: 7c14fb8cedd22ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

/
cofense.com/
Redirect Chain

https://cofense.com/wp-content/themes/cofense/css/testing.css?ver=6.1.1
https://cofense.com/?ver=6.1.1

147 KB
27 KB

177ms
176ms

Stylesheet
text/html

141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/?ver=6.1.1
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H3
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / WP Engine
Resource Hash: 57bd8aad7f73b73ff23c5fd9c5e7a911548b5184f9a416041e72a1a0e6d3dbf9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
x-cache-group: normal
content-encoding: br
cf-cache-status: DYNAMIC
x-cacheable: SHORT
server: cloudflare
x-powered-by: WP Engine
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
x-cache: HIT: 11
content-type: text/html; charset=UTF-8
cache-control: max-age=600, must-revalidate
cf-ray: 7c14fb8fda801913-FRA
link: <https://cofense.com/wp-json/>; rel="https://api.w.org/", <https://cofense.com/wp-json/wp/v2/pages/4>; rel="alternate"; type="application/json", <https://cofense.com/>; rel=shortlink
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Wed, 03 May 2023 02:13:04 GMT
cf-cache-status: EXPIRED
server: cloudflare
vary: Accept-Encoding
content-type: text/html
location: https://cofense.com/?ver=6.1.1
cf-ray: 7c14fb8cedd32ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 elementor-icons.min.css
cofense.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/eicons/css/ 19 KB
4 KB 236ms
217ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=1683062895
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d08fa1906998435f62fea09b51c792ed9b1d93a9636efe4fa8981599c7de9419

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 May 2023 21:28:15 GMT
server: cloudflare
etag: W/"6451806f-4d2f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cedd42ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 frontend-lite.min.css
cofense.com/wp-content/plugins/elementor/assets/css/ 79 KB
11 KB 384ms
365ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.12.2
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2544474f9ccba4ce5f26230fea52abf96e3129f3a897daa9fd22a4d356658ad3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 May 2023 21:01:53 GMT
server: cloudflare
etag: W/"64517a41-13d75"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cedd52ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 swiper.min.css
cofense.com/wp-content/plugins/elementor/assets/lib/swiper/css/ 13 KB
2 KB 244ms
225ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/elementor/assets/lib/swiper/css/swiper.min.css?ver=5.3.6
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d622534d53d3ac1095af275f0b30274fcd835785577df2dde6d9398e6f7a2c8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Apr 2023 20:42:16 GMT
server: cloudflare
etag: W/"64405228-324c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cedd62ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 post-15.css
cofense.com/wp-content/uploads/elementor/css/ 6 KB
1 KB 233ms
214ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/uploads/elementor/css/post-15.css?ver=1683062891
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19b9088866f569df384674d08e7f4614b91d86d5849cb45e63257e6cb873102b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 May 2023 21:28:11 GMT
server: cloudflare
etag: W/"6451806b-19c5"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cedd72ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 frontend-lite.min.css
cofense.com/wp-content/plugins/elementor-pro/assets/css/ 9 KB
1 KB 241ms
222ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.12.2
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6023ba46fa2874c30c430e20e4be7ee1696ef0d3952987153236c061e855e8af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Apr 2023 20:42:16 GMT
server: cloudflare
etag: W/"64405228-235f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cedd82ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 post-100526.css
cofense.com/wp-content/uploads/elementor/css/ 134 B
193 B 244ms
225ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/uploads/elementor/css/post-100526.css?ver=1683062898
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca4b8bc30efe3bc477a4699a51c7ca0ba2cf24f24f02d3b861453a1aac7d0fb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 May 2023 21:28:18 GMT
server: cloudflare
etag: W/"64518072-86"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfdde2ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 post-93807.css
cofense.com/wp-content/uploads/elementor/css/ 3 KB
684 B 232ms
213ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/uploads/elementor/css/post-93807.css?ver=1683062891
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3c983227e71c4f8da7d9af830cde723a94fd1a3a712e666c1f389dfac405bb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 May 2023 21:28:11 GMT
server: cloudflare
etag: W/"6451806b-b4b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfddf2ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 post-1266.css
cofense.com/wp-content/uploads/elementor/css/ 19 KB
2 KB 247ms
228ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/uploads/elementor/css/post-1266.css?ver=1683062891
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 727a730eda79071d5f02ba91d752c3feed10e0cd63a9c042f298390c24f85236

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 May 2023 21:28:11 GMT
server: cloudflare
etag: W/"6451806b-4ba3"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfde02ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 post-1271.css
cofense.com/wp-content/uploads/elementor/css/ 16 KB
2 KB 232ms
214ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/uploads/elementor/css/post-1271.css?ver=1683062891
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0cbf6e774cef56a187b12fea61250b10a013df245ca8ed9c47bf3f18f8a7696b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 May 2023 21:28:11 GMT
server: cloudflare
etag: W/"6451806b-3e58"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfde12ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 post-1386.css
cofense.com/wp-content/uploads/elementor/css/ 12 KB
2 KB 239ms
221ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/uploads/elementor/css/post-1386.css?ver=1683062906
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f15d8a886aee04cacc028d53199d4313ea0a1a159e36577e478357620b327011

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 May 2023 21:28:26 GMT
server: cloudflare
etag: W/"6451807a-2fd5"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfde22ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 widget-styles.css
cofense.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/css/ 439 KB
51 KB 296ms
278ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css?ver=1683062895
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: aebf3a5076b724c0097b17849789e5b72ab7a54d91fae262585b0266c2670b23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 May 2023 21:28:15 GMT
server: cloudflare
etag: W/"6451806f-6db32"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfde52ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 responsive.css
cofense.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/css/ 30 KB
3 KB 230ms
212ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css?ver=1683062895
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73b2fdcf25aa909c7b0f072cf791066350ab834ca1d0d01ef096bb5583318213

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 May 2023 21:28:15 GMT
server: cloudflare
etag: W/"6451806f-764b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfde62ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 ecs-style.css
cofense.com/wp-content/cache/min/1/wp-content/plugins/ele-custom-skin/assets/css/ 6 KB
1 KB 271ms
253ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/cache/min/1/wp-content/plugins/ele-custom-skin/assets/css/ecs-style.css?ver=1683062895
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8cbc49b1385bf29debe95333f04795a6e3a2cf218d88b415b29872d06491fd1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 May 2023 21:28:15 GMT
server: cloudflare
etag: W/"6451806f-19b2"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfde72ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 post-1444.css
cofense.com/wp-content/uploads/elementor/css/ 2 KB
493 B 301ms
283ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/uploads/elementor/css/post-1444.css?ver=1678361574
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09db71dcf500dadf710b4fde01c4af2839d9055c18de62b3de0b7ba590e880ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 May 2023 21:28:37 GMT
server: cloudflare
etag: W/"64518085-88c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfde82ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 post-1462.css
cofense.com/wp-content/uploads/elementor/css/ 2 KB
727 B 236ms
218ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/uploads/elementor/css/post-1462.css?ver=1671033592
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b89b6165327872066d09bf529b6f131b238a193e71a8ab9108b2ea40ae92d3f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 May 2023 21:28:37 GMT
server: cloudflare
etag: W/"64518085-88b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfde92ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 post-86702.css
cofense.com/wp-content/uploads/elementor/css/ 902 B
384 B 50ms
33ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/uploads/elementor/css/post-86702.css?ver=1666612343
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6eafef48033bf87526b129f8f292a7ea8b943988241b3abefe94d3a95668ac8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 13 Feb 2023 22:38:32 GMT
server: cloudflare
age: 6714614
etag: W/"63eabbe8-386"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfdea2ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 post-86773.css
cofense.com/wp-content/uploads/elementor/css/ 2 KB
511 B 302ms
285ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/uploads/elementor/css/post-86773.css?ver=1666885690
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bacd426460574c0fc84822fd3846441f1040b4374c8350d67271049bd29fc6d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 May 2023 21:28:37 GMT
server: cloudflare
etag: W/"64518085-7ae"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfdeb2ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 post-94275.css
cofense.com/wp-content/uploads/elementor/css/ 1 KB
355 B 75ms
58ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/uploads/elementor/css/post-94275.css?ver=1666870708
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ec717c896d0ca54e4536263e84f11f43a944ba2e04d2f5f1264f0acdc7beada

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 02 Mar 2023 22:16:47 GMT
server: cloudflare
age: 5251509
etag: W/"6401204f-45d"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfdec2ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 post-96442.css
cofense.com/wp-content/uploads/elementor/css/ 2 KB
541 B 292ms
274ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/uploads/elementor/css/post-96442.css?ver=1680173529
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb5b6c52c072488848fbe51554382a6bc0be26a315e7558aa5ad61df4433b2dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 May 2023 21:28:36 GMT
server: cloudflare
etag: W/"64518084-7ac"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfdee2ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 post-96443.css
cofense.com/wp-content/uploads/elementor/css/ 2 KB
512 B 301ms
283ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/uploads/elementor/css/post-96443.css?ver=1671639746
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fe59d88646876bb8dfb4a1a021b2dc2662b36bf175625eb3ecb89a3ae956937

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 May 2023 21:28:37 GMT
server: cloudflare
etag: W/"64518085-7ac"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfdef2ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 post-96445.css
cofense.com/wp-content/uploads/elementor/css/ 2 KB
556 B 294ms
277ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/uploads/elementor/css/post-96445.css?ver=1675169689
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44c68a4716777a09c291d971f91468c7e72dd2beadecd931aaea641758f4d726

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 May 2023 21:28:37 GMT
server: cloudflare
etag: W/"64518085-89c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfdf12ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 fontawesome.min.css
cofense.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 57 KB
12 KB 271ms
254ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Apr 2023 20:42:16 GMT
server: cloudflare
etag: W/"64405228-e238"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfdf22ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 solid.min.css
cofense.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 1 KB
431 B 262ms
245ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=1683062895
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc7e118b7e07217031d017282955569cb66891f527050135caadb2dd5779824f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 May 2023 21:28:15 GMT
server: cloudflare
etag: W/"6451806f-43a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfdf32ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 brands.min.css
cofense.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 1 KB
408 B 253ms
236ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=1683062895
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8449a28a151415d580be1dfd69056906199f1dd6ceb2c1b5edf61950ada9d13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 May 2023 21:28:15 GMT
server: cloudflare
etag: W/"6451806f-440"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfdf42ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
cofense.com/wp-includes/js/jquery/ 88 KB
31 KB 92ms
74ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 20 Jan 2023 17:56:18 GMT
server: cloudflare
age: 8820112
etag: W/"63cad5c2-15e54"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfe062ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery-migrate.min.js Show response
cofense.com/wp-includes/js/jquery/ 11 KB
4 KB 243ms
225ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Apr 2023 20:40:39 GMT
server: cloudflare
etag: W/"644051c7-2bd8"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfe072ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 language-cookie.js Show response
cofense.com/wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/ 226 B
210 B 300ms
282ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/language-cookie.js?ver=4.6.3
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71966cb221a057ee9313fb232e40c7a0a70d2e472909c3947f4878c8e195ad53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Apr 2023 20:42:14 GMT
server: cloudflare
etag: W/"64405226-e2"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfe092ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 ecs_ajax_pagination.js Show response
cofense.com/wp-content/plugins/ele-custom-skin/assets/js/ 4 KB
1 KB 49ms
31ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/ele-custom-skin/assets/js/ecs_ajax_pagination.js?ver=3.1.7
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95af163892829a3ef249441b70b2c8281b845edea4b24680d3326486861d6082

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 20 Jan 2023 17:57:59 GMT
server: cloudflare
age: 8820112
etag: W/"63cad627-ecb"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfe0b2ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 ecs.js Show response
cofense.com/wp-content/plugins/ele-custom-skin/assets/js/ 284 B
255 B 301ms
284ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/ele-custom-skin/assets/js/ecs.js?ver=3.1.7
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 566d4c5dfefc9c4d867e6bef080917a4273b4228731a8700e81f1763eae3d861

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Apr 2023 20:42:16 GMT
server: cloudflare
etag: W/"64405228-11c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfe0c2ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 zlo5wor.css
cofense.com/wp-content/cache/min/1/ 816 B
376 B 263ms
248ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/cache/min/1/zlo5wor.css?ver=1683062895
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c1a5c4b5574a4104a92b2e700e6f0fc5b001c4297ebc5a1e76d67b1fbeb1c2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 May 2023 21:28:15 GMT
server: cloudflare
etag: W/"6451806f-330"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfdf52ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 qualified.js Show response
js.qualified.com/ 309 KB
90 KB 441ms
414ms Script
text/javascript 2606:4700::6812:1005
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.qualified.com/qualified.js?token=H3wWDXLUxD4irieG

Requested by

Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1005 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10918b5df4cea65b050c491014c053e3c3e8c1dfe6cb2b956900f7b7c9bbb364

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:05 GMT
content-encoding: gzip
via: 1.1 spaces-router (e46a9e002bdb)
strict-transport-security: max-age=63072000; includeSubDomains
cf-cache-status: MISS
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: f057ecfa-0e5f-2548-6171-42e512e69ff5
pragma: no-cache
x-runtime: 0.015154
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"10918b5df4cea65b050c491014c053e3"
x-download-options: noopen
vary: Accept,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 7c14fb902f361da6-FRA
expires: Wed, 03 May 2023 06:13:04 GMT

GET
H2 200 widget-nav-menu.min.css
cofense.com/wp-content/plugins/elementor-pro/assets/css/ 26 KB
3 KB 274ms
258ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/elementor-pro/assets/css/widget-nav-menu.min.css
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 353eaf9cd4255f3251309ba9cc5d058be8d9590b503758a8e3ecd20ab4bcf385

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Apr 2023 20:42:16 GMT
server: cloudflare
etag: W/"64405228-67e4"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfdf62ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 widget-icon-list.min.css
cofense.com/wp-content/plugins/elementor/assets/css/ 10 KB
1 KB 233ms
218ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3ec56e30464585e5c2b664b8dd77525dd3bc5b3079be7d6dede18cd3f90da33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 May 2023 21:01:53 GMT
server: cloudflare
etag: W/"64517a41-26c1"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfdf72ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 widget-theme-elements.min.css
cofense.com/wp-content/plugins/elementor-pro/assets/css/ 10 KB
2 KB 458ms
443ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/elementor-pro/assets/css/widget-theme-elements.min.css
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f56d3a7bc4839a36d6f4abfe24bb127765368944424da8eae06c8d4c341852f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Apr 2023 20:42:16 GMT
server: cloudflare
etag: W/"64405228-26a4"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfdf82ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 widget-share-buttons.min.css
cofense.com/wp-content/plugins/elementor-pro/assets/css/ 30 KB
2 KB 239ms
224ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/elementor-pro/assets/css/widget-share-buttons.min.css
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c4f776577857d2790c51ab6e2be1209fb41e02cb77244a2d45e697c89c6a869

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Apr 2023 20:42:16 GMT
server: cloudflare
etag: W/"64405228-777b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfdf92ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 widget-posts.min.css
cofense.com/wp-content/plugins/elementor-pro/assets/css/ 14 KB
2 KB 244ms
229ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/elementor-pro/assets/css/widget-posts.min.css
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f8e9a0e558982ea8f5fb4b83f91e873ef02ea5a0396223560c20f17cfdf08c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Apr 2023 20:42:16 GMT
server: cloudflare
etag: W/"64405228-374b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfdfa2ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 post-9276.css
cofense.com/wp-content/uploads/elementor/css/ 5 KB
858 B 270ms
255ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/uploads/elementor/css/post-9276.css?ver=1683062891
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a7d5d0c9c86dc2db1249eee49e178e16885d04b41f20cab6e5ad4e5a51f89af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 May 2023 21:28:11 GMT
server: cloudflare
etag: W/"6451806b-12e5"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfdfb2ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 post-9277.css
cofense.com/wp-content/uploads/elementor/css/ 5 KB
726 B 278ms
261ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/uploads/elementor/css/post-9277.css?ver=1683062891
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b6282f417900055c604419822eb0ff788d325f23c9eca94146e3086177e8f0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 May 2023 21:28:11 GMT
server: cloudflare
etag: W/"6451806b-15ce"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfdfc2ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 post-9907.css
cofense.com/wp-content/uploads/elementor/css/ 3 KB
508 B 254ms
238ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/uploads/elementor/css/post-9907.css?ver=1683062891
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3e04a15bb017b906d4834cb5da6e3ea409b5da37a0cd9cec4b62a496f8560a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 May 2023 21:28:11 GMT
server: cloudflare
etag: W/"6451806b-a0d"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfdfd2ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 post-94175.css
cofense.com/wp-content/uploads/elementor/css/ 3 KB
519 B 278ms
262ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/uploads/elementor/css/post-94175.css?ver=1683062891
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5cc98a7681a840c7940cf675360a0def2ffacf2ea52b046ce5354a9ee873dd8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 May 2023 21:28:11 GMT
server: cloudflare
etag: W/"6451806b-a1e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfdfe2ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 post-94173.css
cofense.com/wp-content/uploads/elementor/css/ 3 KB
507 B 296ms
280ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/uploads/elementor/css/post-94173.css?ver=1683062892
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: eaf3fbeb37e264707dd55409d3e8729dbbf6fdc39536e3961c59ec0a4ebad5f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 May 2023 21:28:12 GMT
server: cloudflare
etag: W/"6451806c-a1e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfdff2ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 regular.min.css
cofense.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 1 KB
438 B 289ms
274ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=1683062906
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f42fa1fe21c3cdf7ccfa09bfb44d1325bd3713e1ddb82e661e2c28002eef957

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 May 2023 21:28:26 GMT
server: cloudflare
etag: W/"6451807a-442"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfe002ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 post-96724.css
cofense.com/wp-content/uploads/elementor/css/ 6 KB
1 KB 286ms
271ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/uploads/elementor/css/post-96724.css?ver=1683062892
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: edb409aebe8f4b88021a0c7c6b60abc2cfa4463f794b2429708cf3294681d0fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 May 2023 21:28:12 GMT
server: cloudflare
etag: W/"6451806c-18d4"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfe012ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 animations.min.css
cofense.com/wp-content/plugins/elementor/assets/lib/animations/ 18 KB
3 KB 266ms
251ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.12.2
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Apr 2023 20:42:17 GMT
server: cloudflare
etag: W/"64405229-4824"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfe022ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 lazysizes.min.js Show response
cofense.com/wp-content/plugins/ewww-image-optimizer/includes/ 14 KB
5 KB 258ms
242ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/ewww-image-optimizer/includes/lazysizes.min.js?ver=693
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c05a1108c176130e9dff2f6a5ebdb60be1c3e17b5a8f83de35b29f44fb109434

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Apr 2023 20:42:16 GMT
server: cloudflare
etag: W/"64405228-3860"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfe0d2ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 navigation.js Show response
cofense.com/wp-content/themes/cofense/js/ 3 KB
1 KB 457ms
442ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/themes/cofense/js/navigation.js?ver=1.0.0
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ee0654259fda0bbfeab4305b895e740659613080d90352bd36c1452fd426ef6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Apr 2023 20:42:13 GMT
server: cloudflare
etag: W/"64405225-ba4"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfe0e2ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 frontend-script.js Show response
cofense.com/wp-content/plugins/elementskit-lite/libs/framework/assets/js/ 40 B
114 B 289ms
274ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js?ver=2.8.7
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8166c5475df6a64ab2456e95f64564164ed697d258e8bfed8cebca40efd6fa5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
cf-cache-status: MISS
last-modified: Wed, 19 Apr 2023 20:42:16 GMT
server: cloudflare
etag: "64405228-28"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7c14fb8cfe0f2ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40

GET
H2 200 widget-scripts.js Show response
cofense.com/wp-content/plugins/elementskit-lite/widgets/init/assets/js/ 134 KB
37 KB 278ms
264ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js?ver=2.8.7
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdaa4c91b5bc3dd4ce8e1345b453844dd414602022a182ce2853d87bd4b9a9d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Apr 2023 20:42:16 GMT
server: cloudflare
etag: W/"64405228-2193f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfe102ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 heartbeat.js Show response
cofense.com/wp-content/plugins/wp-rocket/assets/js/ 0
99 B 288ms
273ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/wp-rocket/assets/js/heartbeat.js?ver=3.13.1
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
cf-cache-status: MISS
last-modified: Wed, 19 Apr 2023 20:42:13 GMT
server: cloudflare
etag: "64405225-0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7c14fb8cfe112ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 jquery.smartmenus.min.js Show response
cofense.com/wp-content/plugins/elementor-pro/assets/lib/smartmenus/ 25 KB
7 KB 273ms
258ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 533e264cc615ee4601da8d2c1dee4a8987319e53d4d7162272f067fbbf250020

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Apr 2023 20:42:16 GMT
server: cloudflare
etag: W/"64405228-6272"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfe122ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 imagesloaded.min.js Show response
cofense.com/wp-includes/js/ 5 KB
2 KB 255ms
240ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Apr 2023 20:40:39 GMT
server: cloudflare
etag: W/"644051c7-15fd"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfe142ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 webpack-pro.runtime.min.js Show response
cofense.com/wp-content/plugins/elementor-pro/assets/js/ 5 KB
2 KB 243ms
228ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.12.2
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c25c69a7a6a306d5868a2575e620ce102688db2fc8a1c7e156a483819c3442df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Apr 2023 20:42:16 GMT
server: cloudflare
etag: W/"64405228-156d"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfe152ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 webpack.runtime.min.js Show response
cofense.com/wp-content/plugins/elementor/assets/js/ 5 KB
2 KB 270ms
256ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.12.2
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7e9892e66464b9c939f81878a76b28761697e4a9b9252ce7c43fedcb95c94e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 May 2023 21:01:52 GMT
server: cloudflare
etag: W/"64517a40-135e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfe162ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 frontend-modules.min.js Show response
cofense.com/wp-content/plugins/elementor/assets/js/ 41 KB
13 KB 473ms
459ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.12.2
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 987b2e5ba1d940ccf76e74235a3339ce993b29a81c7a67599157c3a5640be710

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 May 2023 21:01:52 GMT
server: cloudflare
etag: W/"64517a40-a530"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfe172ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 regenerator-runtime.min.js Show response
cofense.com/wp-includes/js/dist/vendor/ 6 KB
2 KB 244ms
230ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Apr 2023 20:40:39 GMT
server: cloudflare
etag: W/"644051c7-194b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfe182ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 wp-polyfill.min.js Show response
cofense.com/wp-includes/js/dist/vendor/ 17 KB
7 KB 253ms
239ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Apr 2023 20:40:39 GMT
server: cloudflare
etag: W/"644051c7-459f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfe192ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 hooks.min.js Show response
cofense.com/wp-includes/js/dist/ 5 KB
2 KB 262ms
248ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Apr 2023 20:40:39 GMT
server: cloudflare
etag: W/"644051c7-132e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfe1a2ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 i18n.min.js Show response
cofense.com/wp-includes/js/dist/ 10 KB
4 KB 243ms
229ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01c3955df67a9b9d1367957e2c187729eae46b72e92c2b52bdb217b14a8fc874

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Apr 2023 20:40:39 GMT
server: cloudflare
etag: W/"644051c7-27f6"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfe1b2ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 frontend.min.js Show response
cofense.com/wp-content/plugins/elementor-pro/assets/js/ 24 KB
7 KB 263ms
250ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.12.2
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c90a7fc6246ec21f98e1a36d6293792e10d9ecbdffdf1a21cbe5336fe6e093c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Apr 2023 20:42:16 GMT
server: cloudflare
etag: W/"64405228-5f3c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfe1c2ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 waypoints.min.js Show response
cofense.com/wp-content/plugins/elementor/assets/lib/waypoints/ 12 KB
3 KB 267ms
254ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Apr 2023 20:42:16 GMT
server: cloudflare
etag: W/"64405228-2fa6"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfe1d2ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 core.min.js Show response
cofense.com/wp-includes/js/jquery/ui/ 21 KB
7 KB 257ms
244ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Apr 2023 20:40:39 GMT
server: cloudflare
etag: W/"644051c7-53c0"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfe1e2ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 frontend.min.js Show response
cofense.com/wp-content/plugins/elementor/assets/js/ 40 KB
12 KB 275ms
262ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.12.2
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fa18b1ec5d3e9b4c089118323819e51e6674e4756fbcd1de4e86ef58a3dba31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 May 2023 21:01:52 GMT
server: cloudflare
etag: W/"64517a40-9e8f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfe202ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 elements-handlers.min.js Show response
cofense.com/wp-content/plugins/elementor-pro/assets/js/ 29 KB
7 KB 284ms
271ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.12.2
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9165c88416ea35b8ddb5575606ccceed0eb12b8f898b171dbbcb305cb56b77d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Apr 2023 20:42:16 GMT
server: cloudflare
etag: W/"64405228-73c3"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfe212ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 animate-circle.js Show response
cofense.com/wp-content/plugins/elementskit-lite/widgets/init/assets/js/ 810 B
486 B 291ms
279ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/elementskit-lite/widgets/init/assets/js/animate-circle.js?ver=2.8.7
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8667a50fdab17dd946e43e37c6fd1623583b9440bdca887e44cc726e48feedaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Apr 2023 20:42:16 GMT
server: cloudflare
etag: W/"64405228-32a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfe222ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 elementor.js Show response
cofense.com/wp-content/plugins/elementskit-lite/widgets/init/assets/js/ 18 KB
5 KB 264ms
252ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/elementskit-lite/widgets/init/assets/js/elementor.js?ver=2.8.7
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51445b2ccc8f515394b4750bd52fbc74089c3e894ec552a64fbc85c71a766f49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Apr 2023 20:42:16 GMT
server: cloudflare
etag: W/"64405228-4932"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfe232ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery.sticky.min.js Show response
cofense.com/wp-content/plugins/elementor-pro/assets/lib/sticky/ 4 KB
2 KB 270ms
258ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.12.2
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34bbd1c367ffc7d80fcff86c7e5f8777e70f4911bb324e8ecfc7dd3604a96e68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Apr 2023 20:42:16 GMT
server: cloudflare
etag: W/"64405228-e89"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb8cfe242ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 lazyload.min.js Show response
cofense.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/ 9 KB
3 KB 175ms
175ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Apr 2023 20:42:13 GMT
server: cloudflare
etag: W/"64405225-22bc"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb910b601913-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 p.css
p.typekit.net/ 5 B
195 B 37ms
7ms Stylesheet
text/css 2a02:26f0:3500:16::215:1494
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=zlo5wor&ht=tk&f=26014&a=103167865&app=typekit&e=css
Requested by: Host: cofense.com
URL: https://cofense.com/wp-content/cache/min/1/zlo5wor.css?ver=1683062895
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1494 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

unused62: 8096267
date: Wed, 03 May 2023 02:13:04 GMT
last-modified: Sat, 16 Oct 2021 08:18:43 GMT
server: nginx
etag: "616a8ae3-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 299 KB
98 KB 69ms
28ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5RQ37KH

Requested by

Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e1900199e55042170a326de0d99bea54f8988fd6a6fa3b6fc50fa7ba03b3224d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 99456
x-xss-protection: 0
last-modified: Wed, 03 May 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 03 May 2023 02:13:04 GMT

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13ba7d85cedf2d5b14f9091119f9067689bdc33edde1d37a654787d416fbca34

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f980a1f721b3ab441d00032ffd031a7b017de2677262608a1db5b15b4c40d0a4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e517a35c5f569958a934efcb143bdbb42f9f3b8cdd11442aed95bf45716007f2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 NETWORKHEADERBG-1.png
cofense.com/wp-content/uploads/2022/06/ 61 KB
61 KB 224ms
223ms Image
image/png 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cofense.com/wp-content/uploads/2022/06/NETWORKHEADERBG-1.png
Requested by: Host: cofense.com
URL: https://cofense.com/wp-content/uploads/elementor/css/post-1386.css?ver=1683062906
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a878495e0cd07bbe654d5ca09dd53707b0349b326c229393df27696e92e255c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/wp-content/uploads/elementor/css/post-1386.css?ver=1683062906
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:05 GMT
cf-cache-status: MISS
last-modified: Wed, 19 Apr 2023 20:40:46 GMT
server: cloudflare
etag: "644051ce-f3bf"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7c14fb917bb51913-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 62399

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 37 KB
38 KB 88ms
24ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cofense.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 06:05:37 GMT
x-content-type-options: nosniff
age: 331647
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37924
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 06:05:37 GMT

GET Inter-Medium.ttf
cofense2022stg.wpengine.com/wp-content/uploads/2022/05/ 0
0

GET
H3 200 fa-solid-900.woff2
cofense.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 76 KB
77 KB 193ms
192ms Font
font/woff2 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
Requested by: Host: cofense.com
URL: https://cofense.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=1683062895
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Request headers

Referer: https://cofense.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=1683062895
Origin: https://cofense.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:05 GMT
cf-cache-status: MISS
last-modified: Wed, 19 Apr 2023 20:42:16 GMT
server: cloudflare
etag: "64405228-13174"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7c14fb917bbb1913-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78196

GET
H3 200 fa-brands-400.woff2
cofense.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 75 KB
75 KB 31ms
30ms Font
font/woff2 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
Requested by: Host: cofense.com
URL: https://cofense.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=1683062895
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af

Request headers

Referer: https://cofense.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=1683062895
Origin: https://cofense.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
cf-cache-status: HIT
last-modified: Tue, 31 Jan 2023 21:55:43 GMT
server: cloudflare
age: 7836195
etag: "63d98e5f-12bdc"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7c14fb917bbc1913-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 76764

GET
H3 200 dialog.min.js Show response
cofense.com/wp-content/plugins/elementor/assets/lib/dialog/ 10 KB
4 KB 24ms
23ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
Requested by: Host: cofense.com
URL: https://cofense.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.12.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b936db5880aa9b6b2f26a8d32fc2b689fb75f69d971b94194f16dba801221ffe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 31 Jan 2023 21:55:43 GMT
server: cloudflare
age: 7837092
etag: W/"63d98e5f-29ba"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb920c211913-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 nav-menu.bb5cce0a50480cdf695d.bundle.min.js Show response
cofense.com/wp-content/plugins/elementor-pro/assets/js/ 4 KB
2 KB 202ms
202ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/elementor-pro/assets/js/nav-menu.bb5cce0a50480cdf695d.bundle.min.js
Requested by: Host: cofense.com
URL: https://cofense.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.12.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20280595985bfe8723e6a8b824a408c97fcd7fdad4aa43c6f5698e362e3c0ecf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Apr 2023 20:42:16 GMT
server: cloudflare
etag: W/"64405228-fcd"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb922c391913-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 text-editor.2c35aafbe5bf0e127950.bundle.min.js Show response
cofense.com/wp-content/plugins/elementor/assets/js/ 1 KB
883 B 18ms
17ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
Requested by: Host: cofense.com
URL: https://cofense.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.12.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4cb709013e7082e102d1018d3885c0932dfe3b93bcada40c8e646db2a29e5ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 31 Jan 2023 21:55:43 GMT
server: cloudflare
age: 7836196
etag: W/"63d98e5f-550"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb925c521913-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 share-buttons.0bdd88c45462dfb2b073.bundle.min.js Show response
cofense.com/wp-content/plugins/elementor-pro/assets/js/ 1 KB
805 B 429ms
429ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/elementor-pro/assets/js/share-buttons.0bdd88c45462dfb2b073.bundle.min.js
Requested by: Host: cofense.com
URL: https://cofense.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.12.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb93bfea259cfe6d3866424ade56cc5f7bf4a20a7401afd0e92a8b4f7a1dc176

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Apr 2023 20:42:16 GMT
server: cloudflare
etag: W/"64405228-4bd"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb927c741913-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 load-more.c9f6aac03af905f4e206.bundle.min.js Show response
cofense.com/wp-content/plugins/elementor-pro/assets/js/ 5 KB
2 KB 240ms
240ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/elementor-pro/assets/js/load-more.c9f6aac03af905f4e206.bundle.min.js
Requested by: Host: cofense.com
URL: https://cofense.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.12.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac92aaff24689c5564bc27efe3907bee71c2d40952fc1f906f942c8c74e609cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Apr 2023 20:42:16 GMT
server: cloudflare
etag: W/"64405228-15eb"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb927c791913-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 posts.e33113a212454e383747.bundle.min.js Show response
cofense.com/wp-content/plugins/elementor-pro/assets/js/ 3 KB
1 KB 149ms
148ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/elementor-pro/assets/js/posts.e33113a212454e383747.bundle.min.js
Requested by: Host: cofense.com
URL: https://cofense.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.12.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b91783d1ed81625b2a4200c4992518f23f74ff73f0f7fdc60b4bc8fe6b93abae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Apr 2023 20:42:16 GMT
server: cloudflare
etag: W/"64405228-cfd"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb927c7a1913-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 6si.min.js Show response
j.6sc.co/ 33 KB
11 KB 34ms
7ms Script
application/javascript 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

12ce92cc3c4eb9d74f48e9a10eb919bdf30bbdc5ccf9843c6543fec302dec54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 02:13:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 04 Apr 2023 21:13:35 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "642c92ff-8319"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 10492
expires: Wed, 03 May 2023 02:13:05 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 31ms
8ms Script
application/x-javascript 2a02:26f0:480:f::213:7edd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5RQ37KH

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=54200
accept-ranges: bytes
content-length: 4777

GET
H2 403 lt-v3.js
lltrck.com/scripts/ 0
0 325ms
107ms Script
text/html 52.73.0.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://lltrck.com/scripts/lt-v3.js?llid=19612
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.0.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-0-225.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2 200 2Uq3HoQoVZEHgHXXf288 Show response
ws.zoominfo.com/pixel/ 3 KB
2 KB 182ms
161ms Script
text/javascript 2606:4700::6810:650c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/2Uq3HoQoVZEHgHXXf288

Requested by

Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:650c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

a396845a4a008a48121c0338c5222b513542607ee1336a1067849335fc55bc35

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7c14fb92fcd8365b-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 25ms
9ms Script
application/x-javascript 104.102.38.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.38.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-38-132.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 03 May 2023 02:13:05 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H2 200 oktrk.js Show response
static.oktopost.com/ 9 KB
4 KB 55ms
15ms Script
application/javascript 18.165.183.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.oktopost.com/oktrk.js
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.183.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-183-96.zrh55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 09016600a13dd4825b72516765a8da53d1ab896f7582c4619d014e8ee147ea84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 05:14:52 GMT
content-encoding: gzip
via: 1.1 fa2f998214db1c6c6bdb96ceff3ce5d8.cloudfront.net (CloudFront)
last-modified: Mon, 27 Jan 2020 09:47:41 GMT
server: AmazonS3
x-amz-cf-pop: ZRH55-P1
age: 75496
etag: W/"57315c24d6fec75c4d46a8cc3fa6e0d5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: RRu3LjsIRLmwdjWKpPQBTyqEbdA6G-WdKzVWRCa9o1FMIXy_shju3Q==

GET
H2 200 28krvx2uf9n3.js Show response
js.driftt.com/include/1683080100000/ 221 KB
63 KB 422ms
405ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1683080100000/28krvx2uf9n3.js

Requested by

Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

8989f87b90cacdbca5875bdfbed7dd3c3f2acee982b9353c04d86e8c123906c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:05 GMT
x-amz-version-id: x8TZ8iebDtxhM0duvZHFnO4hbRoyqYO1
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 27
last-modified: Fri, 28 Apr 2023 19:39:03 GMT
server: istio-envoy
etag: W/"1aa02cf06cb1a631ba2d08d343214ad7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4-lM4j4k_kg4OwT4b0-i5uAeEfbUKitf5u3bJBbcMBq3N4ovrytu3Q==

GET
H2 200 tracking.js Show response
trk.techtarget.com/ 3 KB
2 KB 50ms
31ms Script
text/javascript 2606:4700::6812:c9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trk.techtarget.com/tracking.js
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c9f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:05 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 15:01:39 GMT
server: cloudflare
age: 317
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1200
cf-ray: 7c14fb92f9ac360a-FRA
expires: Wed, 03 May 2023 02:17:48 GMT

GET
H2 200 ed9ggbnvvo Show response
www.clarity.ms/tag/ 1 KB
2 KB 140ms
100ms Script
application/x-javascript 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/ed9ggbnvvo?ref=gtm2
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 752ce5e5fae8efec288935f5df2e4c254db3bfec4c079c667f81b9b083c59668

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: application/x-javascript
date: Wed, 03 May 2023 02:13:04 GMT
cache-control: no-cache, no-store
expires: -1
x-azure-ref: 0McNRZAAAAADTMJ0X23CYQ7tFohk9jhUMRlJBMzFFREdFMDMxMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 265 KB
87 KB 33ms
32ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3G76T4W3LR&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5RQ37KH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

875b376bb5b649f12579434228d401f77424d925aa4f8f753b2f858794150918

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88808
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 03 May 2023 02:13:05 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 79ms
12ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5RQ37KH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 03 May 2023 01:05:04 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 4081
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Wed, 03 May 2023 03:05:04 GMT

GET
H3 200 cofense.png
cofense.com/wp-content/uploads/2022/06/ 4 KB
4 KB 138ms
134ms Image
image/png 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cofense.com/wp-content/uploads/2022/06/cofense.png
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bca3153792e728edf2e4d182e5140b8877cb477241f1e17dad040ac3ef3672f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:05 GMT
cf-cache-status: MISS
last-modified: Wed, 19 Apr 2023 20:40:47 GMT
server: cloudflare
etag: "644051cf-fc4"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7c14fb933cf01913-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4036

GET
H3 200 Blog-Post-JanuaryTrends-1200x627-1-768x401.jpg
cofense.com/wp-content/uploads/2023/02/ 41 KB
41 KB 198ms
195ms Image
image/jpeg 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cofense.com/wp-content/uploads/2023/02/Blog-Post-JanuaryTrends-1200x627-1-768x401.jpg
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8a46cd56aa98433412fb840a57631c907906215d146cd8d0ea3ce417662b301

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:05 GMT
cf-cache-status: MISS
last-modified: Wed, 19 Apr 2023 20:40:42 GMT
server: cloudflare
etag: "644051ca-a23c"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7c14fb933cf21913-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41532

GET
H3 200 cofense-forrester-landscape-report-768x402.png
cofense.com/wp-content/uploads/2023/02/ 222 KB
222 KB 170ms
166ms Image
image/png 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cofense.com/wp-content/uploads/2023/02/cofense-forrester-landscape-report-768x402.png
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc963ec675a47c9549e8fa57d49a196bfa1faea63135a4cee881f68ccde88037

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:05 GMT
cf-cache-status: MISS
last-modified: Wed, 19 Apr 2023 20:40:42 GMT
server: cloudflare
etag: "644051ca-37738"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7c14fb933cf31913-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 227128

GET
H3 200 Blog-Post-Earthquake-1200x628-1-768x402.jpg
cofense.com/wp-content/uploads/2023/02/ 38 KB
38 KB 148ms
143ms Image
image/jpeg 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cofense.com/wp-content/uploads/2023/02/Blog-Post-Earthquake-1200x628-1-768x402.jpg
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef95e055a869e0da0233ad796b7090126244c80e15cf0a4b8d29f7a44d70065a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:05 GMT
cf-cache-status: MISS
last-modified: Wed, 19 Apr 2023 20:40:42 GMT
server: cloudflare
etag: "644051ca-9832"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7c14fb933cf41913-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38962

GET
H/1.1 200
OK getuidj Show response
secure.adnxs.com/ 11 B
817 B 64ms
12ms XHR
application/json 185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 May 2023 02:13:05 GMT
AN-X-Request-Uuid: 9548ed28-1d6b-47e4-869b-486c45f7c22d
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://cofense.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 178.162.209.142; 178.162.209.142; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
199 B 16ms
7ms XHR
text/html 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-208.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:05 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://cofense.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 23 B
311 B 64ms
2ms XHR
text/html 2a02:26f0:6c00::210:bb58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bb58 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 131196ee656b5b8a789a1d317d426fa1061e385dcfe7430645319a9e19adbe86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 02:13:05 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://cofense.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2a00:c98:2050:a007:2::2
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467522_34650964_14485671_22_789_6_0";dur=1
content-length: 23
expires: Wed, 03 May 2023 02:13:05 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
199 B 14ms
7ms XHR
text/html 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-208.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:05 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://cofense.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 23 B
311 B 64ms
3ms XHR
text/html 2a02:26f0:6c00::210:bb58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bb58 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 131196ee656b5b8a789a1d317d426fa1061e385dcfe7430645319a9e19adbe86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 02:13:05 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://cofense.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2a00:c98:2050:a007:2::2
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467522_34650964_14485672_22_793_6_0";dur=1
content-length: 23
expires: Wed, 03 May 2023 02:13:05 GMT

GET
H2 200 gif.gif Show response
ibc-flow.techtarget.com/a/ 43 B
470 B 122ms
121ms XHR
image/gif 34.111.208.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=17654763&r=1683079985190&ref=https%3A%2F%2Fcofense.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F&version=2.4
Requested by: Host: trk.techtarget.com
URL: https://trk.techtarget.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.208.111.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

ibc_rate_tier: 17654763
Referer: https://cofense.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:05 GMT
via: 1.1 google
x-guploader-uploadid: ADPycdv3QyyLKXLXXItwe6uXOncIwOE_SZcT8bKnCWpGwNr507udOee9LFbi1hakcNH9zIy0pDv0mVRHehEiKbanvU2NbcTstkXI
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
last-modified: Thu, 08 Dec 2022 21:19:29 GMT
server: nginx/1.20.2
etag: "fc94fb0c3ed8a8f909dbc7630a0987ff"
vary: Origin
x-goog-generation: 1670534369365034
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=7uenZA==, md5=/JT7DD7YqPkJ28djCgmH/w==
cache-control: public, max-age=3600
access-control-allow-methods: GET, POST, OPTIONS
x-goog-stored-content-length: 43
accept-ranges: bytes
access-control-allow-headers: ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
expires: Wed, 03 May 2023 03:13:05 GMT

OPTIONS
H2 200 gif.gif
ibc-flow.techtarget.com/a/ Frame 0
0 164ms
101ms Preflight
text/html 34.111.208.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=17654763&r=1683079985190&ref=https%3A%2F%2Fcofense.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F&version=2.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.208.111.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: ibc_rate_tier
Access-Control-Request-Method: GET
Origin: https://cofense.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers: ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 03 May 2023 02:13:05 GMT
expires: Wed, 03 May 2023 02:13:05 GMT
server: nginx/1.20.2
vary: Origin
via: 1.1 google
x-guploader-uploadid: ADPycdu8ipJorGnR29wo7D9zz-gBNdCM_VTaKyj5sFcxRd8Vf2JfjLVzqF-l3y1cYyrFe-RwPW6Cx4I6irXoJuqFg45Xpdu1fJUz

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ 11 KB
5 KB 9ms
8ms Script
application/x-javascript 104.102.38.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.38.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-38-132.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 03 May 2023 02:13:05 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Fri, 11 Aug 2023 02:13:05 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/300721/domain/cofense.com/ 36 B
376 B 77ms
21ms XHR
application/json 2600:9000:2127:c400:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/300721/domain/cofense.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:c400:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://cofense.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:02:01 GMT
content-encoding: gzip
via: 1.1 91afcef6d5c7e90d0a4bb2c3a456c690.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 664
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: cSJ_ON-4R757zW7ADtC_6Hfaxw8JnBQyId6b8O8bZifh_KLC5UWrug==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=300721&time=1683079985201&url=https%3A%2F%2Fcofense.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surp...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D300721%26time%3D1683079985201%26url%3Dhttps%253A%252F%252Fcofense.com%252Fblog%25...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=300721&time=1683079985201&url=https%3A%2F%2Fcofense.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surp...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=300721&time=1683079985201&url=https%3A%2F%2Fcofense.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-sur...

0
265 B

169ms
148ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=300721&time=1683079985201&url=https%3A%2F%2Fcofense.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F&tm=gtmv2&liSync=true&e_ipv6=AQKn6RVOFh4grwAAAYffYnn2VCyj2Vh5zgOExxkIbhX8g9WJmXNHFl9O9UC0c7eVMjXjVOSS6qGx
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:05 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 342F8045766B4F01906EEBB2B74B8DE4 Ref B: FRAEDGE1221 Ref C: 2023-05-03T02:13:05Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX6wJiu/+LAoUm5JLe5+w==

Redirect headers

date: Wed, 03 May 2023 02:13:05 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: B849181F3C134E389EF3AD89E5EE18D9 Ref B: FRAEDGE1217 Ref C: 2023-05-03T02:13:05Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=300721&time=1683079985201&url=https%3A%2F%2Fcofense.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F&tm=gtmv2&liSync=true&e_ipv6=AQKn6RVOFh4grwAAAYffYnn2VCyj2Vh5zgOExxkIbhX8g9WJmXNHFl9O9UC0c7eVMjXjVOSS6qGx
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX6wJisTzLFQh97oSt6hQ==

GET
H2 200 ping Show response
okt.to/ 0
100 B 332ms
115ms Script
text/javascript 34.200.97.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://okt.to/ping?uri=%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F&aid=001shx33p56dsdg&ts=1683079985204

Requested by

Host: static.oktopost.com
URL: https://static.oktopost.com/oktrk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.200.97.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-97-200.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:05 GMT
strict-transport-security: max-age=31536000;
content-type: text/javascript;charset=UTF-8

POST
H2 204 collect
region1.analytics.google.com/g/ 0
251 B 54ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-3G76T4W3LR&gtm=45je3510&_p=2095862328&_gaz=1&cid=626954754.1683079985&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1683079985&sct=1&seg=0&dl=https%3A%2F%2Fcofense.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F&dt=Malicious%20email%20campaigns%20abusing%20Telegram%20bots%20rise%20tremendously%20in%20Q1%202023%2C%20surpassing%20all%20of%202022%20by%20310%25&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3G76T4W3LR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 02:13:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cofense.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 67ms
22ms Ping
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3G76T4W3LR&cid=626954754.1683079985&gtm=45je3510&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3G76T4W3LR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 02:13:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cofense.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 69ms
26ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3G76T4W3LR&cid=626954754.1683079985&gtm=45je3510&aip=1&z=963986113

Requested by

Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 02:13:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
492 B 213ms
203ms Image
image/gif 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=b253130e4accad98012a3abe3f4b4c7a&svisitor=null&visitor=6f752a9c-c12e-4bb1-8cac-17b085cfc4e1&session=2527a92d-724b-43f1-8d82-91026344ed04&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Wed%2C%2003%20May%202023%2002%3A13%3A05%20GMT%22%2C%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2003%20May%202023%2002%3A13%3A05%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22b253130e4accad98012a3abe3f4b4c7a%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2003%20May%202023%2002%3A13%3A05%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableRetargeting%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2003%20May%202023%2002%3A13%3A05%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2003%20May%202023%2002%3A13%3A05%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2003%20May%202023%2002%3A13%3A05%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22b253130e4accad98012a3abe3f4b4c7a%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2003%20May%202023%2002%3A13%3A05%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2003%20May%202023%2002%3A13%3A05%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%22a9e769d7d96a596f969b9dc5023033e21a69bf40%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2003%20May%202023%2002%3A13%3A05%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22%5Btrue%2Cnull%2C3%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2003%20May%202023%2002%3A13%3A05%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22Q1%20of%202023%20was%20filled%20with%20many%20updates%20and%20changes%20to%20the%20major%20malware%20families%20used%20in%20phishing%20scams%2C%20as%20well%20as%20several%20notable%20deviations%20in%20tactics%2C%20techniques%2C%20and%20procedures%20(TTPs).%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Malicious%20email%20campaigns%20abusing%20Telegram%20bots%20rise%20tremendously%20in%20Q1%202023%2C%20surpassing%20all%20of%202022%20by%20310%25%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fcofense.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F&pageViewId=18abd5c6-de35-4b9b-877c-47dab010508a&an_uid=0

Requested by

Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:05 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 210ms
202ms Image
image/gif 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=b253130e4accad98012a3abe3f4b4c7a&svisitor=null&visitor=6f752a9c-c12e-4bb1-8cac-17b085cfc4e1&session=2527a92d-724b-43f1-8d82-91026344ed04&event=ipv6&q=%7B%22address%22%3A%222a00%3Ac98%3A2050%3Aa007%3A2%3A%3A2%22%7D&isIframe=false&m=%7B%22description%22%3A%22Q1%20of%202023%20was%20filled%20with%20many%20updates%20and%20changes%20to%20the%20major%20malware%20families%20used%20in%20phishing%20scams%2C%20as%20well%20as%20several%20notable%20deviations%20in%20tactics%2C%20techniques%2C%20and%20procedures%20(TTPs).%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Malicious%20email%20campaigns%20abusing%20Telegram%20bots%20rise%20tremendously%20in%20Q1%202023%2C%20surpassing%20all%20of%202022%20by%20310%25%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fcofense.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F&pageViewId=18abd5c6-de35-4b9b-877c-47dab010508a&an_uid=0

Requested by

Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:05 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.6/ 56 KB
19 KB 16ms
10ms Script
application/javascript 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.6/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/ed9ggbnvvo?ref=gtm2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e63cf738c3a577e286765aaa9de59ed4300f6bf8b5d34773d131afd3da456b9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:04 GMT
content-encoding: br
last-modified: Tue, 02 May 2023 07:38:27 GMT
x-azure-ref-originshield: 0z2hRZAAAAACrYaxs/KrsT5/hARi5CCnQRlJBMjMxMDUwNDE4MDI1ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag: "0x8DB4AE03816A99C"
x-azure-ref: 0McNRZAAAAAAofyNxSgPnSobXDV95UzmbRlJBMzFFREdFMDMxMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: TCP_HIT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 6a32416b-601e-000d-42d4-7ce60f000000
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
accept-ranges: bytes

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 22ms
20ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-114787942-1&cid=626954754.1683079985&jid=1530059643&gjid=1098224855&_gid=2044981464.1683079985&_u=YCDAgUABAAAAAEAAI~&z=606541436

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cofense.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 03 May 2023 02:13:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cofense.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 14ms
13ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&aip=1&a=2095862328&t=pageview&_s=1&dl=https%3A%2F%2Fcofense.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F&ul=en-us&de=UTF-8&dt=Malicious%20email%20campaigns%20abusing%20Telegram%20bots%20rise%20tremendously%20in%20Q1%202023%2C%20surpassing%20all%20of%202022%20by%20310%25&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgUABAAAAAAAAI~&jid=1530059643&gjid=1098224855&cid=626954754.1683079985&tid=UA-114787942-1&_gid=2044981464.1683079985&gtm=45He3510n815RQ37KH&z=1107378083

Requested by

Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 May 2023 04:54:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 76692
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 details Show response
epsilon.6sense.com/v3/company/ 756 B
585 B 41ms
21ms XHR
application/json 35.156.45.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.45.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-45-170.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 86f9e3057da154cc86ff4556447d78f991a29eaab9a088508c5266343f6aad4d

Request headers

Referer: https://cofense.com/
accept-language: de-DE,de;q=0.9
Authorization: Token a9e769d7d96a596f969b9dc5023033e21a69bf40
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:05 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://cofense.com
access-control-allow-credentials: true
content-length: 403

OPTIONS
H2 200 details
epsilon.6sense.com/v3/company/ Frame 0
0 31ms
10ms Preflight 35.156.45.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.45.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-45-170.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://cofense.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://cofense.com
access-control-max-age: 1800
date: Wed, 03 May 2023 02:13:05 GMT
server: nginx

GET
H3 200 Blog-Post-JanuaryTrends-1200x627-1-1024x535.jpg
cofense.com/wp-content/uploads/2023/02/ 60 KB
60 KB 185ms
184ms Image
image/jpeg 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cofense.com/wp-content/uploads/2023/02/Blog-Post-JanuaryTrends-1200x627-1-1024x535.jpg
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e849270262c5dcd47384033f3124d1348a1cd243339f5ba806199e58f5b18d5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:05 GMT
cf-cache-status: MISS
last-modified: Wed, 19 Apr 2023 20:40:42 GMT
server: cloudflare
etag: "644051ca-f059"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7c14fb949def1913-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 61529

POST
H/1.1 200
OK visitWebPage
404-jhu-612.mktoresp.com/webevents/ 2 B
318 B 379ms
96ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://404-jhu-612.mktoresp.com/webevents/visitWebPage?_mchNc=1683079985379&_mchCn=&_mchId=404-JHU-612&_mchTk=_mch-cofense.com-1683079985377-81626&_mchHo=cofense.com&_mchPo=&_mchRu=%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 03 May 2023 02:13:05 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 73b18604-6983-4efc-b90b-d0d6c43d2536

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 74ms
26ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-114787942-1&cid=626954754.1683079985&jid=1530059643&_u=YCDAgUABAAAAAEAAI~&z=249418711

Requested by

Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 02:13:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 28ms
27ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-114787942-1&cid=626954754.1683079985&jid=1530059643&_u=YCDAgUABAAAAAEAAI~&z=249418711

Requested by

Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 02:13:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 share-link.min.js Show response
cofense.com/wp-content/plugins/elementor/assets/lib/share-link/ 3 KB
1 KB 134ms
133ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.12.2
Requested by: Host: cofense.com
URL: https://cofense.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.12.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 138154c0deed3326477b9b4909175101070a5a3a95342291b53d8cc9879a5f47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Apr 2023 20:42:16 GMT
server: cloudflare
etag: W/"64405228-a3c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c14fb953ea41913-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
BLOB 200
OK a9bc4a58-96d4-4f68-9d87-7f8a414d2df4
https://cofense.com/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://cofense.com/a9bc4a58-96d4-4f68-9d87-7f8a414d2df4
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length: 43
Content-Type: image/gif

POST
H/1.1 204
No Content collect Show response
q.clarity.ms/ 0
291 B 480ms
286ms XHR
text/plain 20.231.53.73
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://q.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.6/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.231.53.73 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://cofense.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://cofense.com
Date: Wed, 03 May 2023 02:13:05 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H/1.1 200
OK messenger Show response
app.qualified.com/w/1/H3wWDXLUxD4irieG/ Frame E26C 5 KB
2 KB 333ms
123ms Document
text/html 3.222.81.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.qualified.com/w/1/H3wWDXLUxD4irieG/messenger?uuid=e1e7246a-3783-475c-833e-42f370b17d46

Requested by

Host: js.qualified.com
URL: https://js.qualified.com/qualified.js?token=H3wWDXLUxD4irieG

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

3.222.81.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-222-81-88.compute-1.amazonaws.com

Software

nginx /

Resource Hash

fef5e81d55d2e0ac7bae2e1ed3fc8299691b8d5006aca269c8fcf308bd9a2865

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cofense.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, private, must-revalidate
Content-Encoding: gzip
Content-Length: 1643
Content-Security-Policy
Content-Type: text/html; charset=utf-8
Date: Wed, 03 May 2023 02:13:06 GMT
Etag: W/"fef5e81d55d2e0ac7bae2e1ed3fc8299"
Link: <https://assets.qualified.com/packs/css/vendors~widget/sandboxed/messenger-94e6eccc.chunk.css>; rel=preload; as=style; nopush,<https://assets.qualified.com/packs/css/widget/sandboxed/messenger-84a66aeb.chunk.css>; rel=preload; as=style; nopush
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx
Strict-Transport-Security: max-age=63072000; includeSubDomains
Vary: Accept-Encoding
Via: 1.1 spaces-router (e46a9e002bdb)
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 1d8a9813-7302-929a-7931-c78613fda30e
X-Runtime: 0.021234
X-Xss-Protection: 1; mode=block

GET
H2 200 core Show response
js.driftt.com/ Frame C0B0 2 KB
1 KB 117ms
116ms Document
text/html 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=e2c19a7e-2e5e-4674-a774-182dc3b73543&sessionStarted=1683079985.831&campaignRefreshToken=a900e136-6d5d-4597-892a-8017618a2e2d&hideController=false&pageLoadStartTime=1683079984116&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1683080100000/28krvx2uf9n3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e2a0c716824375ab3b6ba3d71119d6ea8658ec6d3afbe6efa8e49b07cc1e858b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cofense.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 03 May 2023 02:13:05 GMT
etag: W/"d24683eab735beaadd07b2ec060ce6d9"
last-modified: Fri, 28 Apr 2023 19:38:52 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-id: 5Cl5VnZMy0OTdgXb8WoAxaUlRTB-tuyYK42MJdB1rcE7uGOishq3Rg==
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-amz-version-id: Tj4_13N0iwCYRl75UDfc15zCZqfNJI.x
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 14

GET
H2 200 chat Show response
js.driftt.com/core/ Frame 3F1F 2 KB
1 KB 118ms
117ms Document
text/html 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683079984116

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1683080100000/28krvx2uf9n3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e2a0c716824375ab3b6ba3d71119d6ea8658ec6d3afbe6efa8e49b07cc1e858b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cofense.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 03 May 2023 02:13:05 GMT
etag: W/"d24683eab735beaadd07b2ec060ce6d9"
last-modified: Fri, 28 Apr 2023 19:38:52 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-id: 6SoSLZ-2P-B9X5kSKQkjt9LfrHeq7Yj-FWPrWrk-USoH7t9mg1PW7A==
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-amz-version-id: Tj4_13N0iwCYRl75UDfc15zCZqfNJI.x
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 17

GET
H2 200 runtime~main.288ca7cf.js Show response
js.driftt.com/core/assets/js/ Frame C0B0 6 KB
3 KB 8ms
7ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=e2c19a7e-2e5e-4674-a774-182dc3b73543&sessionStarted=1683079985.831&campaignRefreshToken=a900e136-6d5d-4597-892a-8017618a2e2d&hideController=false&pageLoadStartTime=1683079984116&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

a3986521f7e895cf3175098026f4471920366f5b3d3d1d0299a3c710a779e2ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=e2c19a7e-2e5e-4674-a774-182dc3b73543&sessionStarted=1683079985.831&campaignRefreshToken=a900e136-6d5d-4597-892a-8017618a2e2d&hideController=false&pageLoadStartTime=1683079984116&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 19:38:51 GMT
x-amz-version-id: RlY44XUgIyFaw723OVFcTKdHmmxqiGSD
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 369254
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 39
last-modified: Fri, 28 Apr 2023 19:33:24 GMT
server: istio-envoy
etag: W/"6d70ba943e02b1750bd44bdd0c539787"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: nUa2O6_fBFvCkqXKZ0bW-FNcuhCdeULTyG0M3vBKnzob8oheax7pvA==

GET
H2 200 10.f16292bd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C0B0 35 KB
13 KB 8ms
8ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.f16292bd.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

958a03c833d9116f7ab9a5ee503f7b0360b9291b268bfb77128a8f0e19238613

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=e2c19a7e-2e5e-4674-a774-182dc3b73543&sessionStarted=1683079985.831&campaignRefreshToken=a900e136-6d5d-4597-892a-8017618a2e2d&hideController=false&pageLoadStartTime=1683079984116&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 19:46:35 GMT
x-amz-version-id: vxCcv4zYAYLBWzoN3vV_gQ.FCbDVMFxs
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3479190
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 33
last-modified: Wed, 22 Mar 2023 19:45:36 GMT
server: istio-envoy
etag: W/"cdb5f42b656ab6b237aa50c24c0d8474"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ljbCa0uLEqN4SsI832_r1avAbbbZWRx3P7PFPYC8JjSbXCgT8FQb6A==

GET
H2 200 main~493df0b3.02edd878.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C0B0 7 KB
3 KB 9ms
8ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.02edd878.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

95245f488fc923a05392ac8ca5985ac00d44b0603ba7b987d103475181268d88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=e2c19a7e-2e5e-4674-a774-182dc3b73543&sessionStarted=1683079985.831&campaignRefreshToken=a900e136-6d5d-4597-892a-8017618a2e2d&hideController=false&pageLoadStartTime=1683079984116&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 08:47:48 GMT
x-amz-version-id: GeEu4y5ogkTLvG9nQWQR5SjDp.WHrJPZ
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2827517
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 42
last-modified: Fri, 31 Mar 2023 03:20:40 GMT
server: istio-envoy
etag: W/"552f770e8c42c3e418dbe498f587a82e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: pxP-7cElIoQ1Qu5wsO1J_XxEvOn9GJc4buYzWXqXcR3V0rdnOnL2KA==

GET
H2 200 runtime~main.288ca7cf.js Show response
js.driftt.com/core/assets/js/ Frame 3F1F 6 KB
3 KB 8ms
7ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683079984116

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

a3986521f7e895cf3175098026f4471920366f5b3d3d1d0299a3c710a779e2ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683079984116
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 19:38:51 GMT
x-amz-version-id: RlY44XUgIyFaw723OVFcTKdHmmxqiGSD
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 369254
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 39
last-modified: Fri, 28 Apr 2023 19:33:24 GMT
server: istio-envoy
etag: W/"6d70ba943e02b1750bd44bdd0c539787"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 2ZO7NmMsdkg7uGRgrCM_lAuojSqYEtrv5noaN0xD-EhF63tq5Ai1kg==

GET
H2 200 10.f16292bd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3F1F 35 KB
13 KB 8ms
8ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.f16292bd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683079984116

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

958a03c833d9116f7ab9a5ee503f7b0360b9291b268bfb77128a8f0e19238613

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683079984116
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 19:46:35 GMT
x-amz-version-id: vxCcv4zYAYLBWzoN3vV_gQ.FCbDVMFxs
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3479190
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 33
last-modified: Wed, 22 Mar 2023 19:45:36 GMT
server: istio-envoy
etag: W/"cdb5f42b656ab6b237aa50c24c0d8474"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Ol_apBKj36-rggffl1be16Bo9bXCCfzkEHBumNwmB_6aaDgEYx1wZg==

GET
H2 200 main~493df0b3.02edd878.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3F1F 7 KB
3 KB 9ms
9ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.02edd878.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683079984116

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

95245f488fc923a05392ac8ca5985ac00d44b0603ba7b987d103475181268d88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683079984116
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 08:47:48 GMT
x-amz-version-id: GeEu4y5ogkTLvG9nQWQR5SjDp.WHrJPZ
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2827517
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 42
last-modified: Fri, 31 Mar 2023 03:20:40 GMT
server: istio-envoy
etag: W/"552f770e8c42c3e418dbe498f587a82e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -euGDqldhI3bsJTjURlJPU9GZsnMK-LGfUn79DWS3szsmMxkbOdCKA==

GET
H2 200 52.b1edaf4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C0B0 23 KB
8 KB 9ms
4ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7cb58278c8f54a62c0afa6da0c67b3a45aad637a0bf614e9c0dd42b73cee266b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=e2c19a7e-2e5e-4674-a774-182dc3b73543&sessionStarted=1683079985.831&campaignRefreshToken=a900e136-6d5d-4597-892a-8017618a2e2d&hideController=false&pageLoadStartTime=1683079984116&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 01:53:48 GMT
x-amz-version-id: lxujLHLILbiou2pPIvSbvmgPaqeh.Vzu
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3197958
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 41
last-modified: Fri, 24 Mar 2023 15:27:32 GMT
server: istio-envoy
etag: W/"cd29b9bc973e48a7fcd0ee7153bdf03b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1dJMNhrUlnzIaeJ6G38rYsCWol6QmjTeEOpPvWpJY2UkotpEiF9fIg==

GET
H2 200 36.b49bf23f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C0B0 36 KB
10 KB 14ms
6ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/36.b49bf23f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c2b7a45d31339f18ed57fd095feca4da1b3fbab75a5afbc053957f6e8e1613a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=e2c19a7e-2e5e-4674-a774-182dc3b73543&sessionStarted=1683079985.831&campaignRefreshToken=a900e136-6d5d-4597-892a-8017618a2e2d&hideController=false&pageLoadStartTime=1683079984116&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 05:06:18 GMT
x-amz-version-id: Q4PwFrBFPFv3rKed2hELrYzow2Zuj9ZP
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2927208
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 31
last-modified: Wed, 29 Mar 2023 16:46:55 GMT
server: istio-envoy
etag: W/"4ae92c53ef226eb2a201fc855ccb7835"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: IBi4QoeutxP450xPeazvo6ppuA7S4GIizy6A4wx63b7H36kZcSs3Qg==

GET
H2 200 25.22647a55.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C0B0 32 KB
11 KB 15ms
7ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.22647a55.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

ec547a2f9fde5ce8e398da2810828ba3c30c641ce2761f5bf915225efb35f919

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=e2c19a7e-2e5e-4674-a774-182dc3b73543&sessionStarted=1683079985.831&campaignRefreshToken=a900e136-6d5d-4597-892a-8017618a2e2d&hideController=false&pageLoadStartTime=1683079984116&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 03:42:37 GMT
x-amz-version-id: XA_4ua4Mc1QdvybS1pWZjlgaFWs12iw1
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3882629
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 31
last-modified: Fri, 17 Mar 2023 17:38:17 GMT
server: istio-envoy
etag: W/"2ce6c446f71a395ff41647c9ba4b9c19"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ohhyJvmtTIrcxFnoTsKHnKmXYEBclh5ilyBFp5BumgOdgL4p1mAfMQ==

GET
H2 200 20.2ffef383.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C0B0 17 KB
6 KB 16ms
9ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.2ffef383.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

f46108976666130f89c43a82ee045f7a3afb264494060ef6b3d9eb6589e49d16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=e2c19a7e-2e5e-4674-a774-182dc3b73543&sessionStarted=1683079985.831&campaignRefreshToken=a900e136-6d5d-4597-892a-8017618a2e2d&hideController=false&pageLoadStartTime=1683079984116&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 00:35:31 GMT
x-amz-version-id: 6Bytm8AhFrZOtVi540MCYAzaNTefw5KL
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3461855
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 35
last-modified: Wed, 22 Mar 2023 19:45:36 GMT
server: istio-envoy
etag: W/"ec6e94b6cea3a27506634867a8009ded"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: GepfQ6v98MdswMBTBr5ngOy44bcdiFS6pAOa82yvfxiHdsIYTMP-CQ==

GET
H2 200 42.67956b13.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C0B0 25 KB
8 KB 17ms
10ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/42.67956b13.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

9d88866c6295ffc0cadaa1ccb951367e196737a413482176d5787b70aae04ef0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=e2c19a7e-2e5e-4674-a774-182dc3b73543&sessionStarted=1683079985.831&campaignRefreshToken=a900e136-6d5d-4597-892a-8017618a2e2d&hideController=false&pageLoadStartTime=1683079984116&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 08:47:48 GMT
x-amz-version-id: iy3lhWfWhugpxaPV1Myr6j1VGgCA5HIt
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2827518
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 54
last-modified: Fri, 31 Mar 2023 03:20:38 GMT
server: istio-envoy
etag: W/"d53cdfd4559700cfe085380882a8e897"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: SHws53vHaD08BKWF1e1wS202vi2QBcxgFAASVFKZO7O47HJJ7v9Z2w==

GET
H2 200 21.b3438b1b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C0B0 74 KB
23 KB 19ms
7ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.b3438b1b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

3169ab3142fbf3ecf7eee1b5682a4556ed8a3d4ba940befa71c31b5a43991d92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=e2c19a7e-2e5e-4674-a774-182dc3b73543&sessionStarted=1683079985.831&campaignRefreshToken=a900e136-6d5d-4597-892a-8017618a2e2d&hideController=false&pageLoadStartTime=1683079984116&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 07:18:02 GMT
x-amz-version-id: UXQvjOaV4cAuEvK3KPgjO_jLHWxz9qS_
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2573704
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 108
last-modified: Fri, 31 Mar 2023 03:20:37 GMT
server: istio-envoy
etag: W/"10e1bfa61646f14df045c581bc9410fd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: i_EwoHno0LEddPftExfVIBu_ZRTikPei1WehLO4d8UhxglZd7B6dnA==

GET
H2 200 27.3951aad8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C0B0 66 KB
20 KB 20ms
7ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/27.3951aad8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e8e658c81a7ff92a6e0f9049ee3a8fc42082e8303abb6ed44c73361259cbdbae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=e2c19a7e-2e5e-4674-a774-182dc3b73543&sessionStarted=1683079985.831&campaignRefreshToken=a900e136-6d5d-4597-892a-8017618a2e2d&hideController=false&pageLoadStartTime=1683079984116&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 23:37:41 GMT
x-amz-version-id: 26UTh.m4ArSpFKSrN66bvcz3uXZQ9UHl
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2255725
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 54
last-modified: Wed, 05 Apr 2023 19:06:49 GMT
server: istio-envoy
etag: W/"5b2b6d0508fe18c3efb6bcd6249fd4e1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _RlzPaqFBwW9gvVmGAZPsMSVI3sN6k101qu_Uql1WD10L8URD0RsPQ==

GET
H2 200 15.699b0dc7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C0B0 91 KB
28 KB 21ms
9ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.699b0dc7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

047d14c117d25e9e0a1a2ba3f4aa23a602d417fc7402294e484d20b19140ecf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=e2c19a7e-2e5e-4674-a774-182dc3b73543&sessionStarted=1683079985.831&campaignRefreshToken=a900e136-6d5d-4597-892a-8017618a2e2d&hideController=false&pageLoadStartTime=1683079984116&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 13:17:36 GMT
x-amz-version-id: cF.xMpCShLNVO58x3JtnZ0cwl5OG09zq
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3070530
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 78
last-modified: Mon, 27 Mar 2023 17:53:24 GMT
server: istio-envoy
etag: W/"43d1442a9d30453da9eaeb12b9daafff"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: F1PDjz0r4uPOWewHT1QatLes3dqRv4nlujkAUhSPX5_16U_DmDmAbA==

GET
H2 200 12.d33926cb.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C0B0 23 KB
7 KB 22ms
10ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/12.d33926cb.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

28816769ece0ee343025ff388216c645e175c92cce4db6bd812a321b1ad345c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=e2c19a7e-2e5e-4674-a774-182dc3b73543&sessionStarted=1683079985.831&campaignRefreshToken=a900e136-6d5d-4597-892a-8017618a2e2d&hideController=false&pageLoadStartTime=1683079984116&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 03:36:00 GMT
x-amz-version-id: RO4lA8yEDOZtfT2PvBv0Xiq3xw4.OB.v
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3883026
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 27
last-modified: Fri, 17 Mar 2023 17:38:17 GMT
server: istio-envoy
etag: W/"bdcb035523ec144399213aa65a8430ff"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: qq7yElwF0_N4hILqgdRMERgZHGKqKydXd7d6JE7YaxzChTH3NcLsJQ==

GET
H2 200 19.8e79a39a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C0B0 62 KB
20 KB 24ms
13ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.8e79a39a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b7c5d1d3e03d31b9b450c0aac2972f3aef995be2a69ec5ecfa6200c4a321ef40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=e2c19a7e-2e5e-4674-a774-182dc3b73543&sessionStarted=1683079985.831&campaignRefreshToken=a900e136-6d5d-4597-892a-8017618a2e2d&hideController=false&pageLoadStartTime=1683079984116&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 03:37:47 GMT
x-amz-version-id: aUjwhsxVenkczBcI0zYivT4naL6jgMgC
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2414119
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 60
last-modified: Tue, 04 Apr 2023 15:21:34 GMT
server: istio-envoy
etag: W/"c478a5bb4d7885e2b9250c6beeb4fd6d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: fIhEbq_H0GeZr_kLjmdjNBMd4-exu7ovlb7Bajak63QJL4O7I8EwPQ==

GET
H2 200 50.de3b5864.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C0B0 105 KB
34 KB 24ms
14ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/50.de3b5864.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c8c302716cf94980a0d77e614d9fb6c430f166b5ef7c42b7c382771955e52ba6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=e2c19a7e-2e5e-4674-a774-182dc3b73543&sessionStarted=1683079985.831&campaignRefreshToken=a900e136-6d5d-4597-892a-8017618a2e2d&hideController=false&pageLoadStartTime=1683079984116&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 02:49:27 GMT
x-amz-version-id: .Jp3H9IwroEnQF4Gakvu11ViwJAtAJzd
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3713018
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 63
last-modified: Mon, 20 Mar 2023 19:06:57 GMT
server: istio-envoy
etag: W/"114785899ceb423273fcc17aaad202e9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: RtNsP5hDeWVI5o1qp6Gm-Yat-sjO0k40P0dd_CJMd0OfQf6DRA0xng==

GET
H2 200 41.a1867ad4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C0B0 12 KB
4 KB 26ms
16ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/41.a1867ad4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d641c13a78017e11f15b152b78082bcd0cf474766f13ba649bfa6378d956c492

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=e2c19a7e-2e5e-4674-a774-182dc3b73543&sessionStarted=1683079985.831&campaignRefreshToken=a900e136-6d5d-4597-892a-8017618a2e2d&hideController=false&pageLoadStartTime=1683079984116&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 08:47:49 GMT
x-amz-version-id: JBBoCHQ25QjCrCSsnBK3xXQ0hh61rDKz
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2827517
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 25
last-modified: Fri, 31 Mar 2023 03:20:38 GMT
server: istio-envoy
etag: W/"299dd262bf32831c99dc78a9c5b5ca43"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 3Rkl--FmgR_JR68OAU1DsxWptfBqjfEVvyAawquRroSxoXF6QgRx3A==

GET
H2 200 30.57dfb56c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C0B0 13 KB
6 KB 26ms
17ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/30.57dfb56c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c96b2cd5b57e02ce65ab0a787a6c8ea69efbf424064e15500691847cd879e8ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=e2c19a7e-2e5e-4674-a774-182dc3b73543&sessionStarted=1683079985.831&campaignRefreshToken=a900e136-6d5d-4597-892a-8017618a2e2d&hideController=false&pageLoadStartTime=1683079984116&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 04:07:33 GMT
x-amz-version-id: 6i.Q9se5wwt8PhzEnxv9nt9k1hldMqUL
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2325933
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 35
last-modified: Wed, 05 Apr 2023 19:06:49 GMT
server: istio-envoy
etag: W/"b8addee34a5cd2241740a2e3094039b3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: FwVg_m-prVKHhGEFdO1GRUSNUyc0eNIbwVz23iQxHJlmOlPvEMwEpQ==

GET
H2 200 22.4cb40074.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C0B0 17 KB
7 KB 27ms
17ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.4cb40074.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

cdeb836f7f77cd2174fa0bb4aa3825963aa64faf657a24f988b82f1c4d28ce69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=e2c19a7e-2e5e-4674-a774-182dc3b73543&sessionStarted=1683079985.831&campaignRefreshToken=a900e136-6d5d-4597-892a-8017618a2e2d&hideController=false&pageLoadStartTime=1683079984116&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 01:13:18 GMT
x-amz-version-id: wITkTXOkJrHiVChAuzkmL_98MXQL9dkp
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3200388
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 38
last-modified: Fri, 24 Mar 2023 15:27:31 GMT
server: istio-envoy
etag: W/"6cf24f8ea74f43662c776ce6af09d469"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Da_7C4saVTNHvxli-CMdcuozd3_y0zAMLw_EffmiZMiRsvXHSmAWew==

GET
H2 200 9.b5c2854f.chunk.css
js.driftt.com/core/assets/css/ Frame C0B0 31 KB
4 KB 27ms
11ms Stylesheet
text/css 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/9.b5c2854f.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

178c7e0dd0c602d457b8d91dd18b916c3f4220794fccb6067cac187f0c753795

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=e2c19a7e-2e5e-4674-a774-182dc3b73543&sessionStarted=1683079985.831&campaignRefreshToken=a900e136-6d5d-4597-892a-8017618a2e2d&hideController=false&pageLoadStartTime=1683079984116&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 13:04:48 GMT
x-amz-version-id: LhcyJeU2kFf26i1b16YWESXZ4pGeN9QF
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2639298
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 40
last-modified: Wed, 29 Mar 2023 16:46:52 GMT
server: istio-envoy
etag: W/"9ef689f5d4cb5dab3b0e463418857c2f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Q5C2viwyKHcFD8jV8hM8tGAKHSZIuezKH3ZEZHDYTri9dLbT3ao-dw==

GET
H2 200 9.c3fb736e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C0B0 80 KB
25 KB 28ms
12ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.c3fb736e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

97835f51936631312648ce4198cd92c85beae9e09e3cdaff439c57ffccc5c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=e2c19a7e-2e5e-4674-a774-182dc3b73543&sessionStarted=1683079985.831&campaignRefreshToken=a900e136-6d5d-4597-892a-8017618a2e2d&hideController=false&pageLoadStartTime=1683079984116&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 15:53:54 GMT
x-amz-version-id: yjn0Mr9niEwveuUV6Ps9NwvZvY1Il2ab
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3406751
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 14
last-modified: Fri, 24 Mar 2023 15:27:33 GMT
server: istio-envoy
etag: W/"b4ca5f0ecc404e3c35769971c076a425"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: vSVDxCpeb3NE5S2yfBTXaMOYi0ItQfvteNdAiWGM1YwdLLqeVos2Rg==

GET
H2 200 17.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame C0B0 24 B
695 B 27ms
12ms Stylesheet
text/css 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/17.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=e2c19a7e-2e5e-4674-a774-182dc3b73543&sessionStarted=1683079985.831&campaignRefreshToken=a900e136-6d5d-4597-892a-8017618a2e2d&hideController=false&pageLoadStartTime=1683079984116&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 20:13:51 GMT
x-amz-version-id: eR0JFDWwyA3gsnd_XajqmmtDUbC85CBL
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P5
age: 8315955
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 22
content-length: 24
last-modified: Tue, 11 Oct 2022 19:09:27 GMT
server: istio-envoy
etag: "0c5dad92482d9a7c7c253510f5082465"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Fcf446zn1as1Yb6fo2F2626ZBlHOF47DICDhrOCTzVkueYUsYPOtpA==

GET
H2 200 17.81f008ad.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C0B0 91 KB
23 KB 28ms
13ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.81f008ad.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

ae3f6024712196dff7272f57c522e4048826b484f7336a97cc3e7f6f00d2d443

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=e2c19a7e-2e5e-4674-a774-182dc3b73543&sessionStarted=1683079985.831&campaignRefreshToken=a900e136-6d5d-4597-892a-8017618a2e2d&hideController=false&pageLoadStartTime=1683079984116&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 16:01:28 GMT
x-amz-version-id: pq2QZWEko7dMDbeq5q9U3.Qr6wYVodOo
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1246298
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 33
last-modified: Mon, 17 Apr 2023 18:50:41 GMT
server: istio-envoy
etag: W/"2c5463d20bb9c942f4cb26607893067b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 6Bkb-Hw8jkIVBwwDuunZQpVG2fXntgOjEgJcQRLutcZXdcNW3kMUHQ==

GET
H2 200 26.a55c1f38.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C0B0 50 KB
14 KB 29ms
14ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.a55c1f38.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7616b033adbe366f235d70696b659f554051c0e578508896aab0ff5b169491db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=e2c19a7e-2e5e-4674-a774-182dc3b73543&sessionStarted=1683079985.831&campaignRefreshToken=a900e136-6d5d-4597-892a-8017618a2e2d&hideController=false&pageLoadStartTime=1683079984116&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 19:38:51 GMT
x-amz-version-id: CLxBuTmXn3tjxxf_j0OncAOh499FdB3n
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 369254
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Fri, 28 Apr 2023 19:33:22 GMT
server: istio-envoy
etag: W/"89bd8cf777e065fa7ca75d777c943155"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: vvR8zrwAnwXa-0JQq8ZPi8MG3ZAaCPdF7bEzKMYWDw9jpuOmzdmZkg==

GET
H2 200 18.12d8d932.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C0B0 40 KB
13 KB 29ms
15ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.12d8d932.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

2ff2b9a5434137bda235f2847f5939dcd06977e5437ae82bfa197e00faabc6a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=e2c19a7e-2e5e-4674-a774-182dc3b73543&sessionStarted=1683079985.831&campaignRefreshToken=a900e136-6d5d-4597-892a-8017618a2e2d&hideController=false&pageLoadStartTime=1683079984116&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 19:38:51 GMT
x-amz-version-id: 51lzaeDhcNerEWUeOM6e5tRXtG.B7lli
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 369254
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Fri, 28 Apr 2023 19:33:21 GMT
server: istio-envoy
etag: W/"f8d07bd5dd786d7b8a311fde8e1e4859"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 8yiB10T3rvCkZ7aAw2VZ2Kv_CZv85EThqNHLg56MReuL8H-IerUASg==

GET
H2 200 52.b1edaf4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3F1F 23 KB
8 KB 30ms
17ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7cb58278c8f54a62c0afa6da0c67b3a45aad637a0bf614e9c0dd42b73cee266b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683079984116
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 01:53:48 GMT
x-amz-version-id: lxujLHLILbiou2pPIvSbvmgPaqeh.Vzu
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3197958
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 41
last-modified: Fri, 24 Mar 2023 15:27:32 GMT
server: istio-envoy
etag: W/"cd29b9bc973e48a7fcd0ee7153bdf03b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: OrJ6NCbQmjme8iXClb4xdIYpD35SN96DslU9URPkeCt5rQ9GKz5VOQ==

GET
H2 200 36.b49bf23f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3F1F 36 KB
10 KB 30ms
17ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/36.b49bf23f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c2b7a45d31339f18ed57fd095feca4da1b3fbab75a5afbc053957f6e8e1613a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683079984116
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 05:06:18 GMT
x-amz-version-id: Q4PwFrBFPFv3rKed2hELrYzow2Zuj9ZP
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2927208
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 31
last-modified: Wed, 29 Mar 2023 16:46:55 GMT
server: istio-envoy
etag: W/"4ae92c53ef226eb2a201fc855ccb7835"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 0Gk23AUiYSDvRZQJunEQ8R4086QCjdyRCUPQH2-B9PUsLJvDfvzZnw==

GET
H2 200 25.22647a55.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3F1F 32 KB
11 KB 31ms
18ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.22647a55.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

ec547a2f9fde5ce8e398da2810828ba3c30c641ce2761f5bf915225efb35f919

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683079984116
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 03:42:37 GMT
x-amz-version-id: XA_4ua4Mc1QdvybS1pWZjlgaFWs12iw1
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3882629
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 31
last-modified: Fri, 17 Mar 2023 17:38:17 GMT
server: istio-envoy
etag: W/"2ce6c446f71a395ff41647c9ba4b9c19"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: haqfO-2l_1N9JeuZ0LuqMwl3IrzgYbEtIdTXU3SADDFh5_1bB339YA==

GET
H2 200 20.2ffef383.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3F1F 17 KB
6 KB 31ms
19ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.2ffef383.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

f46108976666130f89c43a82ee045f7a3afb264494060ef6b3d9eb6589e49d16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683079984116
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 00:35:31 GMT
x-amz-version-id: 6Bytm8AhFrZOtVi540MCYAzaNTefw5KL
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3461855
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 35
last-modified: Wed, 22 Mar 2023 19:45:36 GMT
server: istio-envoy
etag: W/"ec6e94b6cea3a27506634867a8009ded"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: BSMiRebtYsoe0u8iFUYjrFMXmqBCV2qpPYNIWgxm6uT5bd8CHmEBKQ==

GET
H2 200 42.67956b13.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3F1F 25 KB
8 KB 32ms
19ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/42.67956b13.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

9d88866c6295ffc0cadaa1ccb951367e196737a413482176d5787b70aae04ef0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683079984116
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 08:47:48 GMT
x-amz-version-id: iy3lhWfWhugpxaPV1Myr6j1VGgCA5HIt
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2827518
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 54
last-modified: Fri, 31 Mar 2023 03:20:38 GMT
server: istio-envoy
etag: W/"d53cdfd4559700cfe085380882a8e897"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: pe2RHPduRiX7UVcM1NuXV56siGbPlRQn2KLWWNfYb45Umyuj5AUkFg==

GET
H2 200 21.b3438b1b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3F1F 74 KB
23 KB 32ms
20ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.b3438b1b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

3169ab3142fbf3ecf7eee1b5682a4556ed8a3d4ba940befa71c31b5a43991d92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683079984116
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 07:18:02 GMT
x-amz-version-id: UXQvjOaV4cAuEvK3KPgjO_jLHWxz9qS_
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2573704
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 108
last-modified: Fri, 31 Mar 2023 03:20:37 GMT
server: istio-envoy
etag: W/"10e1bfa61646f14df045c581bc9410fd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: GRWyIAWMDF2DOEnf0aUqdqHaH9qt6PZqFqMp-Y5rExcn6_TjClp70A==

GET
H2 200 27.3951aad8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3F1F 66 KB
20 KB 33ms
20ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/27.3951aad8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e8e658c81a7ff92a6e0f9049ee3a8fc42082e8303abb6ed44c73361259cbdbae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683079984116
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 23:37:41 GMT
x-amz-version-id: 26UTh.m4ArSpFKSrN66bvcz3uXZQ9UHl
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2255725
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 54
last-modified: Wed, 05 Apr 2023 19:06:49 GMT
server: istio-envoy
etag: W/"5b2b6d0508fe18c3efb6bcd6249fd4e1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5Jl_8akP6hQ-uqK5BDeUai76tr6sKwypIpSDso2rBhqghMkJqMczuQ==

GET
H2 200 15.699b0dc7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3F1F 91 KB
28 KB 33ms
21ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.699b0dc7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

047d14c117d25e9e0a1a2ba3f4aa23a602d417fc7402294e484d20b19140ecf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683079984116
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 13:17:36 GMT
x-amz-version-id: cF.xMpCShLNVO58x3JtnZ0cwl5OG09zq
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3070530
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 78
last-modified: Mon, 27 Mar 2023 17:53:24 GMT
server: istio-envoy
etag: W/"43d1442a9d30453da9eaeb12b9daafff"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -kDLC-v0MZcRoIBKB4MpXqIaH07pCo91V2A1SkhyNzteD4oGD-LYWQ==

GET
H2 200 12.d33926cb.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3F1F 23 KB
7 KB 34ms
22ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/12.d33926cb.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

28816769ece0ee343025ff388216c645e175c92cce4db6bd812a321b1ad345c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683079984116
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 03:36:00 GMT
x-amz-version-id: RO4lA8yEDOZtfT2PvBv0Xiq3xw4.OB.v
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3883026
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 27
last-modified: Fri, 17 Mar 2023 17:38:17 GMT
server: istio-envoy
etag: W/"bdcb035523ec144399213aa65a8430ff"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Qr9mLfVJvM7fZFIGuTOYxYPQixjierPsXWZsbUH2OSjUv8RTq2Af8g==

GET
H2 200 19.8e79a39a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3F1F 62 KB
20 KB 34ms
22ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.8e79a39a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b7c5d1d3e03d31b9b450c0aac2972f3aef995be2a69ec5ecfa6200c4a321ef40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683079984116
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 03:37:47 GMT
x-amz-version-id: aUjwhsxVenkczBcI0zYivT4naL6jgMgC
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2414119
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 60
last-modified: Tue, 04 Apr 2023 15:21:34 GMT
server: istio-envoy
etag: W/"c478a5bb4d7885e2b9250c6beeb4fd6d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: CCNcpqMLqnsk2e9JvumnX3Y-8lWmxpxAjAGdEVbIHGSx6PB9wUYeKw==

GET
H2 200 50.de3b5864.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3F1F 105 KB
34 KB 35ms
23ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/50.de3b5864.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c8c302716cf94980a0d77e614d9fb6c430f166b5ef7c42b7c382771955e52ba6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683079984116
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 02:49:27 GMT
x-amz-version-id: .Jp3H9IwroEnQF4Gakvu11ViwJAtAJzd
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3713018
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 63
last-modified: Mon, 20 Mar 2023 19:06:57 GMT
server: istio-envoy
etag: W/"114785899ceb423273fcc17aaad202e9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 0ExmDdEJES8uHh1GU8mZef_GGfYCzW-5DZn72EEW30PZsoQWK-c6rg==

GET
H2 200 41.a1867ad4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3F1F 12 KB
4 KB 36ms
24ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/41.a1867ad4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d641c13a78017e11f15b152b78082bcd0cf474766f13ba649bfa6378d956c492

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683079984116
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 08:47:49 GMT
x-amz-version-id: JBBoCHQ25QjCrCSsnBK3xXQ0hh61rDKz
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2827517
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 25
last-modified: Fri, 31 Mar 2023 03:20:38 GMT
server: istio-envoy
etag: W/"299dd262bf32831c99dc78a9c5b5ca43"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: udBHd_Ak8SFpdK9YE4Ego-RyEjcnGFI3FYCwRjKO9QurHtDwGuwJ5w==

GET
H2 200 30.57dfb56c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3F1F 13 KB
6 KB 36ms
25ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/30.57dfb56c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c96b2cd5b57e02ce65ab0a787a6c8ea69efbf424064e15500691847cd879e8ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683079984116
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 04:07:33 GMT
x-amz-version-id: 6i.Q9se5wwt8PhzEnxv9nt9k1hldMqUL
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2325933
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 35
last-modified: Wed, 05 Apr 2023 19:06:49 GMT
server: istio-envoy
etag: W/"b8addee34a5cd2241740a2e3094039b3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: qLr_Ea5xGDUaO_QvTx4bSfaHktUVU8QJUwgcTTfOE4nLdLI7Olm2Ng==

GET
H2 200 22.4cb40074.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3F1F 17 KB
7 KB 37ms
26ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.4cb40074.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

cdeb836f7f77cd2174fa0bb4aa3825963aa64faf657a24f988b82f1c4d28ce69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683079984116
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 01:13:18 GMT
x-amz-version-id: wITkTXOkJrHiVChAuzkmL_98MXQL9dkp
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3200388
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 38
last-modified: Fri, 24 Mar 2023 15:27:31 GMT
server: istio-envoy
etag: W/"6cf24f8ea74f43662c776ce6af09d469"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1f3nfVxq3t41mDM1D4C_GDCwQhrX_sp51nOM_PJkUh8Bu5aSJ_1L3g==

GET
H2 200 9.b5c2854f.chunk.css
js.driftt.com/core/assets/css/ Frame 3F1F 31 KB
4 KB 26ms
16ms Stylesheet
text/css 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/9.b5c2854f.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

178c7e0dd0c602d457b8d91dd18b916c3f4220794fccb6067cac187f0c753795

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683079984116
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 13:04:48 GMT
x-amz-version-id: LhcyJeU2kFf26i1b16YWESXZ4pGeN9QF
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2639298
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 40
last-modified: Wed, 29 Mar 2023 16:46:52 GMT
server: istio-envoy
etag: W/"9ef689f5d4cb5dab3b0e463418857c2f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: yXPfmpU1Kn7mBPVFMh2i64H-skkcghSUqqNV9FhwcpQn3H3HqyUi9w==

GET
H2 200 9.c3fb736e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3F1F 80 KB
25 KB 37ms
27ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.c3fb736e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

97835f51936631312648ce4198cd92c85beae9e09e3cdaff439c57ffccc5c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683079984116
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 15:53:54 GMT
x-amz-version-id: yjn0Mr9niEwveuUV6Ps9NwvZvY1Il2ab
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3406751
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 14
last-modified: Fri, 24 Mar 2023 15:27:33 GMT
server: istio-envoy
etag: W/"b4ca5f0ecc404e3c35769971c076a425"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Ap54wHrndiTd6ghIJYqU-P3cWckp1nP-EJYrEyZA-Ss3l87b_prAYQ==

GET
H2 200 17.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 3F1F 24 B
696 B 36ms
26ms Stylesheet
text/css 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/17.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683079984116
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 20:13:51 GMT
x-amz-version-id: eR0JFDWwyA3gsnd_XajqmmtDUbC85CBL
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P5
age: 8315955
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 22
content-length: 24
last-modified: Tue, 11 Oct 2022 19:09:27 GMT
server: istio-envoy
etag: "0c5dad92482d9a7c7c253510f5082465"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: mQzW7_HyOtUV6lpQ1qhIIeRWM6Ks_bDVEt5gu-wL_FbgRrelpL3K2A==

GET
H2 200 17.81f008ad.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3F1F 91 KB
23 KB 38ms
27ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.81f008ad.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

ae3f6024712196dff7272f57c522e4048826b484f7336a97cc3e7f6f00d2d443

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683079984116
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 16:01:28 GMT
x-amz-version-id: pq2QZWEko7dMDbeq5q9U3.Qr6wYVodOo
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1246298
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 33
last-modified: Mon, 17 Apr 2023 18:50:41 GMT
server: istio-envoy
etag: W/"2c5463d20bb9c942f4cb26607893067b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: c-Cz9_sq-pYY-XLOtQAfb662RpfAr1QCYXMhuO4Lk-Z1mdzQp0H8rw==

GET
H2 200 26.a55c1f38.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3F1F 50 KB
14 KB 38ms
28ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.a55c1f38.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7616b033adbe366f235d70696b659f554051c0e578508896aab0ff5b169491db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683079984116
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 19:38:51 GMT
x-amz-version-id: CLxBuTmXn3tjxxf_j0OncAOh499FdB3n
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 369254
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Fri, 28 Apr 2023 19:33:22 GMT
server: istio-envoy
etag: W/"89bd8cf777e065fa7ca75d777c943155"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: KBzsLgF3yvFBJJT8boz7gk0yV1NR_oLuLV-ou9p6SN18PLi5llCSnw==

GET
H2 200 18.12d8d932.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3F1F 40 KB
13 KB 38ms
29ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.12d8d932.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

2ff2b9a5434137bda235f2847f5939dcd06977e5437ae82bfa197e00faabc6a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683079984116
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 19:38:51 GMT
x-amz-version-id: 51lzaeDhcNerEWUeOM6e5tRXtG.B7lli
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 369254
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Fri, 28 Apr 2023 19:33:21 GMT
server: istio-envoy
etag: W/"f8d07bd5dd786d7b8a311fde8e1e4859"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: o8b6yCRk0F1RdcI0kTUI9ZcPxNehBTeS3f_e8cL7Zlh32F3yfo0d8A==

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C0B0 9 KB
3 KB 8ms
7ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=e2c19a7e-2e5e-4674-a774-182dc3b73543&sessionStarted=1683079985.831&campaignRefreshToken=a900e136-6d5d-4597-892a-8017618a2e2d&hideController=false&pageLoadStartTime=1683079984116&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 07:22:55 GMT
x-amz-version-id: FbY0009UR6SM8SEWGeJjbUjChZiwlwq2
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3351011
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 63
last-modified: Fri, 24 Mar 2023 15:27:29 GMT
server: istio-envoy
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: GZexYhaAxRpfzgKCConQwfAr49bvKPw4t0Ly9Je28GG4s2Lj-iXc3g==

GET
H2 200 28.01a0fe87.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C0B0 35 KB
10 KB 9ms
9ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.01a0fe87.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

fffcc021124d70080ddd0c52562645c46e03ff39c924ced85c1bfd62cb8b8767

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=e2c19a7e-2e5e-4674-a774-182dc3b73543&sessionStarted=1683079985.831&campaignRefreshToken=a900e136-6d5d-4597-892a-8017618a2e2d&hideController=false&pageLoadStartTime=1683079984116&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 00:35:32 GMT
x-amz-version-id: 0rY7ZMxMJr4q1CTa8XKaYut.OrNqYUku
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3461854
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 36
last-modified: Wed, 22 Mar 2023 19:45:37 GMT
server: istio-envoy
etag: W/"0ad089f0617a0fa8014a23c2afa90ddd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Kp-RaiwJ0pPkBbZm0crzpCTfbjDthOUI8UQhIPJgWIrH5011V2eZdg==

GET
H2 200 29.9bf46b67.chunk.css
js.driftt.com/core/assets/css/ Frame C0B0 8 KB
2 KB 8ms
8ms Stylesheet
text/css 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/29.9bf46b67.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

4eda4b5575532ad6a713d3d9bbcde581c519d9b8d0202363925ddc80049eed6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=e2c19a7e-2e5e-4674-a774-182dc3b73543&sessionStarted=1683079985.831&campaignRefreshToken=a900e136-6d5d-4597-892a-8017618a2e2d&hideController=false&pageLoadStartTime=1683079984116&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 01:13:18 GMT
x-amz-version-id: popM32jgPZoTCgNMNJLFyK6uoaTcanKd
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3200388
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 60
last-modified: Fri, 24 Mar 2023 15:27:28 GMT
server: istio-envoy
etag: W/"4f21faf2ba450e5fcdf7eda90813e185"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: att_pWOfBxCgY3ifEn2CNyVL0aC0JhJFqBjtcY87rdRD58MMbbgZig==

GET
H2 200 29.98c2b316.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C0B0 14 KB
6 KB 9ms
9ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/29.98c2b316.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c6b2815294e64eb3d9e30955673ae3b60a486ae5b7dfcc7e48c0e2a4fe7301de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=e2c19a7e-2e5e-4674-a774-182dc3b73543&sessionStarted=1683079985.831&campaignRefreshToken=a900e136-6d5d-4597-892a-8017618a2e2d&hideController=false&pageLoadStartTime=1683079984116&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 18:08:56 GMT
x-amz-version-id: aizM0H1Fdw3zzppb3P2Ok7x7JUMOS1IQ
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3139450
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 37
last-modified: Mon, 27 Mar 2023 17:53:25 GMT
server: istio-envoy
etag: W/"6526b5009cc642f706e7156982e7429b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: o2EYQjP3EJ3fIiUCyj7w1SURI4Re3F4F9ct53u2mqYmt-HBh3pLVCQ==

GET
H2 200 23.c695453b.chunk.css
js.driftt.com/core/assets/css/ Frame C0B0 365 B
1 KB 10ms
9ms Stylesheet
text/css 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/23.c695453b.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=e2c19a7e-2e5e-4674-a774-182dc3b73543&sessionStarted=1683079985.831&campaignRefreshToken=a900e136-6d5d-4597-892a-8017618a2e2d&hideController=false&pageLoadStartTime=1683079984116&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 01:22:59 GMT
x-amz-version-id: .JKRl3M6v7IUb5gryZ10Srrtp7jvamtG
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P5
age: 3199807
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 41
content-length: 365
last-modified: Fri, 24 Mar 2023 15:27:28 GMT
server: istio-envoy
etag: "06b2963b029c0824382815165bfea73e"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: lFKRy6zOqNSWbFDmfeFksysk10I3eMvIGc189vzd8qMOrDHoyBOI2w==

GET
H2 200 23.ed4e6d8f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C0B0 91 KB
25 KB 10ms
10ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/23.ed4e6d8f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7c4cddc44e59d49ccbfdaf1b57cca9884b74ee1710671c7d9fa974e3fae6f507

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=e2c19a7e-2e5e-4674-a774-182dc3b73543&sessionStarted=1683079985.831&campaignRefreshToken=a900e136-6d5d-4597-892a-8017618a2e2d&hideController=false&pageLoadStartTime=1683079984116&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 16:38:37 GMT
x-amz-version-id: xN70QZOgyKQKNnP0o5N59vnLWimajx0E
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 552869
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Wed, 26 Apr 2023 15:35:22 GMT
server: istio-envoy
etag: W/"697b9f051ece7b5f2c5dbe85f673b6cd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: vV7zFYRJdMnqeNJ9U4Q6rMNd9TeD4Puw1pRSwUfURe3T4jEvKvDF8w==

GET
H2 200 38.11d2b6a7.chunk.css
js.driftt.com/core/assets/css/ Frame 3F1F 3 KB
1 KB 8ms
7ms Stylesheet
text/css 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/38.11d2b6a7.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683079984116
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 13:17:36 GMT
x-amz-version-id: LFPPxWsKM9buI7tNlxr2ORSmQyZS03tk
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3070530
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 29
last-modified: Mon, 27 Mar 2023 17:53:23 GMT
server: istio-envoy
etag: W/"87532c4db85f1429fa6d759bc3332f36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: uEWIRLdeink9qQudEBDVPsOCiJBusn5Y7jLfAEU9A-xjzy--Nng01g==

GET
H2 200 38.2c907ce3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3F1F 3 KB
2 KB 8ms
8ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/38.2c907ce3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

0c07bf805e857013386ec7ea2d26911aed5c827ee90e71a94188553c6d8ef337

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683079984116
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:46:57 GMT
x-amz-version-id: UxCT8aDYj_hNgM93MexUSctwVxa1i.5F
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4699569
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Thu, 09 Mar 2023 16:34:01 GMT
server: istio-envoy
etag: W/"ad63bf20f878fb64a363281ee85aa567"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Jf9q_LWNk2pyBgONljHbZb8QEi9pC7h35tCc3hOXI2jKHxmeVj2kDA==

GET
H2 200 messenger-94e6eccc.chunk.css
assets.qualified.com/packs/css/vendors~widget/sandboxed/ Frame E26C 35 KB
7 KB 24ms
17ms Stylesheet
text/css 2606:4700::6812:1005
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/css/vendors~widget/sandboxed/messenger-94e6eccc.chunk.css
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1005 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb3487cae40a55bf31dc6e6191ab0d88ec8c8f85c62bf28ad25ad0a40c16a611

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.qualified.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:06 GMT
x-amz-version-id: CR7RLVOSvN8A59.U_Z8vAhDQbuXMYHqb
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Jan 2023 23:05:35 GMT
server: cloudflare
x-amz-request-id: 90FWQHM1YN0C4AZ0
age: 4330
etag: W/"a788ecf510f83ee517cbaf79306145dd"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 7c14fb998ddf1da6-FRA
x-amz-id-2: rLqAcBUjCR5iItU2BmaSomv6EBclRN5fXi6l55J/N8krCig+rJdq2Kyy59scvA6+BkA5YO2cQj1KXQAiAsBZ5Q==
expires: Wed, 03 May 2023 06:13:06 GMT

GET
H2 200 messenger-84a66aeb.chunk.css
assets.qualified.com/packs/css/widget/sandboxed/ Frame E26C 5 KB
1 KB 20ms
14ms Stylesheet
text/css 2606:4700::6812:1005
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/css/widget/sandboxed/messenger-84a66aeb.chunk.css
Requested by: Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1005 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ec35ab99388f6afab345622a22772619b83b7d63705d98df3c404da782fcabb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.qualified.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:06 GMT
x-amz-version-id: RuQi5GOo1hqbX6GFZui6YyPZ0XQ1C5E6
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 87WCQR418JZVSXNA
age: 6518
x-amz-server-side-encryption: AES256
x-amz-id-2: iySJJL1mjeoq19kwudTNrL9KoNn+0HpEUspqVSrfJ3TtLUQvqZro1IgTbf/TVZSQMLn9j/zk3qk=
last-modified: Tue, 14 Mar 2023 23:12:27 GMT
server: cloudflare
etag: W/"22d5f23e695250d3c5a5b1e76a015c5e"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 7c14fb998dde1da6-FRA
expires: Wed, 03 May 2023 06:13:06 GMT

GET
H2 200 messenger~runtime-9f596ae36e72d0559165.js Show response
assets.qualified.com/packs/js/widget/sandboxed/ Frame E26C 2 KB
1 KB 14ms
14ms Script
application/javascript 2606:4700::6812:1005
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/js/widget/sandboxed/messenger~runtime-9f596ae36e72d0559165.js
Requested by: Host: app.qualified.com
URL: https://app.qualified.com/w/1/H3wWDXLUxD4irieG/messenger?uuid=e1e7246a-3783-475c-833e-42f370b17d46
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1005 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00d1bb6e3732ba80fd2540ac50cd0a39f341f4f7434696a5dd639a750aadf6cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.qualified.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:06 GMT
x-amz-version-id: AnO3q46S5cKBpVUwq5cc2hLrOibB4CMR
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 31TXCWX0QMPJP444
age: 687
x-amz-server-side-encryption: AES256
x-amz-id-2: H8raRIUwoyH5NVlXD7IR6re7ULEWmIosggZ0TeSTp/CNqDaP6xL6FiBJ+c8JoED98lGpppF/+mg=
last-modified: Tue, 02 May 2023 23:57:15 GMT
server: cloudflare
etag: W/"56fecdd8855151ddd4ea03fc7350df08"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 7c14fb999de51da6-FRA
expires: Wed, 03 May 2023 06:13:06 GMT

GET
H2 200 messenger-ace36fb1a48c20c99919.chunk.js Show response
assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/ Frame E26C 1 MB
342 KB 17ms
17ms Script
application/javascript 2606:4700::6812:1005
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-ace36fb1a48c20c99919.chunk.js
Requested by: Host: app.qualified.com
URL: https://app.qualified.com/w/1/H3wWDXLUxD4irieG/messenger?uuid=e1e7246a-3783-475c-833e-42f370b17d46
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1005 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7210a94d730f5eda5cfb3660b82ce7480f8ffae00e3b133a579df6a5f87e4a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.qualified.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:06 GMT
x-amz-version-id: MT96IMiP_xlhtbliUK70iyRV.jAhFG8o
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: VZZE26HJCRRJDGTB
age: 3468
x-amz-server-side-encryption: AES256
x-amz-id-2: V3LFr1HiwmzZTQnRlTXQpiZ/sKR5xH+znSE3GTQZfRR1244LqyuJOucN+K3pVk+2NQ/fsHYG9j7wF6n9UZzNKg==
last-modified: Mon, 01 May 2023 18:17:15 GMT
server: cloudflare
etag: W/"9a493c8464e9b1da3195a75384c028a1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 7c14fb999de61da6-FRA
expires: Wed, 03 May 2023 06:13:06 GMT

GET
H2 200 messenger-76b9684cdac38ea2f435.chunk.js Show response
assets.qualified.com/packs/js/widget-sandboxed-chunks/widget/sandboxed/ Frame E26C 572 KB
153 KB 18ms
17ms Script
application/javascript 2606:4700::6812:1005
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/widget/sandboxed/messenger-76b9684cdac38ea2f435.chunk.js
Requested by: Host: app.qualified.com
URL: https://app.qualified.com/w/1/H3wWDXLUxD4irieG/messenger?uuid=e1e7246a-3783-475c-833e-42f370b17d46
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1005 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7363e2164b270d71438825ae76c78cf3b1c47e51777aa7db4551c8d896e7daba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.qualified.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:06 GMT
x-amz-version-id: 0BdZOcZ9tJmkdqZGjfqHgZK23wM8rf5w
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 1AYAP19RM0VHFP03
age: 687
x-amz-server-side-encryption: AES256
x-amz-id-2: gNhtxMlsUgTdHraCOqmd+PgOLEI6uX5JYtzmJZ+afoKw1DqlA8P6Agf9vms9tJLZj5h8Kq1Ar6k=
last-modified: Tue, 02 May 2023 23:57:15 GMT
server: cloudflare
etag: W/"d5a6397e9b01a9a1c72e74c4164ee634"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 7c14fb99adf21da6-FRA
expires: Wed, 03 May 2023 06:13:06 GMT

GET
H2 200 Inter-Regular-c8ba52b05a9ef10f47584d08ece2ec5c.woff2
assets.qualified.com/packs/media/fonts/inter/ Frame E26C 97 KB
97 KB 36ms
15ms Font
font/woff2 2606:4700::6812:1105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/media/fonts/inter/Inter-Regular-c8ba52b05a9ef10f47584d08ece2ec5c.woff2
Requested by: Host: app.qualified.com
URL: https://app.qualified.com/w/1/H3wWDXLUxD4irieG/messenger?uuid=e1e7246a-3783-475c-833e-42f370b17d46
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6

Request headers

Referer: https://app.qualified.com/
Origin: https://app.qualified.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:06 GMT
x-amz-version-id: Ts0p7fbKsZIFu_VEk6HOvm9iYpTRKuos
cf-cache-status: HIT
x-amz-request-id: A014AXCH5HAYN619
age: 12529804
content-length: 98868
x-amz-id-2: IJ/hVgCs33ecZmS06+Ka+dHvpugbE2eU1ZCcp0I9amPp9Dk45jvq9GOwp+V0XScoH+qD8bPUljc=
last-modified: Thu, 08 Dec 2022 23:17:25 GMT
server: cloudflare
etag: "dc131113894217b5031000575d9de002"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 7c14fb99a9b29c10-FRA
expires: Thu, 02 May 2024 08:13:06 GMT

GET
H2 200 Inter-SemiBold-b5f0f109bc88052d4000c58ca615671d.woff2
assets.qualified.com/packs/media/fonts/inter/ Frame E26C 103 KB
104 KB 44ms
23ms Font
font/woff2 2606:4700::6812:1105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.qualified.com/packs/media/fonts/inter/Inter-SemiBold-b5f0f109bc88052d4000c58ca615671d.woff2
Requested by: Host: app.qualified.com
URL: https://app.qualified.com/w/1/H3wWDXLUxD4irieG/messenger?uuid=e1e7246a-3783-475c-833e-42f370b17d46
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 152261291c938aa5aad6a56d52b47ffcb893d1c0387e76d7f270a7382ff786d5

Request headers

Referer: https://app.qualified.com/
Origin: https://app.qualified.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:06 GMT
x-amz-version-id: ePBeoMCujYBxKBCWHO9COs36tHcpJSw9
cf-cache-status: HIT
x-amz-request-id: A01B2QDFTMXZH5PS
age: 12529804
content-length: 105804
x-amz-id-2: QrEATIdRG82StQ9vuCskL/XEsQIIMY+OzO15MGNTQIYZKmPGvaIhnxUF1uCukz9/QAqZn2UpPyU=
last-modified: Thu, 08 Dec 2022 23:17:25 GMT
server: cloudflare
etag: "007ad31a53f4ab3f58ee74f2308482ce"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 7c14fb99a9b49c10-FRA
expires: Thu, 02 May 2024 08:13:06 GMT

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3F1F 9 KB
3 KB 9ms
8ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683079984116
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 07:22:55 GMT
x-amz-version-id: FbY0009UR6SM8SEWGeJjbUjChZiwlwq2
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3351011
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 63
last-modified: Fri, 24 Mar 2023 15:27:29 GMT
server: istio-envoy
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: XGoC9k6H4ReGHljIh08d1hCfSn-jaLCfgclH07CSUeAkGPe0EzCw0w==

GET
H2 200 3.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame 3F1F 7 KB
2 KB 8ms
7ms Stylesheet
text/css 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/3.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683079984116
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 08:09:51 GMT
x-amz-version-id: a6aW3pFI8jDJfd5Fzc5RXPW1PSDB8w30
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2224995
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 56
last-modified: Wed, 05 Apr 2023 19:06:46 GMT
server: istio-envoy
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: GL4nYa32oSyYkZwFsfrBlAM8aCESLd_IMk6w6_7CbjOtgR7m9ydRGQ==

GET
H2 200 3.f50b964b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3F1F 54 KB
15 KB 10ms
9ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/3.f50b964b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d14e287ddae470b06c4639e73260ca21a4c9b7cfdf56e02965a8f50fb5333b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683079984116
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 13:04:52 GMT
x-amz-version-id: TZgR.kF9jQEw5fwgp1aPwIBAWqAwmYWG
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2639294
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 50
last-modified: Fri, 31 Mar 2023 03:20:38 GMT
server: istio-envoy
etag: W/"1ac37bf2b93050f29058b66a9ad43e10"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: dksES2XMAbAy9hmoCHbQDSm0IN9kjMOSjkf_U4cnKSe95sqY6mr3Zg==

GET
H2 200 1.02a6af84.chunk.css
js.driftt.com/core/assets/css/ Frame 3F1F 44 KB
7 KB 10ms
10ms Stylesheet
text/css 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/1.02a6af84.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

120def079fc4e239098c571e178a9a1b73746f05c6f65a97cd7291b8c13aa401

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683079984116
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 08:47:50 GMT
x-amz-version-id: 2mFqsYPgAFu7IBkViFaO6MCHTOONwEvX
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2827516
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 33
last-modified: Fri, 31 Mar 2023 03:20:34 GMT
server: istio-envoy
etag: W/"295093fc512c5e44a90c3c28242de8ae"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: w1B1drhs2-ollhVK7iOHpuds-sF1cp5wMKz6NwxXCHkMbqA4wAtp3w==

GET
H2 200 1.dd688aaf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3F1F 53 KB
17 KB 10ms
8ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.dd688aaf.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d3ed94b69049a6046b0472b87a4d1be0a1c9482c9edc3793bf72714c82c7ce0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683079984116
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 20:29:53 GMT
x-amz-version-id: EYuyMkYTdV6Sz.Tu3e2Qz8Z_YPV77rIe
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2353393
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 20
last-modified: Wed, 05 Apr 2023 19:06:48 GMT
server: istio-envoy
etag: W/"456df11dba646f06e80bbae67a65aad8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zPa8I6OKXwuDAxf__7Mfv6NTwkhb_OGQAHvRpvdSl5ptaAtRacSEug==

GET
H2 200 4.b4477698.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3F1F 23 KB
10 KB 11ms
8ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/4.b4477698.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

277725f80d5c0175c2a996fe1eea07395b87ec1bd0496353409e99e96024816e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683079984116
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 20:29:53 GMT
x-amz-version-id: 0s5HvDu7I8ZUWeiRZtf_7BJNbUsVlUik
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2353393
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 21
last-modified: Wed, 05 Apr 2023 19:06:49 GMT
server: istio-envoy
etag: W/"ec2b0368f8359c0e46e2bfb9cf8e79ef"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: x_7hlv7zVN_7jLwURz5JXCSAYHxsezj1bMGO0fGZZ-MHA9qjWcBgRA==

GET
H2 200 35.a3318c5e.chunk.css
js.driftt.com/core/assets/css/ Frame 3F1F 14 KB
3 KB 10ms
9ms Stylesheet
text/css 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/35.a3318c5e.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

f3342c52eee43a2ea931cae2ee2d6d9a2939432ffcb03bb4f2983ac7e49b26cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683079984116
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 04:07:35 GMT
x-amz-version-id: XpghMM6Bvn3zdgxgFBI2tr0e58zP8_PK
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2325931
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 79
last-modified: Wed, 05 Apr 2023 19:05:07 GMT
server: istio-envoy
etag: W/"b06e02b360914b25e58305b1b9b954dc"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 2yEXYzUIgkc40iektnZ-lDfS7TGQv2qLxfSXStFOnFzVVwue5_pyWA==

GET
H2 200 35.46d29dea.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3F1F 12 KB
5 KB 11ms
9ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.46d29dea.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

2693e158a319fe2c6576e7fdd76ad78ca5e0235cce4418503e5fee2e7426b2d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683079984116
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 19:38:52 GMT
x-amz-version-id: xuvYWNeKM10RQbhB8D3mlc4N6CStBtYA
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 369254
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 32
last-modified: Fri, 28 Apr 2023 19:33:22 GMT
server: istio-envoy
etag: W/"8195467360aaef75c927565e2e787326"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 3Jt_B3B3t9DQNKFk1o0zPxClqv_tRiqi1ceB0femUbn7QTpm6VPQ0Q==

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
492 B 205ms
201ms Image
image/gif 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: cofense.com
URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:06 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 200 v2 Show response
bootstrap.api.drift.com/widget_bootstrap/ping/ Frame C0B0 161 B
601 B 310ms
106ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

814d45cce5caa5b45bc44934f24e210c64cb36ba1438a14d40ad7d23784e78e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 03 May 2023 02:13:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: bd38791425ad7b11
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 161

POST
H/1.1 200
OK / Show response
sentry.io/api/1332833/envelope/ Frame E26C 2 B
442 B 505ms
126ms Fetch
application/json 35.188.42.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1332833/envelope/?sentry_key=b5158ee3382d49b28a864fb2b91bcaaf&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.11.1

Requested by

Host: assets.qualified.com
URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-ace36fb1a48c20c99919.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.qualified.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 03 May 2023 02:13:06 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: nginx
vary: origin,access-control-request-method,access-control-request-headers
Content-Type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 2

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=404E62E1963F4FDA82AB7672C4169A15&RedC=c.clarity.ms&MXFR=2149E3779B8D612B13A2F0719F8D6FEB
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=404E62E1963F4FDA82AB7672C4169A15&MUID=044D4C65E22961AB0EB85F63E3426035

42 B
443 B

31ms
31ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=404E62E1963F4FDA82AB7672C4169A15&MUID=044D4C65E22961AB0EB85F63E3426035
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 02:13:05 GMT
last-modified: Wed, 19 Apr 2023 15:34:17 GMT
server: Microsoft-IIS/10.0
etag: "f5c05c67d472d91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 03 May 2023 02:13:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FA491E5594CE44D4A37E08DBBBFA21D3 Ref B: FRAEDGE1407 Ref C: 2023-05-03T02:13:06Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=404E62E1963F4FDA82AB7672C4169A15&MUID=044D4C65E22961AB0EB85F63E3426035
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H2 200 v3 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame C0B0 25 B
88 B 118ms
117ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v3

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 03 May 2023 02:13:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: ecd81ca2295aad20
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 15
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25

POST
H2 200 widget_bootstrap Show response
bootstrap.api.drift.com/ Frame C0B0 20 KB
7 KB 620ms
619ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

ded5803ec6bbdbe8a72c83670fdcd7ac7b927c7aa3abcecba3437398a710f5b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 03 May 2023 02:13:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: istio-envoy
requestid: 756e213d85eb4e43
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 517
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version

POST
H/1.1 204
No Content collect Show response
q.clarity.ms/ 0
291 B 95ms
94ms XHR
text/plain 20.231.53.73
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://q.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.6/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.231.53.73 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://cofense.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://cofense.com
Date: Wed, 03 May 2023 02:13:06 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 201ms
201ms Image
image/gif 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:07 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 200 track Show response
event.api.drift.com/ Frame C0B0 745 B
804 B 104ms
103ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

37e6e6b13b727902c4cb3ed700ed5c0ae4d1f07f96b5ed3ab0933883064fb1e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxODEyNzIwMDM4MiIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjE0NTI4NjgiLCJleHAiOjE3MTQ3MDIzODYsImlhdCI6MTY4MzA3OTk4Nn0.YNu0kha4-K-fvEspwnD3_SxWYFkeCq-WRGMQbJpeWXaylrW5FrttboK8NzK9P1KdA1Se0TKPvgZKXJZpk41nsg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 03 May 2023 02:13:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: 91d2608a6e6f5bdd
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 745

OPTIONS
H2 200 track
event.api.drift.com/ Frame 0
0 103ms
102ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Wed, 03 May 2023 02:13:07 GMT
requestid: driftd7a25b04f20aef7bafb1a598171
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1

POST
H2 200 evaluate_with_log Show response
targeting.api.drift.com/targeting/ Frame C0B0 572 B
393 B 103ms
102ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/targeting/evaluate_with_log

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

1f56f0ed36dbceeab28d690ceac3f516df1304cff71c4c07ff0b65337095bad8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxODEyNzIwMDM4MiIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjE0NTI4NjgiLCJleHAiOjE3MTQ3MDIzODYsImlhdCI6MTY4MzA3OTk4Nn0.YNu0kha4-K-fvEspwnD3_SxWYFkeCq-WRGMQbJpeWXaylrW5FrttboK8NzK9P1KdA1Se0TKPvgZKXJZpk41nsg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 03 May 2023 02:13:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: istio-envoy
requestid: c25459f52bee1818
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 332

OPTIONS
H2 200 evaluate_with_log
targeting.api.drift.com/targeting/ Frame 0
0 104ms
103ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/targeting/evaluate_with_log

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Wed, 03 May 2023 02:13:07 GMT
requestid: drift4dd4a354b479779e9e582b4b791
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1

POST
H2 200 render_initial_v3 Show response
flow.api.drift.com/flows/ Frame C0B0 3 KB
2 KB 136ms
134ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://flow.api.drift.com/flows/render_initial_v3

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

a300b1f5138fbe3a0e34413eb80ba60837bae4c5256f4b72725a0b79bf51a8a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxODEyNzIwMDM4MiIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjE0NTI4NjgiLCJleHAiOjE3MTQ3MDIzODYsImlhdCI6MTY4MzA3OTk4Nn0.YNu0kha4-K-fvEspwnD3_SxWYFkeCq-WRGMQbJpeWXaylrW5FrttboK8NzK9P1KdA1Se0TKPvgZKXJZpk41nsg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 03 May 2023 02:13:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: istio-envoy
requestid: adedc254bf3cddf9
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 32
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 1980

OPTIONS
H2 200 render_initial_v3
flow.api.drift.com/flows/ Frame 0
0 105ms
105ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://flow.api.drift.com/flows/render_initial_v3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Wed, 03 May 2023 02:13:07 GMT
requestid: drift402a58149e683813c28aecb35fa
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 2

OPTIONS
H2 200 widget
targeting.api.drift.com/impressions/ Frame 0
0 102ms
102ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/impressions/widget

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Wed, 03 May 2023 02:13:08 GMT
requestid: drift42b288c4a16a852740aa4582b6c
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1

POST
H2 204 widget Show response
targeting.api.drift.com/impressions/ Frame C0B0 0
37 B 110ms
110ms XHR
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/impressions/widget

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxODEyNzIwMDM4MiIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjE0NTI4NjgiLCJleHAiOjE3MTQ3MDIzODYsImlhdCI6MTY4MzA3OTk4Nn0.YNu0kha4-K-fvEspwnD3_SxWYFkeCq-WRGMQbJpeWXaylrW5FrttboK8NzK9P1KdA1Se0TKPvgZKXJZpk41nsg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 03 May 2023 02:13:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: 9e9de8b527965272
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-credentials: true
x-envoy-upstream-service-time: 8
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 13ms
13ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&aip=1&a=2095862328&t=event&ni=1&_s=2&dl=https%3A%2F%2Fcofense.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F&ul=en-us&de=UTF-8&dt=Malicious%20email%20campaigns%20abusing%20Telegram%20bots%20rise%20tremendously%20in%20Q1%202023%2C%20surpassing%20all%20of%202022%20by%20310%25&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Drift%20Widget&ea=Playbook%20Fired&el=Playbook%20ID%3A%202159654&_u=aDDAgUABAAAAAEAAI~&jid=&gjid=&cid=626954754.1683079985&tid=UA-114787942-1&_gid=2044981464.1683079985&gtm=45He3510n815RQ37KH&z=250308733

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 May 2023 23:12:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 10809
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 58.377a2854.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C0B0 18 KB
7 KB 8ms
7ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/58.377a2854.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

130688f16399fc1980b2900037a220bc182f4b0c320621dc7d70ec721514765e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=e2c19a7e-2e5e-4674-a774-182dc3b73543&sessionStarted=1683079985.831&campaignRefreshToken=a900e136-6d5d-4597-892a-8017618a2e2d&hideController=false&pageLoadStartTime=1683079984116&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 04:47:47 GMT
x-amz-version-id: wE03_MzHXRFIBnvFGdKOLxKaN8SqczPT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3360321
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 43
last-modified: Fri, 24 Mar 2023 15:27:32 GMT
server: istio-envoy
etag: W/"33f417d96bdfff4c4e2ac5468c815f07"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: BuSAAJd82A3mgkyLg-bQrLA6-llprnRM_kSmf4W2O6-3qNUfwivCFw==

GET
H2 200 58.377a2854.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3F1F 18 KB
7 KB 8ms
7ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/58.377a2854.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.288ca7cf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

130688f16399fc1980b2900037a220bc182f4b0c320621dc7d70ec721514765e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683079984116
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 04:47:47 GMT
x-amz-version-id: wE03_MzHXRFIBnvFGdKOLxKaN8SqczPT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3360321
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 43
last-modified: Fri, 24 Mar 2023 15:27:32 GMT
server: istio-envoy
etag: W/"33f417d96bdfff4c4e2ac5468c815f07"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: d1dlfdeDPQtwmLkKZQQd9Gu87fhju6ObdM9pI-nVq_U30aaG82f0EQ==

GET
H2 200 https%3A%2F%2Fdriftt.imgix.net%2Fhttps%253A%252F%252Fs3.amazonaws.com%252Fcustomer-api-avatars-prod%252F2106400%252F13690614ba4dc30e40747e74e1535a5adzn4mi89fik3%3Ffit%3Dmax%26fm%3Dpng%26h%3D200%26w...
driftt.imgix.net/ Frame C0B0 23 KB
24 KB 26ms
9ms Image
image/png 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://driftt.imgix.net/https%3A%2F%2Fdriftt.imgix.net%2Fhttps%253A%252F%252Fs3.amazonaws.com%252Fcustomer-api-avatars-prod%252F2106400%252F13690614ba4dc30e40747e74e1535a5adzn4mi89fik3%3Ffit%3Dmax%26fm%3Dpng%26h%3D200%26w%3D200%26s%3D3d628948700c6adffa763ed302d1aec1?fit=max&fm=png&h=200&w=200&s=b89b9dce21f66015eedf860da053c36f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

4bfadbef6403a8d94ce18f4c015c320c8627a0ecaf0e2633ae3e7c601cd00f14

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:08 GMT
x-content-type-options: nosniff
age: 109170
x-cache: HIT, HIT
x-imgix-id: d04eb3767b21ab893dc52f931064ba93d0abf9dd
cross-origin-resource-policy: cross-origin
content-length: 23915
x-served-by: cache-sjc10076-SJC, cache-fra-eddf8230045-FRA
x-imgix-render-farm: 01.8784
last-modified: Mon, 01 May 2023 19:53:38 GMT
server: imgix
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
js.driftt.com/deploy/assets/static/fonts/ Frame C0B0 38 KB
39 KB 8ms
7ms Font
font/woff2 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/static/fonts/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/css/9.b5c2854f.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

fbeb296c1ecc216a17bda77bf65e833cc0410cfbe1908e121f7a4549cc390675

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/assets/css/9.b5c2854f.chunk.css
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 18:27:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4952716
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 66
content-length: 39372
last-modified: Fri, 03 Mar 2023 16:21:38 GMT
server: istio-envoy
etag: "40b6965b5cd26213faf61e5ab6765bb9"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/font-woff2,font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: q-qwFPtAhPkvD8bpsIgBAX6R_OwzYGRGi6SEj_DT2poQbLEbHBuk0w==

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
js.driftt.com/deploy/assets/static/fonts/ Frame 3F1F 38 KB
39 KB 9ms
8ms Font
font/woff2 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/static/fonts/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/css/9.b5c2854f.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

fbeb296c1ecc216a17bda77bf65e833cc0410cfbe1908e121f7a4549cc390675

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/assets/css/9.b5c2854f.chunk.css
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 18:27:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4952716
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 66
content-length: 39372
last-modified: Fri, 03 Mar 2023 16:21:38 GMT
server: istio-envoy
etag: "40b6965b5cd26213faf61e5ab6765bb9"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/font-woff2,font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Xr41ObY8IV-OnHIBIwj4gDmmGxqW_EA0W6Y9wrjgtN-NO54oQtRwbw==

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 201ms
200ms Image
image/gif 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:08 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 4.3b34b074.chunk.js Show response
js.driftt.com/conductor/assets/ 158 B
851 B 8ms
7ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/conductor/assets/4.3b34b074.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1683080100000/28krvx2uf9n3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

574aecd6793a65225977300bbb170085109bf62527488370869dd0678d52369e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 05:58:01 GMT
x-amz-version-id: eLPJNLDiK0h48cZin9hbXquS4tCIVHe1
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P5
age: 2405707
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 14
content-length: 158
last-modified: Tue, 04 Apr 2023 15:21:41 GMT
server: istio-envoy
etag: "04cb478629934587f65fb92a62238885"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: HXI60RI8se34lw1IFQ8CWWG_nq-_Lvg9Y7-yVQ6il6M3z5nerXHXnQ==

GET
H2 206 notification.5f7c6014.mp3
js.driftt.com/conductor/assets/media/ 8 KB
8 KB 8ms
8ms Media
audio/mpeg 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/conductor/assets/media/notification.5f7c6014.mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

bf06f41bb3a1429115fa2dcfbee9986234d6d319da3597648e4e980340d52027

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cofense.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 03 Sep 2022 07:38:10 GMT
x-amz-version-id: Ub51puyo1Locv75rMJeYD6NAYp0fo__l
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P5
age: 20889298
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
Content-Range: bytes 0-7754/7755
Content-Length: 7755
last-modified: Thu, 01 Sep 2022 13:18:52 GMT
server: nginx
etag: "5f7c6014cf73831f91963a668b71fbb9"
access-control-allow-methods: GET, POST, OPTIONS
content-type: audio/mpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: SwojoJVIzzEZlW8FHOXa_ZCXAiGx-bSMdXUk8uneqquSjVRaK0TNOA==

GET
H/1.1 200
OK 976848be5d3705f67929c776e7c981f073674577458bffa4c5df2500b43cc5d1.png
qualified-production.s3.us-east-1.amazonaws.com/uploads/ Frame E26C 7 KB
7 KB 325ms
120ms Image
image/png 3.5.17.107
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qualified-production.s3.us-east-1.amazonaws.com/uploads/976848be5d3705f67929c776e7c981f073674577458bffa4c5df2500b43cc5d1.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.17.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3.us-east-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 35f2fd2da69d4fb87275d7ce76117c573c18ab9c6dbbd08429712af6346c26a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.qualified.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 03 May 2023 02:13:09 GMT
Last-Modified: Thu, 20 Apr 2023 21:32:06 GMT
Server: AmazonS3
x-amz-request-id: 2W3HST9PC4GWFQS8
ETag: "28067073f437880b9148c0ab27de6900"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Cache-Control: Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Length: 6908
x-amz-id-2: oOHrtInOdMcvoji90E+rkXWBzGkCwKsknvkLslJEuSyQ+4IzRsHVDP+GKMOnE5aZi4CwBWtUlHUoDIoS/hswiQ==

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 202ms
201ms Image
image/gif 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:09 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/event3/ Frame C0B0 25 B
112 B 119ms
119ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event3/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 03 May 2023 02:13:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: 8a4e95e18042f3ed
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 17
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25

POST
H/1.1 204
No Content collect Show response
q.clarity.ms/ 0
291 B 95ms
95ms XHR
text/plain 20.231.53.73
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://q.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.6/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.231.53.73 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://cofense.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://cofense.com
Date: Wed, 03 May 2023 02:13:10 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
492 B 205ms
200ms Image
image/gif 23.36.162.208
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.208 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-208.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:13:10 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 19ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-3G76T4W3LR&gtm=45je3510&_p=2095862328&cid=626954754.1683079985&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1683079985&sct=1&seg=0&dl=https%3A%2F%2Fcofense.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F&dt=Malicious%20email%20campaigns%20abusing%20Telegram%20bots%20rise%20tremendously%20in%20Q1%202023%2C%20surpassing%20all%20of%202022%20by%20310%25&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3G76T4W3LR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cofense.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 03 May 2023 02:13:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cofense.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/wp-content/uploads/2022/05/Inter-Medium.ttf

Verdicts & Comments Add Verdict or Comment

114 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
cofense.com/	1969-12-31 23:59:59	Name: wp-wpml_current_language Value: en
.cofense.com/	1970-01-20 13:40:55	Name: _gcl_au Value: 1.1.1616142577.1683079985
.cofense.com/	1970-01-20 21:07:19	Name: attr_first Value: %7B%22source%22%3A%22(direct)%22%2C%22medium%22%3A%22(none)%22%2C%22campaign%22%3A%22(not%20set)%22%2C%22term%22%3A%22(not%20provided)%22%2C%22content%22%3A%22(not%20set)%22%2C%22lp%22%3A%22cofense.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F%22%2C%22date%22%3A%222023-05-3%22%2C%22timestamp%22%3A1683079985094%7D
.cofense.com/	1970-01-20 11:31:21	Name: attr_last Value: %7B%22source%22%3A%22(direct)%22%2C%22medium%22%3A%22(none)%22%2C%22campaign%22%3A%22(not%20set)%22%2C%22term%22%3A%22(not%20provided)%22%2C%22content%22%3A%22(not%20set)%22%2C%22lp%22%3A%22cofense.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F%22%2C%22date%22%3A%222023-05-3%22%2C%22timestamp%22%3A1683079985094%7D
.techtarget.com/	1970-01-20 11:31:21	Name: __cf_bm Value: VVccH49pyy1_4Xuu9emOSrcR79DGNgEzvNnM97dzjtg-1683079985-0-AflIvj3WtKuFZlSIL9iDtGVU6gbHRFSBRHmGIZPg1ZSwAcUknnp8r3LW2GV1uYobUONm1HP42xQz6FBtKjvUf/c=
www.clarity.ms/	1970-01-20 20:16:55	Name: CLID Value: 18160e3877634624ab549be72b2541fa.20230503.20240502
.ws.zoominfo.com/	1970-01-20 20:16:55	Name: visitorId Value: f6f85d63d5f3a5ebdd348b52c01fe68b8a4695a7a98cd9ce035f8088f5599924
.zoominfo.com/	1970-01-20 11:31:21	Name: __cf_bm Value: 0b.8gb0a.gbHHOdhHI8hYWiJ4hW7ND3hg35V2hEHpeg-1683079985-0-ATntGwdd5CSubvntQDo7wQivlDwNTSpj/+CnJp0dOUK7ZTdB4VygM3DP8QDAyh9uLosxolVbgwCfoOi9CpYevUw=
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: toYyEbpQxDvII3lYMx.KImD4crC0KPoh7s97O.HK0kE-1683079985273-0-604800000
.cofense.com/	1970-01-20 21:07:19	Name: __q_state_H3wWDXLUxD4irieG Value: eyJ1dWlkIjoiZTFlNzI0NmEtMzc4My00NzVjLTgzM2UtNDJmMzcwYjE3ZDQ2IiwiY29va2llRG9tYWluIjoiY29mZW5zZS5jb20ifQ==
cofense.com/	1970-01-20 11:41:24	Name: _an_uid Value: 0
cofense.com/	1970-01-20 21:07:19	Name: _gd_visitor Value: 6f752a9c-c12e-4bb1-8cac-17b085cfc4e1
cofense.com/	1970-01-20 11:31:34	Name: _gd_session Value: 2527a92d-724b-43f1-8d82-91026344ed04
cofense.com/	1970-01-20 11:32:46	Name: ln_or Value: eyIzMDA3MjEiOiJkIn0%3D
.cofense.com/	1970-01-20 21:07:19	Name: _ga Value: GA1.2.626954754.1683079985
.cofense.com/	1970-01-20 11:32:46	Name: _gid Value: GA1.2.2044981464.1683079985
.cofense.com/	1970-01-20 11:31:20	Name: _dc_gtm_UA-114787942-1 Value: 1
.cofense.com/	1970-01-20 21:07:19	Name: _mkto_trk Value: id:404-JHU-612&token:_mch-cofense.com-1683079985377-81626
.cofense.com/	1970-01-20 20:16:55	Name: _clck Value: 1oxngoq\|1\|fba\|0
.linkedin.com/	1970-01-20 12:14:31	Name: UserMatchHistory Value: AQK9zYDS_KQ-OwAAAYffYnioZlDefL3Mln-VaxGNcNUko_mA88hTEmz5r3c3jfeOM1gBuZlBj5qppQ
.linkedin.com/	1970-01-20 12:14:31	Name: AnalyticsSyncHistory Value: AQIN2u4o1MxVGwAAAYffYniowH7WRH0CcZnTvDV6Kk__cUMNXrXAmq0uO9F0bz0AuJtqYjriLoOIkCAY9HHq5A
.linkedin.com/	1970-01-20 20:16:55	Name: bcookie Value: "v=2&fbb84544-9138-46c4-85c2-acd0487a5d35"
.linkedin.com/	1970-01-20 11:32:46	Name: lidc Value: "b=TGST06:s=T:r=T:a=T:p=T:g=2641:u=1:x=1:i=1683079985:t=1683166385:v=2:sig=AQHRqfcwFiDT4hssdKGKQInG4oj0mFN-"
.6sc.co/	1970-01-20 21:07:19	Name: 6suuid Value: d0d5ce17032e0b0031c351640a0200004aa30f00
.www.linkedin.com/	1970-01-20 20:16:55	Name: bscookie Value: "v=1&20230503021305a4735e78-c4e1-4047-81d8-f530e1d55d8eAQHE7hDmj-afETrP3vDRrQPXvKQ6cFE_"
.linkedin.com/	1970-01-20 15:50:31	Name: li_gc Value: MTswOzE2ODMwNzk5ODU7MjswMjFrqe476KPiQSD2Utne7F5uq4vsFQPcN8cqobwGy1C9jA==
cofense.com/	1970-01-20 11:31:21	Name: drift_campaign_refresh Value: a900e136-6d5d-4597-892a-8017618a2e2d
.cofense.com/	1970-01-20 21:07:19	Name: _ga_3G76T4W3LR Value: GS1.1.1683079985.1.0.1683079985.60.0.0
.cofense.com/	1970-01-20 11:32:46	Name: _clsk Value: u6kmvh\|1683079985978\|1\|1\|q.clarity.ms/collect
cofense.com/	1970-01-20 21:07:19	Name: drift_aid Value: ef85bfe4-af6d-46c1-93bd-8e6ba22d5fae
cofense.com/	1970-01-20 21:07:19	Name: driftt_aid Value: ef85bfe4-af6d-46c1-93bd-8e6ba22d5fae
.bing.com/	1970-01-20 20:52:55	Name: MUID Value: 044D4C65E22961AB0EB85F63E3426035
.c.bing.com/	1970-01-20 11:41:24	Name: MR Value: 0
.c.bing.com/	1970-01-20 20:52:55	Name: SRM_B Value: 044D4C65E22961AB0EB85F63E3426035
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 20:52:55	Name: MUID Value: 044D4C65E22961AB0EB85F63E3426035
.c.clarity.ms/	1970-01-20 11:41:24	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 11:31:20	Name: ANONCHK Value: 0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://lltrck.com/scripts/lt-v3.js?llid=19612 Message: Failed to load resource: the server responded with a status of 403 ()
javascript	error	URL: https://cofense.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/ Message: Access to font at 'https://cofense2022stg.wpengine.com/wp-content/uploads/2022/05/Inter-Medium.ttf' from origin 'https://cofense.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://cofense2022stg.wpengine.com/wp-content/uploads/2022/05/Inter-Medium.ttf Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

404-jhu-612.mktoresp.com
app.qualified.com
assets.qualified.com
b.6sc.co
bootstrap.api.drift.com
c.6sc.co
c.bing.com
c.clarity.ms
cdn.linkedin.oribi.io
cofense.com
cofense2022stg.wpengine.com
driftt.imgix.net
epsilon.6sense.com
event.api.drift.com
flow.api.drift.com
fonts.googleapis.com
fonts.gstatic.com
ibc-flow.techtarget.com
ipv6.6sc.co
j.6sc.co
js.driftt.com
js.qualified.com
lltrck.com
metrics.api.drift.com
munchkin.marketo.net
okt.to
p.typekit.net
px.ads.linkedin.com
px4.ads.linkedin.com
q.clarity.ms
qualified-production.s3.us-east-1.amazonaws.com
region1.analytics.google.com
secure.adnxs.com
sentry.io
snap.licdn.com
static.oktopost.com
stats.g.doubleclick.net
targeting.api.drift.com
trk.techtarget.com
ws.zoominfo.com
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
cofense2022stg.wpengine.com
104.102.38.132
13.107.42.14
141.193.213.21
18.165.183.96
18.66.112.39
185.89.210.141
192.28.144.124
20.231.53.73
2001:4860:4802:34::36
23.36.162.208
2600:9000:2127:c400:2:53b2:240:93a1
2606:4700::6810:650c
2606:4700::6812:1005
2606:4700::6812:1105
2606:4700::6812:c9f
2620:1ec:21::14
2620:1ec:4e:1::44
2620:1ec:c11::200
2a00:1450:4001:80b::2008
2a00:1450:4001:811::2004
2a00:1450:4001:827::2003
2a00:1450:4001:827::200e
2a00:1450:4001:82b::200a
2a00:1450:4001:831::2003
2a00:1450:400c:c07::9b
2a02:26f0:3500:16::215:1494
2a02:26f0:480:f::213:7edd
2a02:26f0:6c00::210:bb58
2a04:4e42:8d::720
3.222.81.88
3.5.17.107
34.111.208.231
34.200.97.200
35.156.45.170
35.188.42.15
50.16.7.188
52.73.0.225
68.219.88.97
00d1bb6e3732ba80fd2540ac50cd0a39f341f4f7434696a5dd639a750aadf6cb
01c3955df67a9b9d1367957e2c187729eae46b72e92c2b52bdb217b14a8fc874
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
047d14c117d25e9e0a1a2ba3f4aa23a602d417fc7402294e484d20b19140ecf1
09016600a13dd4825b72516765a8da53d1ab896f7582c4619d014e8ee147ea84
09db71dcf500dadf710b4fde01c4af2839d9055c18de62b3de0b7ba590e880ef
0a878495e0cd07bbe654d5ca09dd53707b0349b326c229393df27696e92e255c
0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e
0c07bf805e857013386ec7ea2d26911aed5c827ee90e71a94188553c6d8ef337
0cbf6e774cef56a187b12fea61250b10a013df245ca8ed9c47bf3f18f8a7696b
0ec717c896d0ca54e4536263e84f11f43a944ba2e04d2f5f1264f0acdc7beada
10918b5df4cea65b050c491014c053e3c3e8c1dfe6cb2b956900f7b7c9bbb364
120def079fc4e239098c571e178a9a1b73746f05c6f65a97cd7291b8c13aa401
12ce92cc3c4eb9d74f48e9a10eb919bdf30bbdc5ccf9843c6543fec302dec54f
130688f16399fc1980b2900037a220bc182f4b0c320621dc7d70ec721514765e
131196ee656b5b8a789a1d317d426fa1061e385dcfe7430645319a9e19adbe86
138154c0deed3326477b9b4909175101070a5a3a95342291b53d8cc9879a5f47
13ba7d85cedf2d5b14f9091119f9067689bdc33edde1d37a654787d416fbca34
152261291c938aa5aad6a56d52b47ffcb893d1c0387e76d7f270a7382ff786d5
178c7e0dd0c602d457b8d91dd18b916c3f4220794fccb6067cac187f0c753795
19b9088866f569df384674d08e7f4614b91d86d5849cb45e63257e6cb873102b
1a7d5d0c9c86dc2db1249eee49e178e16885d04b41f20cab6e5ad4e5a51f89af
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
1d062040841c8459896c9946963775e6983183f4b5a8f01e40ad5da0c0328022
1f56f0ed36dbceeab28d690ceac3f516df1304cff71c4c07ff0b65337095bad8
1fa18b1ec5d3e9b4c089118323819e51e6674e4756fbcd1de4e86ef58a3dba31
20280595985bfe8723e6a8b824a408c97fcd7fdad4aa43c6f5698e362e3c0ecf
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
22a79f1fbcc70373c7021bae2164d9232d1e9dd3c6a163df9f9f54070e5f6b50
2544474f9ccba4ce5f26230fea52abf96e3129f3a897daa9fd22a4d356658ad3
2693e158a319fe2c6576e7fdd76ad78ca5e0235cce4418503e5fee2e7426b2d0
277725f80d5c0175c2a996fe1eea07395b87ec1bd0496353409e99e96024816e
28816769ece0ee343025ff388216c645e175c92cce4db6bd812a321b1ad345c6
2c90a7fc6246ec21f98e1a36d6293792e10d9ecbdffdf1a21cbe5336fe6e093c
2cc15bc3d3dda4e699624aae9727570dd1cb7cfa4535a074a453e1437e279d21
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f8e9a0e558982ea8f5fb4b83f91e873ef02ea5a0396223560c20f17cfdf08c3
2ff2b9a5434137bda235f2847f5939dcd06977e5437ae82bfa197e00faabc6a9
3169ab3142fbf3ecf7eee1b5682a4556ed8a3d4ba940befa71c31b5a43991d92
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
34bbd1c367ffc7d80fcff86c7e5f8777e70f4911bb324e8ecfc7dd3604a96e68
353eaf9cd4255f3251309ba9cc5d058be8d9590b503758a8e3ecd20ab4bcf385
35f2fd2da69d4fb87275d7ce76117c573c18ab9c6dbbd08429712af6346c26a3
37e6e6b13b727902c4cb3ed700ed5c0ae4d1f07f96b5ed3ab0933883064fb1e7
3c1a5c4b5574a4104a92b2e700e6f0fc5b001c4297ebc5a1e76d67b1fbeb1c2d
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44c68a4716777a09c291d971f91468c7e72dd2beadecd931aaea641758f4d726
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
4b6282f417900055c604419822eb0ff788d325f23c9eca94146e3086177e8f0a
4b9257e3e9c959214ddfab833a69a021ae6557403efe76afcbee259621175274
4bfadbef6403a8d94ce18f4c015c320c8627a0ecaf0e2633ae3e7c601cd00f14
4eda4b5575532ad6a713d3d9bbcde581c519d9b8d0202363925ddc80049eed6d
4f42fa1fe21c3cdf7ccfa09bfb44d1325bd3713e1ddb82e661e2c28002eef957
4f56d3a7bc4839a36d6f4abfe24bb127765368944424da8eae06c8d4c341852f
51445b2ccc8f515394b4750bd52fbc74089c3e894ec552a64fbc85c71a766f49
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
533e264cc615ee4601da8d2c1dee4a8987319e53d4d7162272f067fbbf250020
560abbd7d0555a1eaf630c3487f47ffdc097772b00227e5bfcb85aafcdcb3491
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
566d4c5dfefc9c4d867e6bef080917a4273b4228731a8700e81f1763eae3d861
574aecd6793a65225977300bbb170085109bf62527488370869dd0678d52369e
57bd8aad7f73b73ff23c5fd9c5e7a911548b5184f9a416041e72a1a0e6d3dbf9
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5bca3153792e728edf2e4d182e5140b8877cb477241f1e17dad040ac3ef3672f
5c4f776577857d2790c51ab6e2be1209fb41e02cb77244a2d45e697c89c6a869
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
6023ba46fa2874c30c430e20e4be7ee1696ef0d3952987153236c061e855e8af
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
6eafef48033bf87526b129f8f292a7ea8b943988241b3abefe94d3a95668ac8a
6ec35ab99388f6afab345622a22772619b83b7d63705d98df3c404da782fcabb
6fe59d88646876bb8dfb4a1a021b2dc2662b36bf175625eb3ecb89a3ae956937
71966cb221a057ee9313fb232e40c7a0a70d2e472909c3947f4878c8e195ad53
727a730eda79071d5f02ba91d752c3feed10e0cd63a9c042f298390c24f85236
7363e2164b270d71438825ae76c78cf3b1c47e51777aa7db4551c8d896e7daba
73b2fdcf25aa909c7b0f072cf791066350ab834ca1d0d01ef096bb5583318213
752ce5e5fae8efec288935f5df2e4c254db3bfec4c079c667f81b9b083c59668
7616b033adbe366f235d70696b659f554051c0e578508896aab0ff5b169491db
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7c4cddc44e59d49ccbfdaf1b57cca9884b74ee1710671c7d9fa974e3fae6f507
7cb58278c8f54a62c0afa6da0c67b3a45aad637a0bf614e9c0dd42b73cee266b
814d45cce5caa5b45bc44934f24e210c64cb36ba1438a14d40ad7d23784e78e7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
8667a50fdab17dd946e43e37c6fd1623583b9440bdca887e44cc726e48feedaf
86f9e3057da154cc86ff4556447d78f991a29eaab9a088508c5266343f6aad4d
875b376bb5b649f12579434228d401f77424d925aa4f8f753b2f858794150918
8989f87b90cacdbca5875bdfbed7dd3c3f2acee982b9353c04d86e8c123906c0
8cbc49b1385bf29debe95333f04795a6e3a2cf218d88b415b29872d06491fd1c
8ee0654259fda0bbfeab4305b895e740659613080d90352bd36c1452fd426ef6
9165c88416ea35b8ddb5575606ccceed0eb12b8f898b171dbbcb305cb56b77d3
95245f488fc923a05392ac8ca5985ac00d44b0603ba7b987d103475181268d88
958a03c833d9116f7ab9a5ee503f7b0360b9291b268bfb77128a8f0e19238613
95af163892829a3ef249441b70b2c8281b845edea4b24680d3326486861d6082
97835f51936631312648ce4198cd92c85beae9e09e3cdaff439c57ffccc5c5d5
987b2e5ba1d940ccf76e74235a3339ce993b29a81c7a67599157c3a5640be710
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134
9d88866c6295ffc0cadaa1ccb951367e196737a413482176d5787b70aae04ef0
a300b1f5138fbe3a0e34413eb80ba60837bae4c5256f4b72725a0b79bf51a8a6
a396845a4a008a48121c0338c5222b513542607ee1336a1067849335fc55bc35
a3986521f7e895cf3175098026f4471920366f5b3d3d1d0299a3c710a779e2ae
ac92aaff24689c5564bc27efe3907bee71c2d40952fc1f906f942c8c74e609cf
ae3f6024712196dff7272f57c522e4048826b484f7336a97cc3e7f6f00d2d443
aebf3a5076b724c0097b17849789e5b72ab7a54d91fae262585b0266c2670b23
b3c983227e71c4f8da7d9af830cde723a94fd1a3a712e666c1f389dfac405bb9
b7c5d1d3e03d31b9b450c0aac2972f3aef995be2a69ec5ecfa6200c4a321ef40
b8166c5475df6a64ab2456e95f64564164ed697d258e8bfed8cebca40efd6fa5
b8449a28a151415d580be1dfd69056906199f1dd6ceb2c1b5edf61950ada9d13
b89b6165327872066d09bf529b6f131b238a193e71a8ab9108b2ea40ae92d3f8
b91783d1ed81625b2a4200c4992518f23f74ff73f0f7fdc60b4bc8fe6b93abae
b936db5880aa9b6b2f26a8d32fc2b689fb75f69d971b94194f16dba801221ffe
bacd426460574c0fc84822fd3846441f1040b4374c8350d67271049bd29fc6d7
bb5b6c52c072488848fbe51554382a6bc0be26a315e7558aa5ad61df4433b2dc
bc963ec675a47c9549e8fa57d49a196bfa1faea63135a4cee881f68ccde88037
bf06f41bb3a1429115fa2dcfbee9986234d6d319da3597648e4e980340d52027
c05a1108c176130e9dff2f6a5ebdb60be1c3e17b5a8f83de35b29f44fb109434
c25c69a7a6a306d5868a2575e620ce102688db2fc8a1c7e156a483819c3442df
c2b7a45d31339f18ed57fd095feca4da1b3fbab75a5afbc053957f6e8e1613a2
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c3dfc3f03106f85ab56ceaadf44433f35cca4209d64922d50a1c650c90aa60ad
c6b2815294e64eb3d9e30955673ae3b60a486ae5b7dfcc7e48c0e2a4fe7301de
c7e9892e66464b9c939f81878a76b28761697e4a9b9252ce7c43fedcb95c94e6
c8c302716cf94980a0d77e614d9fb6c430f166b5ef7c42b7c382771955e52ba6
c96b2cd5b57e02ce65ab0a787a6c8ea69efbf424064e15500691847cd879e8ca
ca4b8bc30efe3bc477a4699a51c7ca0ba2cf24f24f02d3b861453a1aac7d0fb6
ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cdaa4c91b5bc3dd4ce8e1345b453844dd414602022a182ce2853d87bd4b9a9d3
cdeb836f7f77cd2174fa0bb4aa3825963aa64faf657a24f988b82f1c4d28ce69
d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9
d08fa1906998435f62fea09b51c792ed9b1d93a9636efe4fa8981599c7de9419
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d14e287ddae470b06c4639e73260ca21a4c9b7cfdf56e02965a8f50fb5333b42
d3ec56e30464585e5c2b664b8dd77525dd3bc5b3079be7d6dede18cd3f90da33
d3ed94b69049a6046b0472b87a4d1be0a1c9482c9edc3793bf72714c82c7ce0c
d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6
d622534d53d3ac1095af275f0b30274fcd835785577df2dde6d9398e6f7a2c8f
d641c13a78017e11f15b152b78082bcd0cf474766f13ba649bfa6378d956c492
dc7e118b7e07217031d017282955569cb66891f527050135caadb2dd5779824f
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
ded5803ec6bbdbe8a72c83670fdcd7ac7b927c7aa3abcecba3437398a710f5b4
e1900199e55042170a326de0d99bea54f8988fd6a6fa3b6fc50fa7ba03b3224d
e2a0c716824375ab3b6ba3d71119d6ea8658ec6d3afbe6efa8e49b07cc1e858b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba
e4cb709013e7082e102d1018d3885c0932dfe3b93bcada40c8e646db2a29e5ee
e517a35c5f569958a934efcb143bdbb42f9f3b8cdd11442aed95bf45716007f2
e5cc98a7681a840c7940cf675360a0def2ffacf2ea52b046ce5354a9ee873dd8
e63cf738c3a577e286765aaa9de59ed4300f6bf8b5d34773d131afd3da456b9c
e7210a94d730f5eda5cfb3660b82ce7480f8ffae00e3b133a579df6a5f87e4a5
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e849270262c5dcd47384033f3124d1348a1cd243339f5ba806199e58f5b18d5a
e8a46cd56aa98433412fb840a57631c907906215d146cd8d0ea3ce417662b301
e8e658c81a7ff92a6e0f9049ee3a8fc42082e8303abb6ed44c73361259cbdbae
eaf3fbeb37e264707dd55409d3e8729dbbf6fdc39536e3961c59ec0a4ebad5f0
eb3487cae40a55bf31dc6e6191ab0d88ec8c8f85c62bf28ad25ad0a40c16a611
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
ec547a2f9fde5ce8e398da2810828ba3c30c641ce2761f5bf915225efb35f919
edb409aebe8f4b88021a0c7c6b60abc2cfa4463f794b2429708cf3294681d0fe
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef95e055a869e0da0233ad796b7090126244c80e15cf0a4b8d29f7a44d70065a
f15d8a886aee04cacc028d53199d4313ea0a1a159e36577e478357620b327011
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
f3342c52eee43a2ea931cae2ee2d6d9a2939432ffcb03bb4f2983ac7e49b26cc
f3e04a15bb017b906d4834cb5da6e3ea409b5da37a0cd9cec4b62a496f8560a1
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a
f46108976666130f89c43a82ee045f7a3afb264494060ef6b3d9eb6589e49d16
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
f980a1f721b3ab441d00032ffd031a7b017de2677262608a1db5b15b4c40d0a4
fb93bfea259cfe6d3866424ade56cc5f7bf4a20a7401afd0e92a8b4f7a1dc176
fbeb296c1ecc216a17bda77bf65e833cc0410cfbe1908e121f7a4549cc390675
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c
fef5e81d55d2e0ac7bae2e1ed3fc8299691b8d5006aca269c8fcf308bd9a2865
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869
fffcc021124d70080ddd0c52562645c46e03ff39c924ced85c1bfd62cb8b8767

cofense.com Open in urlscan Pro 141.193.213.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

236 Requests

97 %HTTPS

53 %IPv6

31 Domains

46 Subdomains

37 IPs

4 Countries

2984 kBTransfer

8317 kBSize

38 Cookies

7 Outgoing links

Redirected requests

236 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

cofense.com Open in urlscan Pro
141.193.213.21 Public Scan

Screenshot
Live screenshot

Full Image

236
Requests

97 %
HTTPS

53 %
IPv6

31
Domains

46
Subdomains

37
IPs

4
Countries

2984 kB
Transfer

8317 kB
Size

38
Cookies

236 HTTP transactions
3 data transactions