bolster.ai Open in urlscan Pro
2606:4700:10::6816:43db Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bolster.ai/blog/usps-phishing-campaign
Submission: On December 06 via api (December 6th 2023, 2:15:08 am UTC) from TR — Scanned from DE

Summary HTTP 123 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 45 IPs in 5 countries across 38 domains to perform 123 HTTP transactions. The main IP is 2606:4700:10::6816:43db, located in United States and belongs to CLOUDFLARENET, US. The main domain is bolster.ai.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on March 21st 2023. Valid for: a year.

This is the only time bolster.ai was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
44	2606:4700:10:... 2606:4700:10::6816:43db	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.71.189 172.67.71.189	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	152.195.15.58 152.195.15.58	15133 (EDGECAST) (EDGECAST)
3	2606:4700:440... 2606:4700:4400::ac40:93bc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:7eaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:400... 2a04:4e42:400::729	54113 (FASTLY) (FASTLY)
1	65.9.95.97 65.9.95.97	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:bb59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:880f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
6	2606:4700:440... 2606:4700:4400::ac40:994b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
2	104.64.124.188 104.64.124.188	16625 (AKAMAI-AS) (AKAMAI-AS)
1	65.9.95.80 65.9.95.80	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:780... 2a02:26f0:780::210:a40a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	162.159.152.17 162.159.152.17	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:1ec:46::62 2620:1ec:46::62	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.3.120.216 52.3.120.216	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6812:7b0c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:5b9a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4dba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:440... 2606:4700:4400::6812:22e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
4 5	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
2	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
9	2.17.147.176 2.17.147.176	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.32.27.65 13.32.27.65	16509 (AMAZON-02) (AMAZON-02)
1	34.96.71.22 34.96.71.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	18.66.97.20 18.66.97.20	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:480... 2a02:26f0:480:23::1726:629c	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:1f18:612... 2600:1f18:612b:4232:e6bb:aabb:4218:240a	14618 (AMAZON-AES) (AMAZON-AES)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
123	45

44 2606:4700:10::6816:43db (United States)

ASN13335 (CLOUDFLARENET, US)

bolster.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.71.189 (United States)

ASN13335 (CLOUDFLARENET, US)

app.secureprivacy.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 152.195.15.58 (United States)

ASN15133 (EDGECAST, US)

cdn.bizible.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.bizibly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)

pro.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::729 (United States)

ASN54113 (FASTLY, US)

vjs.zencdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-97.prg50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:bb59 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:880f (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:4400::ac40:994b (United States)

ASN13335 (CLOUDFLARENET, US)

client.crisp.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.64.124.188 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-124-188.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-80.prg50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:780::210:a40a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.152.17 (None, )

ASN13335 (CLOUDFLARENET, US)

a.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:46::62 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.3.120.216 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-120-216.compute-1.amazonaws.com

q.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7b0c (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:5b9a (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4dba (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:22e5 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

540-rfh-299.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2.17.147.176 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-147-176.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-65.fra56.r.cloudfront.net

tag.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-20.fra56.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:23::1726:629c (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.36.155 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:e6bb:aabb:4218:240a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	bolster.ai bolster.ai	2 MB
10	6sc.co j.6sc.co — Cisco Umbrella Rank: 5657 c.6sc.co — Cisco Umbrella Rank: 8715 ipv6.6sc.co — Cisco Umbrella Rank: 5852 b.6sc.co — Cisco Umbrella Rank: 3994	21 KB
6	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 327 www.linkedin.com — Cisco Umbrella Rank: 629 px4.ads.linkedin.com — Cisco Umbrella Rank: 6419	5 KB
6	crisp.chat client.crisp.chat — Cisco Umbrella Rank: 16959	157 KB
5	bizible.com cdn.bizible.com — Cisco Umbrella Rank: 6947	51 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 329	14 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	56 KB
3	fontawesome.com pro.fontawesome.com — Cisco Umbrella Rank: 5123	223 KB
2	hubspot.com track.hubspot.com — Cisco Umbrella Rank: 2246 forms.hubspot.com — Cisco Umbrella Rank: 4894	3 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	1 KB
2	company-target.com s.company-target.com — Cisco Umbrella Rank: 1383 api.company-target.com — Cisco Umbrella Rank: 3792	1 KB
2	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 713	610 B
2	t.co t.co — Cisco Umbrella Rank: 589	579 B
2	google.de www.google.de — Cisco Umbrella Rank: 6765	562 B
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2693 www.google.com — Cisco Umbrella Rank: 2	696 B
2	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2129	19 KB
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 4726 forms.hscollectedforms.net — Cisco Umbrella Rank: 4810	26 KB
2	quora.com a.quora.com — Cisco Umbrella Rank: 4913 q.quora.com — Cisco Umbrella Rank: 3720	15 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 763	13 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75	2 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3659	7 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	194 KB
2	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2326	2 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 700 script.hotjar.com — Cisco Umbrella Rank: 933	59 KB
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 339	239 B
1	tremorhub.com partners.tremorhub.com — Cisco Umbrella Rank: 1153	392 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 711	98 B
1	demandbase.com tag.demandbase.com — Cisco Umbrella Rank: 4557	21 KB
1	bizibly.com cdn.bizibly.com — Cisco Umbrella Rank: 13567	202 B
1	mktoresp.com 540-rfh-299.mktoresp.com	318 B
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2128	21 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 4727	88 KB
1	clarity.ms www.clarity.ms — Cisco Umbrella Rank: 796	162 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 678	15 KB
1	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 4490	2 KB
1	zencdn.net vjs.zencdn.net — Cisco Umbrella Rank: 5507	11 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 857	2 KB
1	secureprivacy.ai app.secureprivacy.ai — Cisco Umbrella Rank: 62095	7 KB
123	38

	Domain	Requested by
44	bolster.ai	bolster.ai cdn.bizible.com
7	b.6sc.co	bolster.ai
6	client.crisp.chat	bolster.ai client.crisp.chat
5	cdn.bizible.com	bolster.ai cdn.bizible.com
4	px.ads.linkedin.com	3 redirects cdn.bizible.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com bolster.ai
3	cdnjs.cloudflare.com	bolster.ai
3	pro.fontawesome.com	bolster.ai pro.fontawesome.com
2	dsum-sec.casalemedia.com	1 redirects s.company-target.com
2	analytics.twitter.com	bolster.ai
2	t.co	bolster.ai
2	www.google.de	bolster.ai
2	js.hs-banner.com	js.hs-scripts.com js.hs-banner.com
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
2	munchkin.marketo.net	bolster.ai munchkin.marketo.net
2	www.googletagmanager.com	bolster.ai www.googletagmanager.com
2	js.hs-scripts.com	bolster.ai
1	forms.hubspot.com	cdn.bizible.com
1	track.hubspot.com
1	pixel.rubiconproject.com	s.company-target.com
1	partners.tremorhub.com	s.company-target.com
1	ipv6.6sc.co	cdn.bizible.com
1	c.6sc.co	cdn.bizible.com
1	api.company-target.com	cdn.bizible.com
1	id.rlcdn.com	bolster.ai
1	s.company-target.com	tag.demandbase.com
1	tag.demandbase.com	bolster.ai
1	j.6sc.co	bolster.ai
1	cdn.bizibly.com	bolster.ai
1	forms.hscollectedforms.net	js.hscollectedforms.net
1	540-rfh-299.mktoresp.com	munchkin.marketo.net
1	www.google.com	bolster.ai
1	px4.ads.linkedin.com	bolster.ai
1	www.linkedin.com	1 redirects
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	js.hsleadflows.net	js.hs-scripts.com
1	q.quora.com	bolster.ai
1	www.clarity.ms	bolster.ai
1	a.quora.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	static.ads-twitter.com	bolster.ai
1	ws.zoominfo.com	bolster.ai
1	static.hotjar.com	bolster.ai
1	vjs.zencdn.net	bolster.ai
1	unpkg.com	bolster.ai
1	app.secureprivacy.ai	bolster.ai
123	50

This site contains links to these domains. Also see Links.

Domain
boost.bolster.ai
platform.bolster.ai
home.bolster.ai
www.brighttalk.com
usps.com
checkphish.ai
www.alviy.com
www.clever-cloud.com
clever-cloud.com
now-dns.com
www.facebook.com
twitter.com
pinterest.com
www.linkedin.com
reddit.com
www.tumblr.com
vk.com
getpocket.com
t.me

Subject Issuer	Validity	Valid
*.bolster.ai AlphaSSL CA - SHA256 - G4	`2023-03-21` - `2024-04-21`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-06` - `2024-05-04`	a year	crt.sh
io.bizible.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-01` - `2024-07-01`	a year	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-04` - `2025-01-03`	a year	crt.sh
vjs.zencdn.net GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-06-03` - `2024-07-04`	a year	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2023-04-04` - `2024-04-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
crisp.chat Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-06` - `2024-02-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
quora.com R3	`2023-11-26` - `2024-02-24`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-08-29` - `2024-08-29`	a year	crt.sh
*.quora.com R3	`2023-11-05` - `2024-02-03`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.mktoresp.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-07` - `2024-10-07`	a year	crt.sh
6sc.co R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2023-08-23` - `2024-09-23`	a year	crt.sh
*.company-target.com R3	`2023-10-20` - `2024-01-18`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2023-09-27` - `2024-09-26`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2023-11-03` - `2024-05-03`	6 months	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://bolster.ai/blog/usps-phishing-campaign
Frame ID: 9075C7C14323C896799B9F2C2FCEFB03
Requests: 119 HTTP requests in this frame

Frame: https://s.company-target.com/s/sync?exc=lr
Frame ID: 7DC59A5705847B4433EF7D77139D8B61
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Vast Parcel Delivery Phishing Campaign Discovered | Bolster

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
owl\.carousel.*\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

123
Requests

97 %
HTTPS

57 %
IPv6

38
Domains

50
Subdomains

45
IPs

5
Countries

2784 kB
Transfer

6667 kB
Size

49
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://boost.bolster.ai/contact-us.html
Title: Contact

Search URL Search Domain Scan URL

URL: https://boost.bolster.ai/support.html
Title: Support

Search URL Search Domain Scan URL

URL: https://platform.bolster.ai/sign-in
Title: Log In

Search URL Search Domain Scan URL

URL: https://home.bolster.ai/demo
Title: Request Demo

Search URL Search Domain Scan URL

URL: https://www.brighttalk.com/webcast/20066/601082?utm_source=Bolster&utm_medium=blogpost&utm_campaign=601082
Title: Register for our live webinar covering 2023 holiday scams

Search URL Search Domain Scan URL

URL: http://usps.com/
Title: USPS.com

Search URL Search Domain Scan URL

URL: https://checkphish.ai/?__hstc=216000520.6032d6316ce5bb35ada25b5d9b6b611a.1701828904203.1701828904203.1701828904203.1&__hssc=216000520.1.1701828904203&__hsfp=881765916
Title: CheckPhish

Search URL Search Domain Scan URL

URL: https://www.alviy.com/
Title: alviy.com

Search URL Search Domain Scan URL

URL: https://www.clever-cloud.com/
Title: clever-cloud.com

Search URL Search Domain Scan URL

URL: http://clever-cloud.com/
Title: forumz.info

Search URL Search Domain Scan URL

URL: http://now-dns.com/
Title: now-dns.com

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://bolster.ai/blog/usps-phishing-campaign

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://bolster.ai/blog/usps-phishing-campaign

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://bolster.ai/blog/usps-phishing-campaign

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://bolster.ai/blog/usps-phishing-campaign

Search URL Search Domain Scan URL

URL: https://reddit.com/submit?url=https://bolster.ai/blog/usps-phishing-campaign

Search URL Search Domain Scan URL

URL: https://www.tumblr.com/widgets/share/tool?canonicalUrl=https://bolster.ai/blog/usps-phishing-campaign

Search URL Search Domain Scan URL

URL: http://vk.com/share.php?url=https://bolster.ai/blog/usps-phishing-campaign

Search URL Search Domain Scan URL

URL: https://getpocket.com/edit?url=https://bolster.ai/blog/usps-phishing-campaign

Search URL Search Domain Scan URL

URL: https://t.me/share/url?url=https://bolster.ai/blog/usps-phishing-campaign

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/bolster-ai/

Search URL Search Domain Scan URL

URL: https://twitter.com/bolsterai

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 78

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2180364&time=1701828902976&url=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2180364&time=1701828902976&url=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2180364%26time%3D1701828902976%26url%3Dhttps%253A%252F%252Fbolster.ai%252Fblog%252Fusps-phishing-campaign%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2180364&time=1701828902976&url=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2180364&time=1701828902976&url=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&cookiesTest=true&liSync=true&e_ipv6=AQIxOX1X8Y2s9wAAAYw86EHnxwY8av7tNE7yhAtoMZoLuvCdSScjcH1CjB69JWxnHgtofsx6VBI5

Request Chain 109

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1717640103&external_user_id=6f831f9a-0e1c-42af-9592-ec9aafcc615c HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1717640103&external_user_id=6f831f9a-0e1c-42af-9592-ec9aafcc615c&C=1

123 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request usps-phishing-campaign Show response
bolster.ai/blog/ 99 KB
24 KB 882ms
623ms Document
text/html 2606:4700:10::6816:43db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:43db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

868b03314a758384d3a1969a05cfea274fc34966df1f88f020e6b5623c3a368e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 831104c81cab371f-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 06 Dec 2023 02:15:01 GMT
link: <https://bolster.ai/wp-json/>; rel="https://api.w.org/" <https://bolster.ai/wp-json/wp/v2/posts/5220>; rel="alternate"; type="application/json" <https://bolster.ai/?p=5220>; rel=shortlink
server: cloudflare
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 6
x-cache-group: normal
x-cacheable: SHORT
x-pingback: https://bolster.ai/xmlrpc.php
x-powered-by: WP Engine

GET
H2 200 60ff3ef04d555ec68f918fdf.js Show response
app.secureprivacy.ai/script/ 6 KB
7 KB 96ms
63ms Script
application/octet-stream 172.67.71.189
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.secureprivacy.ai/script/60ff3ef04d555ec68f918fdf.js
Requested by: Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.189 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4efdd29b2f63cac6ca076e38260e5296db1f53ddcdf04af3a7446f38e2bf275

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:01 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 20 Apr 2022 04:04:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: X0413CJViCUvEoKuEFj/mQ==
server: cloudflare
etag: "0x8DA2282D18D7EAE"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=okTU3J4G1oaDoiXPLX9tpCzcOloMHbyDpTKktO%2FrlRISOqKvPQ1gZX2IL0UypMJluYuDhcHGKwgHVNXENPKLG1Rvx2sa%2Bo%2FI9nvC1WuwCLYBGsXeoA%2Bfo7QaThOqbGGadDyP3AI4"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
x-ms-request-id: 7c78e48e-a01e-000f-56ea-27d7c7000000
x-ms-version: 2018-03-28
accept-ranges: bytes
cf-ray: 831104cc3a7237f8-FRA
content-length: 6537

GET
H2 200 fonts.css
bolster.ai/wp-content/themes/bolster/assets/css/ 2 KB
437 B 25ms
23ms Stylesheet
text/css 2606:4700:10::6816:43db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/wp-content/themes/bolster/assets/css/fonts.css?t=1678414621980

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:43db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f88b2e2275b3f0cae0a176e1d249ae53f39bced3d6b5b1422419ac8b54d03217

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:01 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 06 Jul 2023 08:08:12 GMT
server: cloudflare
age: 598482
etag: W/"64a6766c-6dc"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 831104cc0f81371f-FRA

GET
H2 200 landing.css
bolster.ai/wp-content/themes/bolster/assets/css/ 253 KB
38 KB 31ms
30ms Stylesheet
text/css 2606:4700:10::6816:43db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/wp-content/themes/bolster/assets/css/landing.css

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:43db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4eb64fef9cc9f636740ce1142a5dd7682ee88f51ed6ea3509b081d14939547df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:01 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 06 Jul 2023 08:08:14 GMT
server: cloudflare
age: 2061225
cf-polished: origSize=288960
etag: W/"64a6766e-468c0"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 831104cc0f82371f-FRA

GET
H2 200 bizible.js Show response
cdn.bizible.com/scripts/ 67 KB
25 KB 92ms
15ms Script
application/x-javascript 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.bizible.com/scripts/bizible.js

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.15.58 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BA7) /

Resource Hash

c0790c2d2916752f04091f3dc2ff8f1fb793bc09c07bf99809706cea80223780

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSub
last-modified: Sun, 03 Dec 2023 10:44:23 GMT
server: ECS (amb/6BA7)
age: 18161
etag: "31e8b6add525da1:0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 25393

GET
H2 200 vendor.js Show response
bolster.ai/wp-content/themes/bolster/assets/js/ 608 KB
179 KB 46ms
44ms Script
application/javascript 2606:4700:10::6816:43db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/wp-content/themes/bolster/assets/js/vendor.js?t=1678414621980

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:43db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18bef914d9394fb470b7faa0402881527df938cf2add1e526a8d901e3f656bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:01 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 06 Jul 2023 08:09:10 GMT
server: cloudflare
age: 598482
etag: W/"64a676a6-97fba"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 831104cc1f94371f-FRA

GET
H2 200 all.css
pro.fontawesome.com/releases/v5.10.0/css/ 153 KB
29 KB 60ms
29ms Stylesheet
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.10.0/css/all.css
Requested by: Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2af905d92cfd34b5413126a54f639da408166cbbcb54318e413ad5e10b5bf6ec

Request headers

Referer: https://bolster.ai/
Origin: https://bolster.ai
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:01 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: YFME4PJ9V6A760SD
age: 327638
x-amz-id-2: 8j79L6SAmsuiVYcqLaUTE8CoQ5QobDPpdsupFEt9AAwnsWRWpTKb43u2YUllUjwGr389o9A4rcBcZTMVsnKm6cr5JWSDekkCvFXXIzOkgJQ=
last-modified: Mon, 28 Jun 2021 16:54:32 GMT
server: cloudflare
etag: W/"aa1272633e7e552395d147a499bad186"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: text/css
cache-control: max-age=31556926
cf-ray: 831104cc39c565ad-FRA

GET
H2 200 aos.css
unpkg.com/aos@2.3.1/dist/ 25 KB
2 KB 49ms
17ms Stylesheet
text/css 2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/aos@2.3.1/dist/aos.css

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:01 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 513971
last-modified: Thu, 17 May 2018 22:11:13 GMT
fly-request-id: 01HGF4B98KBPS3K4QKQQMZSKB2-fra
server: cloudflare
etag: W/"65c5-BVfTdFS2f0LyyxAeV+UHD7EZNXA"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 831104cc3f0018ed-FRA

GET
H2 200 owl.carousel.min.css
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/ 3 KB
1 KB 49ms
17ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/owl.carousel.min.css

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://bolster.ai
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 677750
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 845
last-modified: Mon, 04 May 2020 16:04:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf0-d17"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CtlVrf%2FXkZzsImImagCxeEa1i9CTiTY8%2BebrgdnGClmg2k6NgiTNWnWnZULBo79JrYbPTzYmla6Fp2vkT5CWlYgRxJ9SRvuqSVpRyI56bsVa3N8xq1U7r3mEYtnDe%2FrKdsH24w2ylS3Eta%2Bv11czgcBG"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 831104cc391a9b82-FRA
expires: Mon, 25 Nov 2024 02:15:01 GMT

GET
H2 200 owl.carousel.min.js Show response
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/ 43 KB
11 KB 48ms
16ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/owl.carousel.min.js

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://bolster.ai
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1708011
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10158
last-modified: Mon, 04 May 2020 16:04:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf0-ad36"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xWsz5pqRxRyxX%2F%2FazxRHNvT8JYmB0OO266N9NzacuSnriI78X9aXd4TJ1dSo6MDf28T0CGjOk9YOc9BvFWyMIen1r%2FkLnRXlWCQgSwBNYukxpoRyR2gmkczBbfVHjZOUl3wNawzGDnOATh4PMamtRxMZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 831104cc391b9b82-FRA
expires: Mon, 25 Nov 2024 02:15:01 GMT

GET
H2 200 vendor.css
bolster.ai/wp-content/themes/bolster/assets/css/ 167 KB
26 KB 770ms
769ms Stylesheet
text/css 2606:4700:10::6816:43db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/wp-content/themes/bolster/assets/css/vendor.css?t=94614

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:43db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

155044aeeaea2b8d35efc40af273259a893d6c271eb4439e50432f3ddbb99aae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:02 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 06 Jul 2023 08:08:16 GMT
server: cloudflare
strict-transport-security: max-age=15552000; preload
etag: W/"64a67670-29d50"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 831104cc0f84371f-FRA

GET
H2 200 swiper-bundle.min.css
bolster.ai/wp-content/themes/bolster/assets/css/ 18 KB
5 KB 742ms
741ms Stylesheet
text/css 2606:4700:10::6816:43db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/wp-content/themes/bolster/assets/css/swiper-bundle.min.css?t=23318

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:43db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af8545de3876815292506711e1369bff9dfe57ec7e04c45c3e1bdac48a11f3b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:02 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sat, 05 Aug 2023 05:45:52 GMT
server: cloudflare
strict-transport-security: max-age=15552000; preload
etag: W/"64cde210-4691"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 831104cc0f85371f-FRA

GET
H2 200 blog.css
bolster.ai/wp-content/themes/bolster/assets/css/ 167 KB
27 KB 778ms
777ms Stylesheet
text/css 2606:4700:10::6816:43db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/wp-content/themes/bolster/assets/css/blog.css?t=41379

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:43db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

782ae98c072f0e0e45013aa1b0444d0d8e3f6c3c9c1e237c215e93efebc26886

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:02 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 06 Sep 2023 18:34:43 GMT
server: cloudflare
strict-transport-security: max-age=15552000; preload
etag: W/"64f8c643-29aa6"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 831104cc0f88371f-FRA

GET
H2 200 swiper-bundle.min.js Show response
bolster.ai/wp-content/themes/bolster/assets/js/ 137 KB
39 KB 33ms
31ms Script
application/javascript 2606:4700:10::6816:43db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/wp-content/themes/bolster/assets/js/swiper-bundle.min.js

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:43db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b98b576cf86540a5ce760ea71801cf6ba087b7f1d6e92c09a3a4e849daf3bc3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 05 Aug 2023 05:45:07 GMT
server: cloudflare
strict-transport-security: max-age=15552000; preload
age: 1962785
etag: W/"64cde1e3-224e5"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 831104cc1f95371f-FRA

GET
H2 200 header.css
bolster.ai/wp-content/themes/bolster/assets/css/ 20 KB
4 KB 732ms
731ms Stylesheet
text/css 2606:4700:10::6816:43db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/wp-content/themes/bolster/assets/css/header.css?t=46304

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:43db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

829810d625bfa081a203d32317d65b3cffefcb4854baf822e95120dd8daeb911

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:02 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sat, 05 Aug 2023 09:09:19 GMT
server: cloudflare
strict-transport-security: max-age=15552000; preload
etag: W/"64ce11bf-4f46"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 831104cc0f89371f-FRA

GET
H2 200 video-js.css
vjs.zencdn.net/7.20.1/ 45 KB
11 KB 45ms
13ms Stylesheet
text/css 2a04:4e42:400::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vjs.zencdn.net/7.20.1/video-js.css
Requested by: Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8c660e0b2d031b0efa6f5c892800da2d4f8555550eb929c66223bbb52a024f19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230070-FRA
date: Wed, 06 Dec 2023 02:15:01 GMT
content-encoding: gzip
last-modified: Wed, 01 Jun 2022 13:49:44 GMT
etag: "1f86b2298f610cfd578349a148c4f765"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
timing-allow-origin: *
content-length: 10959
x-cache-hits: 3

GET
H2 200 style.css
bolster.ai/wp-content/themes/bolster/ 17 B
141 B 24ms
24ms Stylesheet
text/css 2606:4700:10::6816:43db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/wp-content/themes/bolster/style.css

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:43db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eeda6f6208cf7226321ea4ff61ec9b93fde032d5dd25cff49a4941fbca6b2816

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:01 GMT
strict-transport-security: max-age=15552000; preload
cf-cache-status: HIT
age: 598482
cf-polished: origSize=186
content-length: 17
cf-bgj: minify
last-modified: Sat, 05 Aug 2023 06:39:43 GMT
server: cloudflare
etag: "64cdeeaf-ba"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 831104cc0f8c371f-FRA

GET
H2 200 style.min.css
bolster.ai/wp-includes/css/dist/block-library/ 102 KB
14 KB 26ms
25ms Stylesheet
text/css 2606:4700:10::6816:43db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/wp-includes/css/dist/block-library/style.min.css?ver=6.3.2

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:43db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 19 Jul 2023 11:13:55 GMT
server: cloudflare
strict-transport-security: max-age=15552000; preload
age: 598482
etag: W/"64b7c573-19824"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 831104cc0f8d371f-FRA

GET
H2 200 styles.css
bolster.ai/wp-content/plugins/contact-form-7/includes/css/ 2 KB
1003 B 25ms
24ms Stylesheet
text/css 2606:4700:10::6816:43db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.4

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:43db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2d4b7ac2cf724a064d15a4379ccca7a81c346dcb143f279d83a0e99f9563cc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:01 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 30 Nov 2023 06:41:33 GMT
server: cloudflare
age: 457766
cf-polished: origSize=2894
etag: W/"65682e9d-b4e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 831104cc0f8e371f-FRA

GET
H2 200 ez-toc-sticky.min.css
bolster.ai/wp-content/plugins/easy-table-of-contents/assets/css/ 5 KB
1 KB 25ms
25ms Stylesheet
text/css 2606:4700:10::6816:43db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/wp-content/plugins/easy-table-of-contents/assets/css/ez-toc-sticky.min.css?ver=2.0.56.1

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:43db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f27902b2b9390fb8b4b9b4239b762bc52fb4e6e2098d3dfecc1fdb37c9431b8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 21 Oct 2023 03:47:02 GMT
server: cloudflare
strict-transport-security: max-age=15552000; preload
age: 598482
etag: W/"653349b6-1575"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 831104cc0f8f371f-FRA

GET
H2 200 hotjar-2066347.js Show response
static.hotjar.com/c/ 9 KB
4 KB 121ms
67ms Script
application/javascript 65.9.95.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2066347.js?sv=6

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-97.prg50.r.cloudfront.net

Software

Resource Hash

1f98016af7863e9375dc797ad3f658094061862855d5b35f8a2eb4ad42c1dc55

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:02 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 32f35b6a71829a460d6fdae31f270164.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
etag: W/5be8cfaa474b6d0e58cd7807f79ec28c
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: wOccITqCGs1NreQUHQwXUsGLewW8a5DME4lTkOCAsdh0D1EVe04wzQ==

GET
H2 200 style.css
bolster.ai/wp-content/themes/bolster/ 17 B
86 B 17ms
16ms Stylesheet
text/css 2606:4700:10::6816:43db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/wp-content/themes/bolster/style.css?ver=6.3.2

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:43db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eeda6f6208cf7226321ea4ff61ec9b93fde032d5dd25cff49a4941fbca6b2816

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:01 GMT
strict-transport-security: max-age=15552000; preload
cf-cache-status: HIT
age: 1896368
cf-polished: origSize=186
content-length: 17
cf-bgj: minify
last-modified: Sat, 05 Aug 2023 06:39:43 GMT
server: cloudflare
etag: "64cdeeaf-ba"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 831104cccfed371f-FRA

GET
H2 200 app.css
bolster.ai/wp-content/themes/bolster/assets/css/ 20 KB
4 KB 20ms
19ms Stylesheet
text/css 2606:4700:10::6816:43db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/wp-content/themes/bolster/assets/css/app.css?ver=6.5.6

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:43db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3977a57ffee5f9602acb2256a493b055b0fbe0c683c5544573bb7e81473be89

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:01 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 13 Jul 2023 08:08:59 GMT
server: cloudflare
age: 387873
cf-polished: origSize=20583
etag: W/"64afb11b-5067"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 831104cccfef371f-FRA

GET
H2 200 jquery.min.js Show response
bolster.ai/wp-includes/js/jquery/ 85 KB
30 KB 18ms
17ms Script
application/javascript 2606:4700:10::6816:43db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/wp-includes/js/jquery/jquery.min.js?ver=3.7.0

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:43db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 26 May 2023 11:33:35 GMT
server: cloudflare
strict-transport-security: max-age=15552000; preload
age: 457766
etag: W/"6470990f-155ba"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 831104cccff1371f-FRA

GET
H2 200 jquery-migrate.min.js Show response
bolster.ai/wp-includes/js/jquery/ 13 KB
5 KB 19ms
19ms Script
application/javascript 2606:4700:10::6816:43db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:43db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 09 Jun 2023 05:49:24 GMT
server: cloudflare
strict-transport-security: max-age=15552000; preload
age: 170489
etag: W/"6482bd64-3509"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 831104cccff2371f-FRA

GET
H2 200 24174425.js Show response
js.hs-scripts.com/ 2 KB
1 KB 171ms
130ms Script
application/javascript 2606:4700::6810:bb59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/24174425.js

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:bb59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42302bc06dea45564bd5a0676cc5ca3fd7c5b8af3dc88e6aaf278ebd0c4975b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 903d8a45-e9c6-4c0a-9e50-5980c3c07534
x-envoy-upstream-service-time: 5
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 903d8a45-e9c6-4c0a-9e50-5980c3c07534
last-modified: Wed, 06 Dec 2023 00:48:37 GMT
server: cloudflare
x-trace: 2B38DCE7F2F55910C8F052A9887D85D5842900378F000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://bolster.ai
x-evy-trace-virtual-host: all
cache-control: public, max-age=60
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-6ffdd984b9-8fkpb
cf-ray: 831104d1ad07bbc1-FRA
expires: Wed, 06 Dec 2023 02:16:02 GMT

GET
H2 200 Screenshot-2023-11-13-at-2.38.47-PM.png
bolster.ai/wp-content/uploads/2023/11/ 186 KB
186 KB 963ms
962ms Image
image/png 2606:4700:10::6816:43db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bolster.ai/wp-content/uploads/2023/11/Screenshot-2023-11-13-at-2.38.47-PM.png

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:43db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e97b650032c4807fe8534ae690b1cf062a9c17f48792d34156875c4ccf296ccd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:02 GMT
strict-transport-security: max-age=15552000; preload
cf-cache-status: MISS
last-modified: Mon, 13 Nov 2023 21:39:01 GMT
server: cloudflare
etag: "65529775-2e6d2"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 831104cccff4371f-FRA
content-length: 190162

GET
H2 200 Screenshot-2023-11-13-at-2.38.47-PM-1024x711.png
bolster.ai/wp-content/uploads/2023/11/ 29 KB
29 KB 21ms
21ms Image
image/webp 2606:4700:10::6816:43db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bolster.ai/wp-content/uploads/2023/11/Screenshot-2023-11-13-at-2.38.47-PM-1024x711.png

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:43db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cac9b2d14af4e726aa81343794ca74fea196b05c890eb1e0d47e0a35f8b10611

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:01 GMT
strict-transport-security: max-age=15552000; preload
cf-cache-status: HIT
age: 46337
cf-polished: origFmt=png, origSize=33625
content-disposition: inline; filename="Screenshot-2023-11-13-at-2.webp"
content-length: 29770
cf-bgj: imgq:100,h2pri
last-modified: Mon, 13 Nov 2023 21:39:05 GMT
server: cloudflare
etag: "65529779-8359"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 831104cccff3371f-FRA

GET
H2 200 Screenshot-2023-11-21-at-8.22.03-AM.png
bolster.ai/wp-content/uploads/2023/11/ 89 KB
89 KB 22ms
22ms Image
image/webp 2606:4700:10::6816:43db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bolster.ai/wp-content/uploads/2023/11/Screenshot-2023-11-21-at-8.22.03-AM.png

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:43db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e655517e7fbdca05e234e076d682568be673643e5bdc7fbb12f5ad23a5cb487d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:01 GMT
strict-transport-security: max-age=15552000; preload
cf-cache-status: HIT
age: 70522
cf-polished: origFmt=png, origSize=219350
content-disposition: inline; filename="Screenshot-2023-11-21-at-8.webp"
content-length: 91246
cf-bgj: imgq:100,h2pri
last-modified: Tue, 21 Nov 2023 15:22:16 GMT
server: cloudflare
etag: "655ccb28-358d6"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 831104cccff5371f-FRA

GET
H2 200 Screenshot-2023-11-21-at-8.22.43-AM.png
bolster.ai/wp-content/uploads/2023/11/ 107 KB
107 KB 19ms
18ms Image
image/webp 2606:4700:10::6816:43db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bolster.ai/wp-content/uploads/2023/11/Screenshot-2023-11-21-at-8.22.43-AM.png

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:43db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac2dd4848e29d55d9d05965e66295266f840fde1e7e5c625b8056ed5e17ed515

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:01 GMT
strict-transport-security: max-age=15552000; preload
cf-cache-status: HIT
age: 46337
cf-polished: origFmt=png, origSize=245045
content-disposition: inline; filename="Screenshot-2023-11-21-at-8.webp"
content-length: 109202
cf-bgj: imgq:100,h2pri
last-modified: Tue, 21 Nov 2023 15:22:53 GMT
server: cloudflare
etag: "655ccb4d-3bd35"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 831104cce804371f-FRA

GET
H2 200 logo-icon.png
bolster.ai/wp-content/uploads/2023/03/ 310 B
421 B 764ms
764ms Image
image/png 2606:4700:10::6816:43db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bolster.ai/wp-content/uploads/2023/03/logo-icon.png

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:43db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e3537d5f3d2f5520070713b0c4e9ddd613f251763e9d93fa12669f21a60188e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:02 GMT
strict-transport-security: max-age=15552000; preload
cf-cache-status: MISS
last-modified: Thu, 04 May 2023 20:50:30 GMT
server: cloudflare
etag: "64541a96-136"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 831104cd1818371f-FRA
content-length: 310

GET
H2 200 left.png
bolster.ai/wp-content/themes/bolster/assets/images/Integrated-Blog/ 136 B
287 B 26ms
24ms Image
image/webp 2606:4700:10::6816:43db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bolster.ai/wp-content/themes/bolster/assets/images/Integrated-Blog/left.png

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:43db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1113cf2f526dabe790e97946546078167c948cfbb78f677d420adc12e91995f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:02 GMT
strict-transport-security: max-age=15552000; preload
cf-cache-status: HIT
age: 143593
cf-polished: origFmt=png, origSize=241
content-disposition: inline; filename="left.webp"
content-length: 136
cf-bgj: imgq:100,h2pri
last-modified: Thu, 06 Jul 2023 08:10:52 GMT
server: cloudflare
etag: "64a6770c-f1"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 831104d17a53371f-FRA

GET
H2 200 AdobeStock_503358549-scaled.jpeg
bolster.ai/wp-content/uploads/2023/04/ 116 KB
117 KB 965ms
963ms Image
image/jpeg 2606:4700:10::6816:43db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bolster.ai/wp-content/uploads/2023/04/AdobeStock_503358549-scaled.jpeg

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:43db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9017691cf30115d70bf13b495b0af9ed517ecb07e1270952ee7f3094043c8c71

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:03 GMT
strict-transport-security: max-age=15552000; preload
cf-cache-status: MISS
last-modified: Tue, 25 Jul 2023 01:20:46 GMT
server: cloudflare
etag: "64bf236e-1d13d"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 831104d17a54371f-FRA
content-length: 119101

GET
H2 200 Shutterstock_2048016017.jpg
bolster.ai/wp-content/uploads/2023/09/ 265 KB
265 KB 969ms
967ms Image
image/jpeg 2606:4700:10::6816:43db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bolster.ai/wp-content/uploads/2023/09/Shutterstock_2048016017.jpg

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:43db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

001acb0598d2959f23d095f40bfbfc6ee00f380ae3cf24b1fb8646699ae260d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:03 GMT
strict-transport-security: max-age=15552000; preload
cf-cache-status: MISS
last-modified: Thu, 14 Sep 2023 03:42:15 GMT
server: cloudflare
etag: "65028117-4232f"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 831104d17a55371f-FRA
content-length: 271151

GET
H2 200 Shutterstock_517844728.jpg
bolster.ai/wp-content/uploads/2023/09/ 329 KB
329 KB 972ms
970ms Image
image/jpeg 2606:4700:10::6816:43db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bolster.ai/wp-content/uploads/2023/09/Shutterstock_517844728.jpg

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:43db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

552bdb67c124807fd4a78a9af1bf8675b32e8c2a5b15fe04ab52504c64d39146

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:03 GMT
strict-transport-security: max-age=15552000; preload
cf-cache-status: MISS
last-modified: Tue, 05 Sep 2023 21:10:54 GMT
server: cloudflare
etag: "64f7995e-5222c"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 831104d17a56371f-FRA
content-length: 336428

GET
H2 200 bolster-logo-white.svg
bolster.ai/wp-content/uploads/2023/03/ 3 KB
1 KB 23ms
22ms Image
image/svg+xml 2606:4700:10::6816:43db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bolster.ai/wp-content/uploads/2023/03/bolster-logo-white.svg

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:43db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e5fe921affab5fc16bb76cb0138677bc52dc4abe1257ecfcae99bf225f09b01

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:02 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 18 Apr 2023 21:26:31 GMT
server: cloudflare
strict-transport-security: max-age=15552000; preload
age: 552339
etag: W/"643f0b07-bc0"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 831104d17a57371f-FRA

GET
H2 200 soc-type-two.png
bolster.ai/wp-content/uploads/2023/03/ 5 KB
6 KB 26ms
25ms Image
image/webp 2606:4700:10::6816:43db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bolster.ai/wp-content/uploads/2023/03/soc-type-two.png

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:43db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c2ce731a0fb36e28c1cc50b12c121c81ae56fbaef0a109c516f3de4e67eb0b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:02 GMT
strict-transport-security: max-age=15552000; preload
cf-cache-status: HIT
age: 552339
cf-polished: origFmt=png, origSize=6911
content-disposition: inline; filename="soc-type-two.webp"
content-length: 5604
cf-bgj: imgq:100,h2pri
last-modified: Tue, 18 Apr 2023 21:26:32 GMT
server: cloudflare
etag: "643f0b08-1aff"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 831104d17a59371f-FRA

GET
H2 200 in.jpg
bolster.ai/wp-content/uploads/2023/03/ 687 B
813 B 27ms
26ms Image
image/jpeg 2606:4700:10::6816:43db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bolster.ai/wp-content/uploads/2023/03/in.jpg

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:43db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5370a5f05408ac6c35354c362f4ac427f28438f4c4431c8f4f6555775073d62

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:02 GMT
strict-transport-security: max-age=15552000; preload
cf-cache-status: HIT
age: 552339
cf-polished: origSize=872
content-length: 687
cf-bgj: imgq:100,h2pri
last-modified: Thu, 04 May 2023 20:48:49 GMT
server: cloudflare
etag: "64541a31-368"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 831104d17a5a371f-FRA

GET
H2 200 tw.jpg
bolster.ai/wp-content/uploads/2023/03/ 687 B
860 B 27ms
26ms Image
image/jpeg 2606:4700:10::6816:43db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bolster.ai/wp-content/uploads/2023/03/tw.jpg

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:43db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75ba0e9c35e2379a79f86786534917bff2df3f6341ffd026b71a055112b2badb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:02 GMT
strict-transport-security: max-age=15552000; preload
cf-cache-status: HIT
age: 1896369
cf-polished: origSize=874
content-length: 687
cf-bgj: imgq:100,h2pri
last-modified: Thu, 04 May 2023 20:48:49 GMT
server: cloudflare
etag: "64541a31-36a"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 831104d17a5c371f-FRA

GET
H3 200 lottie_svg.min.js Show response
cdnjs.cloudflare.com/ajax/libs/bodymovin/5.5.3/ 194 KB
44 KB 36ms
27ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bodymovin/5.5.3/lottie_svg.min.js

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82579c118595edaf3938bd630ff491419d33e0b52c907fa3f9f61f4a05f0451a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 498650
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 44603
last-modified: Mon, 04 May 2020 16:06:35 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d8b-30991"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bHGms6EREJJXu08eEObElsIGYn21znEbxfPXTvkPVLS2k97ayHJHn0gEbrjD4%2BsisoQT84BKJQeWC2Xu7UDUabDsM%2FMZFpCL4Gvvp1TbHwafuoZWLKTkLgdUYXldg8un1GjNtiAv6fbV%2B2D1Bacxbtnd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 831104d17c431cc5-FRA
expires: Mon, 25 Nov 2024 02:15:02 GMT

GET
H2 200 index.js Show response
bolster.ai/wp-content/plugins/contact-form-7/includes/swv/js/ 11 KB
3 KB 25ms
23ms Script
application/javascript 2606:4700:10::6816:43db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.4

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:43db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:02 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 30 Nov 2023 06:41:33 GMT
server: cloudflare
age: 457767
etag: W/"65682e9d-2b6d"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 831104d17a4d371f-FRA

GET
H2 200 index.js Show response
bolster.ai/wp-content/plugins/contact-form-7/includes/js/ 13 KB
4 KB 26ms
24ms Script
application/javascript 2606:4700:10::6816:43db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.4

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:43db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:02 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 30 Nov 2023 06:41:33 GMT
server: cloudflare
age: 457767
etag: W/"65682e9d-337e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 831104d17a4e371f-FRA

GET
H2 200 24174425.js Show response
js.hs-scripts.com/ 2 KB
774 B 333ms
293ms Script
application/javascript 2606:4700::6810:bb59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/24174425.js?integration=WordPress&ver=10.2.16

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:bb59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23e730822e5279636a3c1ea587c53270a38897de967bcca83352d561dd1c69b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: a7854218-d9d0-447d-a7df-8ecc3bb0b7b2
x-envoy-upstream-service-time: 10
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: a7854218-d9d0-447d-a7df-8ecc3bb0b7b2
last-modified: Tue, 05 Dec 2023 08:36:34 GMT
server: cloudflare
x-trace: 2BF97614A5EDE28E5F2E7CAC7F462B1F2CF9260864000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://bolster.ai
x-evy-trace-virtual-host: all
cache-control: public, max-age=60
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-6ffdd984b9-jm5kc
cf-ray: 831104d1ad06bbc1-FRA
expires: Wed, 06 Dec 2023 02:16:02 GMT

GET
H2 200 comment-reply.min.js Show response
bolster.ai/wp-includes/js/ 3 KB
1 KB 22ms
20ms Script
application/javascript 2606:4700:10::6816:43db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/wp-includes/js/comment-reply.min.js?ver=6.3.2

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:43db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:02 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
server: cloudflare
strict-transport-security: max-age=15552000; preload
age: 143593
etag: W/"625095f6-ba5"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 831104d17a4f371f-FRA

GET
H2 404 responsive-embeds.js
bolster.ai/wp-content/themes/bolster/assets/js/ 0
0 768ms
766ms Script
text/html 2606:4700:10::6816:43db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/wp-content/themes/bolster/assets/js/responsive-embeds.js?ver=6.3.2

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:43db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:03 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: gzip
cf-cache-status: EXPIRED
server: cloudflare
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/html
cache-control: max-age=14400
cf-ray: 831104d17a50371f-FRA

GET
H2 200 main.js Show response
bolster.ai/wp-content/themes/bolster/assets/js/ 9 KB
3 KB 23ms
21ms Script
application/javascript 2606:4700:10::6816:43db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/wp-content/themes/bolster/assets/js/main.js?ver=1.1.7

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:43db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b627a031966227afe6a97cf9188c9f8c2cb852336a0231566655b5c9de84b482

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:02 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sat, 05 Aug 2023 06:13:40 GMT
server: cloudflare
age: 2098817
cf-polished: origSize=14297
etag: W/"64cde894-37d9"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 831104d17a52371f-FRA

GET
H2 200 6176ff301763cc001309b96a Show response
ws.zoominfo.com/pixel/ 3 KB
2 KB 262ms
219ms Script
text/javascript 2606:4700::6810:880f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/6176ff301763cc001309b96a

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:880f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

d7d9ea4f669b0903451c5d87e2e3801cab236ca50e609435013ace47eda4d95c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 831104d1b8df9b37-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
alt-svc: h3=":443"; ma=86400

GET
H2 404 print.css
bolster.ai/wp-content/themes/bolster/assets/css/ 0
0 769ms
768ms Stylesheet
text/html 2606:4700:10::6816:43db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/wp-content/themes/bolster/assets/css/print.css?ver=6.3.2

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:43db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:03 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: gzip
cf-cache-status: EXPIRED
server: cloudflare
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/html
cache-control: max-age=14400
cf-ray: 831104d17a5d371f-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 325 KB
105 KB 77ms
32ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W4T3NN7

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

66f1cdfbf890e2d5e08c3ceaafa41ac0a1296ce1b057b89db0ad5f22e733ed3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 106707
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 06 Dec 2023 02:15:02 GMT

GET
BLOB 200
OK 2c0bbf04-9bcf-49b4-8ed6-bec15274b2ff
https://bolster.ai/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://bolster.ai/2c0bbf04-9bcf-49b4-8ed6-bec15274b2ff
Requested by: Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 ProximaNova_Medium_400.woff2
bolster.ai/wp-content/themes/bolster/assets/fonts/ 52 KB
53 KB 20ms
18ms Font
font/woff2 2606:4700:10::6816:43db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/wp-content/themes/bolster/assets/fonts/ProximaNova_Medium_400.woff2

Requested by

Host: bolster.ai
URL: https://bolster.ai/wp-content/themes/bolster/assets/css/fonts.css?t=1678414621980

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:43db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

208205bdec1ba25e00bb82dd733447e7092f96f45427a51499ca8b348a514ca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://bolster.ai/wp-content/themes/bolster/assets/css/fonts.css?t=1678414621980
Origin: https://bolster.ai
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:02 GMT
strict-transport-security: max-age=15552000; preload
cf-cache-status: HIT
last-modified: Thu, 06 Jul 2023 08:08:35 GMT
server: cloudflare
age: 598482
etag: "64a67683-d1e4"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 831104d18a62371f-FRA
content-length: 53732

GET
H2 200 ProximaNova_Bold_700.woff2
bolster.ai/wp-content/themes/bolster/assets/fonts/ 53 KB
53 KB 22ms
21ms Font
font/woff2 2606:4700:10::6816:43db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/wp-content/themes/bolster/assets/fonts/ProximaNova_Bold_700.woff2

Requested by

Host: bolster.ai
URL: https://bolster.ai/wp-content/themes/bolster/assets/css/fonts.css?t=1678414621980

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:43db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae76d384435e2a9c9b328827d7c0527d27541437f0387551a12225488bcb78db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://bolster.ai/wp-content/themes/bolster/assets/css/fonts.css?t=1678414621980
Origin: https://bolster.ai
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:02 GMT
strict-transport-security: max-age=15552000; preload
cf-cache-status: HIT
last-modified: Thu, 06 Jul 2023 08:08:34 GMT
server: cloudflare
age: 598482
etag: "64a67682-d2c8"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 831104d18a63371f-FRA
content-length: 53960

GET
H2 200 fa-brands-400.woff2
pro.fontawesome.com/releases/v5.10.0/webfonts/ 73 KB
73 KB 30ms
29ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.10.0/webfonts/fa-brands-400.woff2
Requested by: Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.10.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03a811b7e81f930c938141ba6c0a439f59acfe1a3c4a6768b7901741a32b459e

Request headers

Referer: https://pro.fontawesome.com/releases/v5.10.0/css/all.css
Origin: https://bolster.ai
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:02 GMT
cf-cache-status: HIT
x-amz-request-id: QDP9EAPT8DQBRT36
age: 280843
content-length: 74668
x-amz-id-2: oYhtJGdrqps7qSSUFs5lbgxZSpJ9jjgpCZUwq83LIVwKX66pkBtHaOkiDEOpHYiLoRdb0SJhS+U=
last-modified: Mon, 28 Jun 2021 16:56:06 GMT
server: cloudflare
etag: "2de2a530b2c689d8dc9548acfcf670a1"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 831104d18c9565ad-FRA

GET
H2 200 Graphik-Semibold-webfont.woff2
bolster.ai/wp-content/themes/bolster/assets/fonts/ 40 KB
40 KB 791ms
791ms Font
font/woff2 2606:4700:10::6816:43db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/wp-content/themes/bolster/assets/fonts/Graphik-Semibold-webfont.woff2

Requested by

Host: bolster.ai
URL: https://bolster.ai/wp-content/themes/bolster/assets/css/fonts.css?t=1678414621980

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:43db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d15a6bd0f96369f06aed1411eb2da9a874450957a952f0aec17550aad4496b63

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://bolster.ai/wp-content/themes/bolster/assets/css/fonts.css?t=1678414621980
Origin: https://bolster.ai
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:03 GMT
strict-transport-security: max-age=15552000; preload
cf-cache-status: MISS
last-modified: Thu, 06 Jul 2023 08:08:33 GMT
server: cloudflare
etag: "64a67681-9f89"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 831104d18a64371f-FRA
content-length: 40841

GET
H2 200 fa-solid-900.woff2
pro.fontawesome.com/releases/v5.10.0/webfonts/ 120 KB
120 KB 20ms
20ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.10.0/webfonts/fa-solid-900.woff2
Requested by: Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.10.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d27aa8bf9677cf4ef12acd7b37afc20f1f661d7c163b929ae9caf103b01fce37

Request headers

Referer: https://pro.fontawesome.com/releases/v5.10.0/css/all.css
Origin: https://bolster.ai
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:02 GMT
cf-cache-status: HIT
x-amz-request-id: QDP8JTW66NWEGEKF
age: 280843
content-length: 123004
x-amz-id-2: rM7d3bMLQ6fJodh5Dz4SAits5rm3gZRiGH/QEhEN6ntr2vlkvg/NcOxP6lJG6fce2kyzvD7wuMc=
last-modified: Mon, 28 Jun 2021 16:56:06 GMT
server: cloudflare
etag: "88fd444847dc842d15e229df26571b03"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 831104d18c9765ad-FRA

GET
H2 200 Graphik-Regular-webfont.woff2
bolster.ai/wp-content/themes/bolster/assets/fonts/ 36 KB
36 KB 25ms
25ms Font
font/woff2 2606:4700:10::6816:43db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/wp-content/themes/bolster/assets/fonts/Graphik-Regular-webfont.woff2

Requested by

Host: bolster.ai
URL: https://bolster.ai/wp-content/themes/bolster/assets/css/fonts.css?t=1678414621980

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:43db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e290fd043b2f300fcc6802ce9762f59dc63a4486ba3fa5a5d4491c1bef84677

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://bolster.ai/wp-content/themes/bolster/assets/css/fonts.css?t=1678414621980
Origin: https://bolster.ai
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:02 GMT
strict-transport-security: max-age=15552000; preload
cf-cache-status: HIT
last-modified: Thu, 06 Jul 2023 08:08:32 GMT
server: cloudflare
age: 598482
etag: "64a67680-8ead"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 831104d18a65371f-FRA
content-length: 36525

GET
H2 200 l.js Show response
client.crisp.chat/ 8 KB
3 KB 137ms
15ms Script
application/javascript 2606:4700:4400::ac40:994b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/l.js

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:994b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74d73ce62bf4e55531f706c6d6dcf8c7b95208101207e608d39c3296a6fa8ff4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 61091
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 24 Aug 2023 11:12:52 GMT
server: cloudflare
etag: W/"64e73b34-2023"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: false
vary: Accept-Encoding
cf-ray: 831104d2ac70362f-FRA
access-control-allow-headers: Content-Type, Origin
expires: Thu, 07 Dec 2023 02:15:02 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 159ms
35ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:02 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-etou8220057-FRA

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 139ms
15ms Script
application/x-javascript 104.64.124.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.64.124.188 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-64-124-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Wed, 06 Dec 2023 02:15:02 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H2 200 bizible.js Show response
cdn.bizible.com/scripts/ 67 KB
25 KB 22ms
17ms Script
application/x-javascript 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.bizible.com/scripts/bizible.js?lang=en

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.15.58 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BA7) /

Resource Hash

c0790c2d2916752f04091f3dc2ff8f1fb793bc09c07bf99809706cea80223780

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSub
last-modified: Sun, 03 Dec 2023 10:44:23 GMT
server: ECS (amb/6BA7)
age: 18161
etag: "31e8b6add525da1:0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 25393

GET
H2 200 modules.9a6460d94a753d6764ef.js Show response
script.hotjar.com/ 218 KB
55 KB 97ms
24ms Script
application/javascript 65.9.95.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.9a6460d94a753d6764ef.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2066347.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.80 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-80.prg50.r.cloudfront.net

Software

Resource Hash

15123675f1ab5bbd2dd01a31b3296559f3ebe212aec4fbb1604b1340c83ec2d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:42:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 32f35b6a71829a460d6fdae31f270164.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 52376
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55401
last-modified: Tue, 05 Dec 2023 11:41:37 GMT
etag: "96ef6b2dd3fa58f5dfaaef19a5968444"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: c4MfEzKjHAzcFHOqhzfNbl5GG3vkuloh8Og3dSlcxIZjZkFmM6v5wA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 272 KB
89 KB 51ms
51ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZHB4R2SB0J&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W4T3NN7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7cf52051751d6931387b02e6c53e80025e40807be955e06b0954c52447bfe339

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90917
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 06 Dec 2023 02:15:02 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/853909062/ 3 KB
2 KB 82ms
23ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/853909062/?random=1701828902780&cv=11&fst=1701828902780&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831618047&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&hn=www.googleadservices.com&frm=0&tiba=Vast%20Parcel%20Delivery%20Phishing%20Campaign%20Discovered%20%7C%20Bolster&auid=1274714385.1701828903&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W4T3NN7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78a786bdd2bf005f25ddb215e67486b3a8a6aa6c86eb386b07aa8103c397db3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 02:15:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1 KB
806 B 56ms
9ms Script
application/javascript 2a02:26f0:780::210:a40a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W4T3NN7

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::210:a40a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

96271179d44086ad6cfba78c4788e3ac34dac8c8bfd18d2c2226d12d5abd0063

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 04 Dec 2023 13:47:16 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=32926
accept-ranges: bytes
content-length: 596

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 86ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W4T3NN7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 06 Dec 2023 02:15:01 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C1446083134C481D8260D07E09B705D7 Ref B: FRAEDGE1222 Ref C: 2023-12-06T02:15:02Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 200 qevents.js Show response
a.quora.com/ 41 KB
14 KB 56ms
13ms Script
text/plain 162.159.152.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.quora.com/qevents.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W4T3NN7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.152.17 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2a101f313f27c267a744088e44664a87d2ec7dc2a3464bf1319a95094dc76db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:02 GMT
x-amz-version-id: DENAuZi5jc6G3XAf0_byr8vJzUcVnf.F
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: SQW7NAVMXQTQ03G5
age: 594636
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: RJxqPI9akTsEL27egwxozy7RV38C3QGpKE99PaCDc+mp6rx7AxaaOpkck1XY3C1gw3J/aONga1w=
last-modified: Tue, 17 Oct 2023 18:57:21 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:5defc3f1c55a0cb9cbca8c06fbabaf65
etag: W/"5defc3f1c55a0cb9cbca8c06fbabaf65"
vary: Accept-Encoding
content-type: text/plain
cache-control: public, max-age=14400
cf-ray: 831104d2cd9c906d-FRA
expires: Wed, 06 Dec 2023 06:15:02 GMT

GET
H2 204 bnnzuy42qy Show response
www.clarity.ms/tag/ 0
162 B 136ms
100ms Script
text/plain 2620:1ec:46::62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/bnnzuy42qy?ref=gtm2
Requested by: Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::62 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:02 GMT
x-azure-ref: 20231206T021502Z-1e8vtug55t75x7vsn0uc46tbc0000000089g00000000pzz0
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/2334585c267f4a5a9d4e23ea1a58cbb5/ 43 B
423 B 421ms
104ms Image
image/gif 52.3.120.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.quora.com/_/ad/2334585c267f4a5a9d4e23ea1a58cbb5/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.3.120.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-3-120-216.compute-1.amazonaws.com

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Wed, 06 Dec 2023 02:15:03 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Server: nginx
Connection: keep-alive
Content-Length: 43
X-Q-Stat: ,859124e4a95802a2831d8a6b1133a279,10.0.0.60,9336,178.162.209.133,,313725846926,1,1701828903.210,0.001,,.,0,0,0.000,0.000,-,0,0,203,224,112,10,26847,,,,,,-,
Content-Type: image/gif

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 551 KB
88 KB 142ms
126ms Script
application/javascript 2606:4700::6812:7b0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsleadflows.net/leadflows.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/24174425.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7b0c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a59a536f6a35976c81d050cc1f734740643674e9736ae066f85213a5535e7a0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bolster.ai/
Origin: https://bolster.ai
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1291/bundle/main/lead-flows-release.js&cfRay=831104d2e8432c21-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"c314aa317d74a89c787c3c4a9d2fd97c"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=86400, max-age=0
x-hs-target-asset: lead-flows-js/static-1.1291/bundle/main/lead-flows-release.js
date: Wed, 06 Dec 2023 02:15:02 GMT
x-amz-version-id: QUNwK0xemzsIqupWMH2b5phjsLRnkTKD
via: 1.1 fb1dc2e3bf4105b403e3bfa3a5067970.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 824001e8-bbcd-4eb2-857e-4563c5059a92
x-cache: Hit from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 10
x-evy-trace-route-configuration: listener_https/all
x-request-id: 824001e8-bbcd-4eb2-857e-4563c5059a92
last-modified: Mon, 04 Dec 2023 12:11:15 UTC
server: cloudflare
access-control-max-age: 3000
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-b78fbd96d-r5ffn
cf-ray: 831104d2e8432c21-FRA
x-amz-cf-id: iksl0cwdX_QRAni3zBHldADL2wOoGu9oV2cHFNvSV-haQ7NdY9NjsQ==

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 69 KB
25 KB 139ms
113ms Script
application/javascript 2606:4700::6811:5b9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hscollectedforms.net/collectedforms.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/24174425.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:5b9a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ad17c7d661733bbf1cfe9bc6e85033bfed43c87c94cb72ba02f484adf1593c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bolster.ai/
Origin: https://bolster.ai
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:02 GMT
x-amz-version-id: qOShuUL.zI.RMIWwukZE0taADNX_1wuf
via: 1.1 e8eec15d9551dd475d4c478f9fbb5f04.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-amz-cf-pop: IAD12-P3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 3361cd3d-199d-4434-acd1-bfe911684b5b
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.444/bundles/project.js&cfRay=831104d30c6d3608-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 3
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 3361cd3d-199d-4434-acd1-bfe911684b5b
last-modified: Mon, 04 Dec 2023 12:10:50 UTC
server: cloudflare
etag: W/"109b7665e389a0b17fbf732bf7a02089"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-b78fbd96d-59k59
cf-ray: 831104d30c6d3608-FRA
x-amz-cf-id: bac5UoWIN9ehjb9m2nf9ATFtskkmjrawWoUiTF9tnXcWaOO0WBIhKg==
x-hs-target-asset: collected-forms-embed-js/static-1.444/bundles/project.js

GET
H2 200 24174425.js Show response
js.hs-analytics.net/analytics/1701828900000/ 66 KB
21 KB 216ms
200ms Script
text/javascript 2606:4700::6810:4dba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1701828900000/24174425.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/24174425.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4dba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15ba162b90858156f7be7d037d5577ccbe27720030608c6a6a4054c8994982ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:03 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 3ENM1NE1NX1QT2DM
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: a6321cbd-b02c-4729-89a9-cac9c4a9f5b3
x-envoy-upstream-service-time: 25
x-amz-id-2: r/9n9Oi9XeMK3AtrCC++q+tvg411Iw2MZnj4Uf4pltcztGOjoOXl3tbceAeHYyYPMxCrZkdj3T8=
x-evy-trace-listener: listener_https
x-request-id: a6321cbd-b02c-4729-89a9-cac9c4a9f5b3
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 15 Nov 2023 18:23:07 GMT
server: cloudflare
etag: W/"f838aa4e87979366523055b644f0ddd6"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-fd6fb8679-smrrp
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 831104d2f9d765ca-FRA
expires: Wed, 06 Dec 2023 02:20:03 GMT

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/24174425/ 60 KB
19 KB 463ms
447ms Script
text/javascript 2606:4700:4400::6812:22e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/24174425/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/24174425.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d5497632832a0db2a9a50c25d750e74e9497ba42f40622d5ca66350352bab7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:03 GMT
x-amz-version-id: Tw0fa8tMHUl4CkaNMDToqP.Eu431DYnx
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 9K3TB0VNNZXGWGGC
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 22ecffe2-944e-4a38-bbb2-4b835f9d2fb7
x-envoy-upstream-service-time: 50
x-amz-id-2: b+erc/uwj9uDqjw+i4ZrZVobxe2cmL+IQ40l8SDP+6Klqyohoj9xJeCwbxl4w3gRxjMMQuao4ME=
x-evy-trace-listener: listener_https
x-request-id: 22ecffe2-944e-4a38-bbb2-4b835f9d2fb7
x-evy-trace-route-configuration: listener_https/all
last-modified: Tue, 21 Nov 2023 14:28:24 GMT
server: cloudflare
etag: W/"0e8092b322eada36d088b30941148ca8"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://bolster.ai
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-fd6fb8679-ttvqr
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 831104d30c97997b-FRA
expires: Wed, 06 Dec 2023 02:20:03 GMT

GET
H2 200 client.js Show response
client.crisp.chat/static/javascripts/ 409 KB
102 KB 30ms
28ms Script
application/javascript 2606:4700:4400::ac40:994b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/javascripts/client.js?2940d8d

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/l.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:994b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75c8dd961325f7367f1b846efc96e829b6a3ebc03aebd108ad8f631ad28b872a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 81673
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 24 Aug 2023 11:12:52 GMT
server: cloudflare
etag: W/"64e73b34-6650b"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
access-control-allow-credentials: false
vary: Accept-Encoding
cf-ray: 831104d2cc8c362f-FRA
access-control-allow-headers: Content-Type, Origin
expires: Sat, 03 Dec 2033 02:15:02 GMT

GET
H2 200 client_default.css
client.crisp.chat/static/stylesheets/ 355 KB
48 KB 21ms
19ms Stylesheet
text/css 2606:4700:4400::ac40:994b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/stylesheets/client_default.css?2940d8d

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/l.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:994b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cc061085907c749f4f81a853ae49a331efe4fcd538da758a65bb855dd1dcd2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 61091
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 21 Nov 2023 09:15:39 GMT
server: cloudflare
etag: W/"655c753b-58c0e"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
access-control-allow-credentials: false
vary: Accept-Encoding
cf-ray: 831104d2cc8b362f-FRA
access-control-allow-headers: Content-Type, Origin
expires: Sat, 03 Dec 2033 02:15:02 GMT

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 31 KB
12 KB 9ms
8ms Script
application/javascript 2a02:26f0:780::210:a40a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::210:a40a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

15838004d5e196b563a00a0ba16ce432fed6deb3dd4fab7122601f2c4f41560a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 04 Dec 2023 13:47:15 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=32911
accept-ranges: bytes
content-length: 12150

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ 11 KB
5 KB 15ms
15ms Script
application/x-javascript 104.64.124.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.64.124.188 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-64-124-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Wed, 06 Dec 2023 02:15:02 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Fri, 15 Mar 2024 02:15:02 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
241 B 48ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-ZHB4R2SB0J&gtm=45je3bt0v885963507z8831618047&_p=1701828902624&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=379982221.1701828903&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701828902&sct=1&seg=0&dl=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&dt=Vast%20Parcel%20Delivery%20Phishing%20Campaign%20Discovered%20%7C%20Bolster&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2051
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZHB4R2SB0J&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 02:15:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bolster.ai
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
250 B 60ms
19ms Ping
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ZHB4R2SB0J&cid=379982221.1701828903&gtm=45je3bt0v885963507z8831618047&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZHB4R2SB0J&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 02:15:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bolster.ai
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 89ms
34ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZHB4R2SB0J&cid=379982221.1701828903&gtm=45je3bt0v885963507z8831618047&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=2038711642

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 02:15:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2180364&time=1701828902976&url=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2180364&time=1701828902976&url=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2180364%26time%3D1701828902976%26url%3Dhttps%253A%252F%252Fbolster.ai%252Fblog%25...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2180364&time=1701828902976&url=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2180364&time=1701828902976&url=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&cookiesTest=true&liSync=true&e_ipv6=AQIxOX1X8Y2s9wAAAYw86...

0
267 B

150ms
114ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2180364&time=1701828902976&url=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&cookiesTest=true&liSync=true&e_ipv6=AQIxOX1X8Y2s9wAAAYw86EHnxwY8av7tNE7yhAtoMZoLuvCdSScjcH1CjB69JWxnHgtofsx6VBI5
Requested by: Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:03 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 48C746BDC47048FEBBB8612C89ED42B3 Ref B: BRU30EDGE0506 Ref C: 2023-12-06T02:15:03Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYLzetEFbeHX2dSCZf4VQ==

Redirect headers

date: Wed, 06 Dec 2023 02:15:02 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 0123FB26D95040FC9C91DAC3B4A5C365 Ref B: FRAEDGE1509 Ref C: 2023-12-06T02:15:03Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2180364&time=1701828902976&url=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&cookiesTest=true&liSync=true&e_ipv6=AQIxOX1X8Y2s9wAAAYw86EHnxwY8av7tNE7yhAtoMZoLuvCdSScjcH1CjB69JWxnHgtofsx6VBI5
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYLzetBU4bMM6JxXn3EgA==

GET
H2 200 adsct
t.co/i/ 43 B
376 B 139ms
110ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=fd7b80c1-2f4b-4698-854c-e3066752ee41&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=79a57a8e-0a89-4e41-b999-6a46d8a7d219&tw_document_href=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4co5&type=javascript&version=2.3.29

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-response-time: 103
date: Wed, 06 Dec 2023 02:15:02 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 0a093d0498cac429
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: aff7b833f2588a7739c2f6b02ac295acf2a3bf943ddf4a73ad423c72b71c697d
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
395 B 228ms
182ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=fd7b80c1-2f4b-4698-854c-e3066752ee41&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=79a57a8e-0a89-4e41-b999-6a46d8a7d219&tw_document_href=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4co5&type=javascript&version=2.3.29

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-response-time: 175
date: Wed, 06 Dec 2023 02:15:02 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 736b935ed7d23c28
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 6a421c0af069d40be4df4bfc053a9c6b92dde981152e3fcb1e7c8c1f25591837
content-length: 43

GET
H2 200 adsct
t.co/i/ 43 B
203 B 205ms
181ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=6f3a197d-7a6f-4c97-af61-ab360c27b2c6&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=79a57a8e-0a89-4e41-b999-6a46d8a7d219&tw_document_href=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4co5&type=javascript&version=2.3.29

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-response-time: 174
date: Wed, 06 Dec 2023 02:15:02 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 2fa0b59faf027127
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: aff7b833f2588a7739c2f6b02ac295acf2a3bf943ddf4a73ad423c72b71c697d
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
215 B 219ms
189ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=6f3a197d-7a6f-4c97-af61-ab360c27b2c6&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=79a57a8e-0a89-4e41-b999-6a46d8a7d219&tw_document_href=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4co5&type=javascript&version=2.3.29

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-response-time: 181
date: Wed, 06 Dec 2023 02:15:02 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: fbebd7d764568ced
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 6a421c0af069d40be4df4bfc053a9c6b92dde981152e3fcb1e7c8c1f25591837
content-length: 43

GET
H2 200 /
www.google.com/pagead/1p-user-list/853909062/ 42 B
455 B 59ms
24ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/853909062/?random=1701828902780&cv=11&fst=1701828000000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831618047&u_w=1600&u_h=1200&url=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&frm=0&tiba=Vast%20Parcel%20Delivery%20Phishing%20Campaign%20Discovered%20%7C%20Bolster&fmt=3&is_vtc=1&cid=CAQSGwDICaaN9a0E-vovlF1dB4utGzSC2jQBpTarGA&random=1548386005&rmt_tld=0&ipr=y

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 02:15:03 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/853909062/ 42 B
154 B 41ms
35ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/853909062/?random=1701828902780&cv=11&fst=1701828000000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v831618047&u_w=1600&u_h=1200&url=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&frm=0&tiba=Vast%20Parcel%20Delivery%20Phishing%20Campaign%20Discovered%20%7C%20Bolster&fmt=3&is_vtc=1&cid=CAQSGwDICaaN9a0E-vovlF1dB4utGzSC2jQBpTarGA&random=1548386005&rmt_tld=1&ipr=y

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 02:15:03 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK visitWebPage
540-rfh-299.mktoresp.com/webevents/ 2 B
318 B 596ms
106ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://540-rfh-299.mktoresp.com/webevents/visitWebPage?_mchNc=1701828902987&_mchCn=&_mchId=540-RFH-299&_mchTk=_mch-bolster.ai-1701828902984-81178&_mchHo=bolster.ai&_mchPo=&_mchRu=%2Fblog%2Fusps-phishing-campaign&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Wed, 06 Dec 2023 02:15:03 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 1aee8628-fc03-4a94-b682-14cc40597295

GET
H2 204 187021074.js Show response
bat.bing.com/p/action/ 0
115 B 44ms
43ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/187021074.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Wed, 06 Dec 2023 02:15:02 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D133BB64B87445EAA753B952F232552C Ref B: FRAEDGE1222 Ref C: 2023-12-06T02:15:02Z
x-cache: CONFIG_NOCACHE

GET
H2 200 json Show response
forms.hscollectedforms.net/collected-forms/v1/config/ 116 B
452 B 217ms
216ms XHR
application/json 2606:4700::6811:5b9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=24174425&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:5b9a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afab1de3356fb47e43fc4bae6ee7aa54f06b131f8a31f16cc4ac79118c74743a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://bolster.ai/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: d0b123e4-a2a9-4571-821a-c4c428559c78
x-envoy-upstream-service-time: 8
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: d0b123e4-a2a9-4571-821a-c4c428559c78
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://bolster.ai
x-evy-trace-virtual-host: all
cache-control: max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-b78fbd96d-rjqc8
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 831104d43d4a3608-FRA

GET
H2 200 wp-emoji-release.min.js Show response
bolster.ai/wp-includes/js/ 18 KB
5 KB 17ms
17ms Script
application/javascript 2606:4700:10::6816:43db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/wp-includes/js/wp-emoji-release.min.js?ver=6.3.2

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:43db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/blog/usps-phishing-campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:03 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 02 Feb 2023 00:53:25 GMT
server: cloudflare
strict-transport-security: max-age=15552000; preload
age: 306087
etag: W/"63db0985-4904"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 831104d64c75371f-FRA

GET
H2 200 ipv
cdn.bizible.com/ 43 B
326 B 16ms
16ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizible.com/ipv?_biz_r=&_biz_h=-1906410348&_biz_u=bcc0432b69af456ef0157d37c81796d9&_biz_l=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&_biz_t=1701828902723&_biz_i=Vast%20Parcel%20Delivery%20Phishing%20Campaign%20Discovered%20%7C%20Bolster&_biz_n=0&rnd=903116&cdn_o=a&_biz_z=1701828903399
Requested by: Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B77) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 02:15:03 GMT
last-modified: Tue, 05 Dec 2023 17:44:10 GMT
server: ECS (amb/6B77)
age: 30653
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
H2 200 u
cdn.bizibly.com/ 43 B
202 B 27ms
14ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizibly.com/u?_biz_u=bcc0432b69af456ef0157d37c81796d9&_biz_l=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&_biz_t=1701828903400&_biz_i=Vast%20Parcel%20Delivery%20Phishing%20Campaign%20Discovered%20%7C%20Bolster&rnd=752645&cdn_o=a&_biz_z=1701828903400
Requested by: Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B97) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 02:15:03 GMT
last-modified: Tue, 05 Dec 2023 17:44:16 GMT
server: ECS (amb/6B97)
age: 30647
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
H2 200 cf-location Show response
js.hs-banner.com/v2/ 2 B
146 B 37ms
13ms Fetch
text/plain 2606:4700:4400::6812:22e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/cf-location
Requested by: Host: js.hs-banner.com
URL: https://js.hs-banner.com/v2/24174425/banner.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6814ef46f686990cf4e946f966167b0507e1d642c44e51f61bffb0bba2d4672b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: https://bolster.ai
date: Wed, 06 Dec 2023 02:15:03 GMT
server: cloudflare
cf-ray: 831104d67e0e5d5d-FRA
content-length: 2
vary: Origin, Accept-Encoding
content-type: text/plain;charset=UTF-8

GET
H2 200 6si.min.js Show response
j.6sc.co/ 63 KB
17 KB 108ms
23ms Script
application/javascript 2.17.147.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.176 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-176.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

a9e9d5d62bdbbe46fee9a3a0ba4c2d7fe5a6f4b53c10df3ac7d34796ffb7c96b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 02:15:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 29 Nov 2023 18:58:50 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "656789ea-fdc2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 17428
expires: Wed, 06 Dec 2023 02:15:03 GMT

GET
H2 200 23477a25a2949410.min.js Show response
tag.demandbase.com/ 74 KB
21 KB 47ms
9ms Script
application/javascript 13.32.27.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.demandbase.com/23477a25a2949410.min.js

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-65.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

5843f9c838c1b6efece847bc6d696ed906c1826782b126ad5db09920b6270105

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: GhPFGpFz7l.JXL97eq4.jcuj9eO70Q.Q
content-encoding: gzip
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
date: Wed, 06 Dec 2023 02:12:11 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA56-C2
age: 173
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 17 Nov 2023 01:10:01 GMT
server: AmazonS3
etag: W/"2eeeb21ab9bdb7f23148271dd0708471"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-id: qx5Dp9NJq9b10UK9jOG_lx7YuWaiYJq0JeA9PwAzRJzi31CDbmysKQ==

GET
H2 200 vgfx-two.svg Show response
bolster.ai/wp-content/themes/bolster/assets/images/ 25 KB
8 KB 17ms
16ms XHR
image/svg+xml 2606:4700:10::6816:43db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/wp-content/themes/bolster/assets/images/vgfx-two.svg

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:43db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c6cd63c2969bb05e6f04ef0a3fc0f8d46e5278b280d48bcbaf61e6a8755f112

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Accept: text/html, */*; q=0.01
Referer: https://bolster.ai/blog/usps-phishing-campaign
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:03 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 31 Aug 2023 08:49:57 GMT
server: cloudflare
strict-transport-security: max-age=15552000; preload
age: 1094662
etag: W/"64f05435-6382"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 831104d66c82371f-FRA

POST
H2 404 page-view Show response
bolster.ai/api/v1/va/ 93 KB
17 KB 1110ms
1110ms XHR
text/html 2606:4700:10::6816:43db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/api/v1/va/page-view

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:43db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

82e05e9c8efe37209ca0af8149b94fe2973ac6eb749d12dfa7b5963ee5d5037c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://bolster.ai/blog/usps-phishing-campaign
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 06 Dec 2023 02:15:04 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: WP Engine
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
cf-ray: 831104d66c84371f-FRA
link: <https://bolster.ai/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
284 B 30ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=187021074&tm=gtm002&Ver=2&mid=b0a4d4fa-6dac-4fcd-9e76-a72e3d60b3d7&sid=4414090093dd11ee8ce2c3eb05a13d51&vid=44140de093dd11ee95239360b6c862c5&vids=1&msclkid=N&gtm_tag_source=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Vast%20Parcel%20Delivery%20Phishing%20Campaign%20Discovered%20%7C%20Bolster&p=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&r=&lt=2540&evt=pageLoad&sv=1&rn=967096

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 06 Dec 2023 02:15:02 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EDFC892A833F4F19B9BC4875F8D46DF1 Ref B: FRAEDGE1222 Ref C: 2023-12-06T02:15:03Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 xdc.js Show response
cdn.bizible.com/ 116 B
327 B 122ms
122ms Script
text/javascript 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.bizible.com/xdc.js?_biz_u=bcc0432b69af456ef0157d37c81796d9&_biz_h=-1906410348&cdn_o=a&jsVer=4.23.11.30

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.15.58 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BBB) /

Resource Hash

27b298cc293c9ed9f0c9287259d1b1657fefd29398bd1eb446c3028d24244958

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSub
server: ECS (amb/6BBB)
etag: E4D1B474
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
content-length: 219

GET
H2 200 sync Show response
s.company-target.com/s/ Frame 7DC5 634 B
967 B 192ms
100ms Document
text/html 34.96.71.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.company-target.com/s/sync?exc=lr
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/23477a25a2949410.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.71.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.71.96.34.bc.googleusercontent.com
Software: /
Resource Hash: 4c69f084b0373735f91cab66434c1b57f99d022f24d220200b275f9bf7dbbcb1

Request headers

Referer: https://bolster.ai/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-methods: GET,OPTIONS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 634
content-type: text/html; charset=UTF-8
date: Wed, 06 Dec 2023 02:15:03 GMT
via: 1.1 google

GET
H2 451 464526.gif
id.rlcdn.com/ 0
98 B 57ms
20ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/464526.gif
Requested by: Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:03 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 401 ip.json Show response
api.company-target.com/api/v2/ 12 B
507 B 114ms
80ms XHR
text/plain 18.66.97.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&page_title=Vast%20Parcel%20Delivery%20Phishing%20Campaign%20Discovered%20%7C%20Bolster

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.20 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-20.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bolster.ai/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 06 Dec 2023 02:15:03 GMT
via: 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
www-authenticate: DemandBase API v2
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P2
x-cache: Error from cloudfront
request-id: 0e397ee1-cf52-4d36-b19c-a647e97bdaef
content-length: 12
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://bolster.ai
access-control-expose-headers
vary: Origin
access-control-allow-credentials: true
x-amz-cf-id: WxIC9WFHNvhcA3drwY0-AlZA2J3Py_eS-2WDoRjkwj2_PAYUvvGzAA==

GET
H2 200 u
cdn.bizible.com/ 43 B
84 B 14ms
14ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizible.com/u?mapType=mkto&mapValue=id%3A540-RFH-299%26token%3A_mch-bolster.ai-1701828902984-81178&_biz_u=bcc0432b69af456ef0157d37c81796d9&_biz_l=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&_biz_t=1701828903400&_biz_i=Vast%20Parcel%20Delivery%20Phishing%20Campaign%20Discovered%20%7C%20Bolster&_biz_n=1&rnd=282059&cdn_o=a&_biz_z=1701828903510
Requested by: Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B97) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 02:15:03 GMT
last-modified: Tue, 05 Dec 2023 17:44:16 GMT
server: ECS (amb/6B97)
age: 30647
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
H3 200 / Show response
client.crisp.chat/settings/website/cd4537e9-58d0-4421-acde-ece9a1d27cc1/prelude/ 212 B
541 B 149ms
148ms Script
application/javascript 2606:4700:4400::ac40:994b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/settings/website/cd4537e9-58d0-4421-acde-ece9a1d27cc1/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&2023-11-6-3-15

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?2940d8d

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:994b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d22584e7ed981a2cccef4f52827565bb11f052535d4bb647a3210957ccd2d6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 06 Dec 2023 02:15:03 GMT
server: cloudflare
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: false
vary: Accept-Encoding
cf-ray: 831104d6ff9d9bcb-FRA
access-control-allow-headers: Content-Type, Origin
expires: Wed, 06 Dec 2023 06:15:03 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
189 B 41ms
23ms XHR
text/html 2.17.147.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.147.176 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-147-176.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:03 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://bolster.ai
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 23 B
311 B 59ms
8ms XHR
text/html 2a02:26f0:480:23::1726:629c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:23::1726:629c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 50658afdf69a9ae3177f81fe2156fcd616e766a401c8407de929f0936d3bd517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 02:15:03 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://bolster.ai
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2a00:c98:2050:a007:2::4
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1701828903590_388391900_1118727298_24_848_6_14_219";dur=1
content-length: 23
expires: Wed, 06 Dec 2023 02:15:03 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 250ms
231ms Image
image/gif 2.17.147.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f259d00ecfb418c19d0dc8d84d4bffe8&svisitor=null&visitor=d7caba8d-2a3d-4b30-8204-d429e35b957d&session=698cf2d3-56fa-429e-8027-bdd20e28f836&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Wed%2C%2006%20Dec%202023%2002%3A15%3A03%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22Recently%20discovered%20phishing%20campaign%2C%20disguised%20as%20a%20parcel%20delivery%20scam%2C%20has%20evolved%20to%20target%20even%20the%20most%20tech-savy.%20Learn%20more.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Vast%20Parcel%20Delivery%20Phishing%20Campaign%20Discovered%20%7C%20Bolster%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&pageViewId=850764bf-2a3f-4c3f-8554-57654f0e8472&v=1.1.12

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.176 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-176.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:03 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 251ms
231ms Image
image/gif 2.17.147.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f259d00ecfb418c19d0dc8d84d4bffe8&svisitor=null&visitor=d7caba8d-2a3d-4b30-8204-d429e35b957d&session=698cf2d3-56fa-429e-8027-bdd20e28f836&event=ni%3AasyncSettingsAudit&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2006%20Dec%202023%2002%3A15%3A03%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22f259d00ecfb418c19d0dc8d84d4bffe8%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2006%20Dec%202023%2002%3A15%3A03%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2006%20Dec%202023%2002%3A15%3A03%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableRetargeting%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2006%20Dec%202023%2002%3A15%3A03%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22Recently%20discovered%20phishing%20campaign%2C%20disguised%20as%20a%20parcel%20delivery%20scam%2C%20has%20evolved%20to%20target%20even%20the%20most%20tech-savy.%20Learn%20more.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Vast%20Parcel%20Delivery%20Phishing%20Campaign%20Discovered%20%7C%20Bolster%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&pageViewId=850764bf-2a3f-4c3f-8554-57654f0e8472&v=1.1.12

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.176 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-176.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:03 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 230ms
230ms Image
image/gif 2.17.147.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f259d00ecfb418c19d0dc8d84d4bffe8&svisitor=null&visitor=d7caba8d-2a3d-4b30-8204-d429e35b957d&session=698cf2d3-56fa-429e-8027-bdd20e28f836&event=ipv6&q=%7B%22address%22%3A%222a00%3Ac98%3A2050%3Aa007%3A2%3A%3A4%22%7D&isIframe=false&m=%7B%22description%22%3A%22Recently%20discovered%20phishing%20campaign%2C%20disguised%20as%20a%20parcel%20delivery%20scam%2C%20has%20evolved%20to%20target%20even%20the%20most%20tech-savy.%20Learn%20more.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Vast%20Parcel%20Delivery%20Phishing%20Campaign%20Discovered%20%7C%20Bolster%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&pageViewId=850764bf-2a3f-4c3f-8554-57654f0e8472&v=1.1.12

Requested by

Host: bolster.ai
URL: https://bolster.ai/blog/usps-phishing-campaign

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.176 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-176.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:03 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
192 B 107ms
107ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://bolster.ai/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 06 Dec 2023 02:15:03 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 7FD5EAD4FB6E4EE19F791932E801DC6C Ref B: FRAEDGE1509 Ref C: 2023-12-06T02:15:03Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
access-control-allow-origin: https://bolster.ai
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYLzetFw3ELHGB/tDTTOQ==

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 7DC5
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1717640103&external_user_id=6f831f9a-0e1c-42af-9592-ec9aafcc615c
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1717640103&external_user_id=6f831f9a-0e1c-42af-9592-ec9aafcc615c&C=1

43 B
338 B

55ms
55ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1717640103&external_user_id=6f831f9a-0e1c-42af-9592-ec9aafcc615c&C=1
Requested by: Host: s.company-target.com
URL: https://s.company-target.com/s/sync?exc=lr
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 02:15:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aqpVv0FzawzE8smVuYTYv%2Bc8vL%2FbjlZsR8MrIOHvIR%2BTCCJqxqkWNJN5N6DfY9RI3VOeeBm7xUsGb4qWJVliO0oe5%2BbfoWYeYRYzgsNQQGIizKhCiphDlOaPZakgFBzhbl3CK4ajbcsowQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 831104d95e101cab-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 06 Dec 2023 02:15:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9OHdNadypg58EBoKxGESYlNx5m0Y9DmqKhP6%2FxFBWNN77F%2BtAcE1yCfZaETyW6Nr4wIZ%2BhUlfu3T0W8gHvskhKBAmuaBQYGlexrRCXnJ1pkFXNYOO1SPRRd56yVUeGVLQVv%2Bu9rZYoHs%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=18&expiry=1717640103&external_user_id=6f831f9a-0e1c-42af-9592-ec9aafcc615c&C=1
cache-control: no-cache
cf-ray: 831104d93e031cab-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 sync
partners.tremorhub.com/ Frame 7DC5 43 B
392 B 347ms
103ms Image
image/gif 2600:1f18:612b:4232:e6bb:aabb:4218:240a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIDM=6f831f9a-0e1c-42af-9592-ec9aafcc615c
Requested by: Host: s.company-target.com
URL: https://s.company-target.com/s/sync?exc=lr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:e6bb:aabb:4218:240a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Wed, 06 Dec 2023 02:15:04 GMT
server: nginx
content-type: image/gif

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 7DC5 0
239 B 44ms
8ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?nid=5578&put=6f831f9a-0e1c-42af-9592-ec9aafcc615c&v=1181926
Requested by: Host: s.company-target.com
URL: https://s.company-target.com/s/sync?exc=lr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 / Show response
client.crisp.chat/settings/website/cd4537e9-58d0-4421-acde-ece9a1d27cc1/ 1 KB
1 KB 89ms
89ms Script
application/javascript 2606:4700:4400::ac40:994b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/settings/website/cd4537e9-58d0-4421-acde-ece9a1d27cc1/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&1700915517700

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?2940d8d

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:994b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c75578ffab4599d4d5556304c004482eb29241e114891fe4e6a72c45eddf9d22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: EXPIRED
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 05 Dec 2023 08:40:47 GMT
server: cloudflare
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: false
vary: Accept-Encoding
cf-ray: 831104da69549bcb-FRA
access-control-allow-headers: Content-Type, Origin
expires: Wed, 06 Dec 2023 06:15:04 GMT

GET
H3 200 en.js Show response
client.crisp.chat/static/javascripts/locales/ 7 KB
3 KB 15ms
15ms Script
application/javascript 2606:4700:4400::ac40:994b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/javascripts/locales/en.js?2940d8d

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?2940d8d

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:994b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7ac26cc635252b12278db01f4616403bd626ed7823fcf5e52576eeeff3b3548

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 82307
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 08 Aug 2023 12:01:16 GMT
server: cloudflare
etag: W/"64d22e8c-1c36"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
access-control-allow-credentials: false
vary: Accept-Encoding
cf-ray: 831104daf9979bcb-FRA
access-control-allow-headers: Content-Type, Origin
expires: Sat, 03 Dec 2033 02:15:04 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 156ms
132ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=881765916&v=1.1&a=24174425&ct=blog-post&rcu=https%3A%2F%2Fbolster.ai%2F&pu=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&t=Vast+Parcel+Delivery+Phishing+Campaign+Discovered+%7C+Bolster&cts=1701828904205&vi=6032d6316ce5bb35ada25b5d9b6b611a&nc=true&u=216000520.6032d6316ce5bb35ada25b5d9b6b611a.1701828904203.1701828904203.1701828904203.1&b=216000520.1.1701828904203&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 9fae93f3-f1f4-43e2-9c20-5c9985472ee4
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 9
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 9fae93f3-f1f4-43e2-9c20-5c9985472ee4
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RJzEV85yT7GtLL54jOZ0XnqnD7tlT6tSzL51Gx15mTnaTtjMjT%2FnZDaMahVDcEv2lt2QT89rtwwcviPviokQyp%2B85IBYAluspA9CJ3GO%2B6%2BGqBiJx6dlxfZI8riZTkwWSfNW%2BersshHcdDDTrSZH"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-7556df69f8-ftnqj
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 831104db795e6934-FRA
x-robots-tag: none

GET
H2 404 vgfx.svg Show response
bolster.ai/assets/images/ 548 B
239 B 763ms
762ms XHR
text/html 2606:4700:10::6816:43db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolster.ai/assets/images/vgfx.svg

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:43db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Accept: text/html, */*; q=0.01
Referer: https://bolster.ai/blog/usps-phishing-campaign
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:04 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: gzip
cf-cache-status: EXPIRED
server: cloudflare
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/html
cache-control: max-age=31536000
cf-ray: 831104db5ef9371f-FRA

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 178 B
1 KB 243ms
218ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=24174425&utk=6032d6316ce5bb35ada25b5d9b6b611a&__hstc=216000520.6032d6316ce5bb35ada25b5d9b6b611a.1701828904203.1701828904203.1701828904203.1&__hssc=216000520.1.1701828904203&currentUrl=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51e18b5d04e2bff91b7c53bc09a646f0b30f4d11452beb2c078d3a046a5f67c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 97d16322-d67a-4d4f-86bb-5729d3925056
content-encoding: br
x-envoy-upstream-service-time: 20
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 97d16322-d67a-4d4f-86bb-5729d3925056
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://bolster.ai
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tumL6yNVhFl4cSbt6NDmAezIRbGp95qCLJ9WPN%2F0xoxxYxmarlQoPvEwEH9lk8pWveILm7j4UaAh3f2BRMhbYtxWtAS%2BRppDhAXZ2XC2rHkzQiQTF%2FZgiWo9Rz%2BLqt3mbE9uiuozab3kcyoas7fc"}],"group":"cf-nel","max_age":604800}
x-robots-tag: none
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 831104db8e859bf2-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-fc678f645-mhl2k

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 231ms
231ms Image
image/gif 2.17.147.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f259d00ecfb418c19d0dc8d84d4bffe8&svisitor=null&visitor=d7caba8d-2a3d-4b30-8204-d429e35b957d&session=698cf2d3-56fa-429e-8027-bdd20e28f836&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2006%20Dec%202023%2002%3A15%3A04%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2006%20Dec%202023%2002%3A15%3A03%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%221002%22%7D&isIframe=false&m=%7B%22description%22%3A%22Recently%20discovered%20phishing%20campaign%2C%20disguised%20as%20a%20parcel%20delivery%20scam%2C%20has%20evolved%20to%20target%20even%20the%20most%20tech-savy.%20Learn%20more.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Vast%20Parcel%20Delivery%20Phishing%20Campaign%20Discovered%20%7C%20Bolster%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&pageViewId=850764bf-2a3f-4c3f-8554-57654f0e8472&v=1.1.12

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.176 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-176.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:04 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 230ms
229ms Image
image/gif 2.17.147.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f259d00ecfb418c19d0dc8d84d4bffe8&svisitor=null&visitor=d7caba8d-2a3d-4b30-8204-d429e35b957d&session=698cf2d3-56fa-429e-8027-bdd20e28f836&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2006%20Dec%202023%2002%3A15%3A05%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2006%20Dec%202023%2002%3A15%3A04%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%222003%22%7D&isIframe=false&m=%7B%22description%22%3A%22Recently%20discovered%20phishing%20campaign%2C%20disguised%20as%20a%20parcel%20delivery%20scam%2C%20has%20evolved%20to%20target%20even%20the%20most%20tech-savy.%20Learn%20more.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Vast%20Parcel%20Delivery%20Phishing%20Campaign%20Discovered%20%7C%20Bolster%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&pageViewId=850764bf-2a3f-4c3f-8554-57654f0e8472&v=1.1.12

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.176 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-176.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:05 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 229ms
229ms Image
image/gif 2.17.147.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f259d00ecfb418c19d0dc8d84d4bffe8&svisitor=null&visitor=d7caba8d-2a3d-4b30-8204-d429e35b957d&session=698cf2d3-56fa-429e-8027-bdd20e28f836&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2006%20Dec%202023%2002%3A15%3A06%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2006%20Dec%202023%2002%3A15%3A05%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%223004%22%7D&isIframe=false&m=%7B%22description%22%3A%22Recently%20discovered%20phishing%20campaign%2C%20disguised%20as%20a%20parcel%20delivery%20scam%2C%20has%20evolved%20to%20target%20even%20the%20most%20tech-savy.%20Learn%20more.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Vast%20Parcel%20Delivery%20Phishing%20Campaign%20Discovered%20%7C%20Bolster%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&pageViewId=850764bf-2a3f-4c3f-8554-57654f0e8472&v=1.1.12

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.176 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-176.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:06 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 230ms
230ms Image
image/gif 2.17.147.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=f259d00ecfb418c19d0dc8d84d4bffe8&svisitor=null&visitor=d7caba8d-2a3d-4b30-8204-d429e35b957d&session=698cf2d3-56fa-429e-8027-bdd20e28f836&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2006%20Dec%202023%2002%3A15%3A07%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2006%20Dec%202023%2002%3A15%3A06%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%224004%22%7D&isIframe=false&m=%7B%22description%22%3A%22Recently%20discovered%20phishing%20campaign%2C%20disguised%20as%20a%20parcel%20delivery%20scam%2C%20has%20evolved%20to%20target%20even%20the%20most%20tech-savy.%20Learn%20more.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Vast%20Parcel%20Delivery%20Phishing%20Campaign%20Discovered%20%7C%20Bolster%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&pageViewId=850764bf-2a3f-4c3f-8554-57654f0e8472&v=1.1.12

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.176 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-176.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bolster.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:15:07 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET img.gif
b.6sc.co/v1/beacon/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: b.6sc.co
URL: https://b.6sc.co/v1/beacon/img.gif?token=f259d00ecfb418c19d0dc8d84d4bffe8&svisitor=null&visitor=d7caba8d-2a3d-4b30-8204-d429e35b957d&session=698cf2d3-56fa-429e-8027-bdd20e28f836&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2006%20Dec%202023%2002%3A15%3A08%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2006%20Dec%202023%2002%3A15%3A07%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%225005%22%7D&isIframe=false&m=%7B%22description%22%3A%22Recently%20discovered%20phishing%20campaign%2C%20disguised%20as%20a%20parcel%20delivery%20scam%2C%20has%20evolved%20to%20target%20even%20the%20most%20tech-savy.%20Learn%20more.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Vast%20Parcel%20Delivery%20Phishing%20Campaign%20Discovered%20%7C%20Bolster%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&pageViewId=850764bf-2a3f-4c3f-8554-57654f0e8472&v=1.1.12

Verdicts & Comments Add Verdict or Comment

115 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

49 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
bolster.ai/blog	1969-12-31 23:59:59	Name: bid Value: ba809dbabe60a07fbb11320c545786ab
.bolster.ai/	1970-01-21 01:29:24	Name: _biz_uid Value: bcc0432b69af456ef0157d37c81796d9
.bolster.ai/	1970-01-20 18:53:24	Name: _gcl_au Value: 1.1.1274714385.1701828903
.doubleclick.net/	1970-01-20 16:43:49	Name: test_cookie Value: CheckForPermission
.ws.zoominfo.com/	1970-01-21 01:29:24	Name: visitorId Value: d062701df9e2748a90b31d68a34eab3bcfd0892cf46617386b44bf8585707a3c
.zoominfo.com/	1970-01-20 16:43:50	Name: __cf_bm Value: ldxq02fchVzsP5J1QkIxdRE_OZItxbBSZWt_cN_m.84-1701828902-0-AbAOZPQo3pj0QSReUWLl44m/nJN1eHsIjs6YiDBEG0n8NgioiQkhTkFzgdYpOv5V+TdEUmf9hWSvYNulDEWRmfk=
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: mO8aGxvrpkzibtJOw.uev3cc7q5uC5oZZhDIMyCv7ZI-1701828902885-0-604800000
.bolster.ai/	1970-01-21 02:19:48	Name: _ga_ZHB4R2SB0J Value: GS1.1.1701828902.1.0.1701828902.60.0.0
.bolster.ai/	1970-01-21 02:19:48	Name: _ga Value: GA1.1.379982221.1701828903
.bolster.ai/	1970-01-21 02:19:48	Name: _mkto_trk Value: id:540-RFH-299&token:_mch-bolster.ai-1701828902984-81178
.linkedin.com/	1970-01-20 18:53:24	Name: li_sugr Value: ecc51fe0-7a3a-4c70-9fe2-fc4cebccc8d5
.linkedin.com/	1970-01-21 01:29:24	Name: bcookie Value: "v=2&d4b0dbae-4c90-4fb6-849f-0732c2f567c2"
.linkedin.com/	1970-01-20 16:45:15	Name: lidc Value: "b=VGST05:s=V:r=V:a=V:p=V:g=2926:u=1:x=1:i=1701828903:t=1701915303:v=2:sig=AQHvMqjepeHUh5UXKmw_V9ZigWQ5PECI"
.t.co/	1970-01-21 02:19:48	Name: muc_ads Value: 3dad812d-102f-43c0-8835-a2e47cf44123
.twitter.com/	1970-01-21 02:19:48	Name: personalization_id Value: "v1_LMz6T1Qwt5zmfHhRxYbbwA=="
.linkedin.com/	1970-01-20 17:27:00	Name: UserMatchHistory Value: AQI1h5zgR0nl5gAAAYw86ED-4ivv8fN-QlILsqOXFeAK4ns2Ej5tW99QyxZWD8wfTk0T2EGldscrew
.linkedin.com/	1970-01-20 17:27:00	Name: AnalyticsSyncHistory Value: AQKZP6CWkGrabgAAAYw86ED-zUrSwuNYNnbHDIWJQeYeg-ivtJyfFygzjltOTt2aoXzkfb4v_pUouvFc1ukE-Q
.www.linkedin.com/	1970-01-21 01:29:24	Name: bscookie Value: "v=1&2023120602150335155d8c-e7c7-4d28-8fed-44dde0d47bedAQEdERPt_Up-cE8fAuGdfbpLIgozSPtc"
.linkedin.com/	1970-01-20 21:03:00	Name: li_gc Value: MTswOzE3MDE4Mjg5MDM7MjswMjGVQyfclH/z0kP92+Na8gQcZ2OAOvVWhh4xl2fG2lvIYA==
.bolster.ai/	1970-01-21 01:29:24	Name: _biz_nA Value: 2
.bolster.ai/	1970-01-21 01:29:24	Name: _hjSessionUser_2066347 Value: eyJpZCI6IjA0MWNlNTBkLTRlMGQtNWI3My1hZTM5LWIxYzY0NWU2YTc2NSIsImNyZWF0ZWQiOjE3MDE4Mjg5MDM0MDMsImV4aXN0aW5nIjpmYWxzZX0=
.bolster.ai/	1970-01-20 16:43:50	Name: _hjFirstSeen Value: 1
.bolster.ai/	1970-01-20 16:43:50	Name: _hjIncludedInSessionSample_2066347 Value: 0
.bolster.ai/	1970-01-20 16:43:50	Name: _hjSession_2066347 Value: eyJpZCI6ImYyNmYyODgyLWNlOTgtNDU1Zi1hMjQzLWJlNTU3MTVlODY3NiIsImNyZWF0ZWQiOjE3MDE4Mjg5MDM0MDQsImluU2FtcGxlIjpmYWxzZSwic2Vzc2lvbml6ZXJCZXRhRW5hYmxlZCI6ZmFsc2V9
.bolster.ai/	1970-01-20 16:43:50	Name: _hjAbsoluteSessionInProgress Value: 0
.bizible.com/	1970-01-21 01:29:24	Name: _BUID Value: bcc0432b69af456ef0157d37c81796d9
.bolster.ai/	1970-01-20 16:45:15	Name: _uetsid Value: 4414090093dd11ee8ce2c3eb05a13d51
.bolster.ai/	1970-01-21 02:05:24	Name: _uetvid Value: 44140de093dd11ee95239360b6c862c5
.bizibly.com/	1970-01-21 01:29:24	Name: _BUID Value: b3aad02261012c15dbbbc49a07c60181
.bing.com/	1970-01-21 02:05:24	Name: MUID Value: 1AE6321718EC600B294A21C8193E6156
.bolster.ai/	1970-01-21 01:29:24	Name: _biz_pendingA Value: %5B%5D
bolster.ai/	1970-01-21 02:19:48	Name: _gd_visitor Value: d7caba8d-2a3d-4b30-8204-d429e35b957d
bolster.ai/	1970-01-20 16:44:03	Name: _gd_session Value: 698cf2d3-56fa-429e-8027-bdd20e28f836
.bolster.ai/	1970-01-21 01:29:24	Name: _biz_flagsA Value: %7B%22Version%22%3A1%2C%22Mkto%22%3A%221%22%2C%22ViewThrough%22%3A%221%22%2C%22XDomain%22%3A%221%22%7D
.company-target.com/	1970-01-21 02:19:48	Name: tuuid Value: 6f831f9a-0e1c-42af-9592-ec9aafcc615c
.company-target.com/	1970-01-21 02:19:48	Name: tuuid_lu Value: 1701828903\|ix:0\|mctv:0\|rp:0
.6sc.co/	1970-01-21 02:19:48	Name: 6suuid Value: ac931102ce79290027d96f653d0300008a291301
.casalemedia.com/	1970-01-21 01:29:24	Name: CMID Value: ZW-ZJz6LlP3YrAJLmw5KbQAA
.casalemedia.com/	1970-01-20 18:53:24	Name: CMPS Value: 3379
.casalemedia.com/	1970-01-20 18:53:24	Name: CMPRO Value: 3379
.bolster.ai/	1970-01-20 21:06:36	Name: crisp-client%2Fsession%2Fcd4537e9-58d0-4421-acde-ece9a1d27cc1 Value: session_fabbbaf5-8cb3-43b6-ba81-27bc80ae6d78
.tremorhub.com/	1970-01-21 01:29:45	Name: tvid Value: 178352482cb844d5b1d504dde189800b
.tremorhub.com/	1970-01-21 02:19:48	Name: tv_UIDM Value: 6f831f9a-0e1c-42af-9592-ec9aafcc615c
.bolster.ai/	1970-01-20 21:03:00	Name: __hstc Value: 216000520.6032d6316ce5bb35ada25b5d9b6b611a.1701828904203.1701828904203.1701828904203.1
.bolster.ai/	1970-01-20 21:03:00	Name: hubspotutk Value: 6032d6316ce5bb35ada25b5d9b6b611a
.bolster.ai/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.bolster.ai/	1970-01-20 16:43:50	Name: __hssc Value: 216000520.1.1701828904203
.hubspot.com/	1970-01-20 16:43:50	Name: __cf_bm Value: 3lrjRuGX8MAFJoozpGJ2ktNVZS1cR7rzgH3wWU4_ot4-1701828904-0-AYbYfSgJERn6GPCANq3sHdYCOeo2GRhqP7DqRviKjA62b1znKxT6UWALpLyETDBgnRopT78sAutetMbdHc3L2MA=
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: yCSPQZmYYXUXWs4zevRg153Gt4kdHwQSvjEZMGWGu50-1701828904359-0-604800000

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://bolster.ai/wp-content/themes/bolster/assets/js/responsive-embeds.js?ver=6.3.2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://bolster.ai/wp-content/themes/bolster/assets/css/print.css?ver=6.3.2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://id.rlcdn.com/464526.gif Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fbolster.ai%2Fblog%2Fusps-phishing-campaign&page_title=Vast%20Parcel%20Delivery%20Phishing%20Campaign%20Discovered%20%7C%20Bolster Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://bolster.ai/api/v1/va/page-view Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://bolster.ai/assets/images/vgfx.svg Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

540-rfh-299.mktoresp.com
a.quora.com
analytics.twitter.com
api.company-target.com
app.secureprivacy.ai
b.6sc.co
bat.bing.com
bolster.ai
c.6sc.co
cdn.bizible.com
cdn.bizibly.com
cdnjs.cloudflare.com
client.crisp.chat
dsum-sec.casalemedia.com
forms.hscollectedforms.net
forms.hubspot.com
googleads.g.doubleclick.net
id.rlcdn.com
ipv6.6sc.co
j.6sc.co
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscollectedforms.net
js.hsleadflows.net
munchkin.marketo.net
partners.tremorhub.com
pixel.rubiconproject.com
pro.fontawesome.com
px.ads.linkedin.com
px4.ads.linkedin.com
q.quora.com
region1.analytics.google.com
s.company-target.com
script.hotjar.com
snap.licdn.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
t.co
tag.demandbase.com
track.hubspot.com
unpkg.com
vjs.zencdn.net
ws.zoominfo.com
www.clarity.ms
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
b.6sc.co
104.18.36.155
104.244.42.67
104.244.42.69
104.64.124.188
13.107.42.14
13.32.27.65
146.75.120.157
152.195.15.58
162.159.152.17
172.67.71.189
18.66.97.20
192.28.144.124
2.17.147.176
2001:4860:4802:34::36
2600:1f18:612b:4232:e6bb:aabb:4218:240a
2606:4700:10::6816:43db
2606:4700:4400::6812:22e5
2606:4700:4400::ac40:93bc
2606:4700:4400::ac40:994b
2606:4700::6810:4dba
2606:4700::6810:7eaf
2606:4700::6810:880f
2606:4700::6810:bb59
2606:4700::6811:180e
2606:4700::6811:5b9a
2606:4700::6812:7b0c
2606:4700::6813:9b53
2620:1ec:21::14
2620:1ec:46::62
2620:1ec:c11::200
2a00:1450:4001:803::2003
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:830::2008
2a00:1450:400c:c06::9d
2a02:26f0:480:23::1726:629c
2a02:26f0:780::210:a40a
2a04:4e42:400::729
34.96.71.22
35.244.174.68
52.3.120.216
65.9.95.80
65.9.95.97
69.173.144.139
001acb0598d2959f23d095f40bfbfc6ee00f380ae3cf24b1fb8646699ae260d3
03a811b7e81f930c938141ba6c0a439f59acfe1a3c4a6768b7901741a32b459e
0ad17c7d661733bbf1cfe9bc6e85033bfed43c87c94cb72ba02f484adf1593c0
0e3537d5f3d2f5520070713b0c4e9ddd613f251763e9d93fa12669f21a60188e
1113cf2f526dabe790e97946546078167c948cfbb78f677d420adc12e91995f3
15123675f1ab5bbd2dd01a31b3296559f3ebe212aec4fbb1604b1340c83ec2d8
155044aeeaea2b8d35efc40af273259a893d6c271eb4439e50432f3ddbb99aae
15838004d5e196b563a00a0ba16ce432fed6deb3dd4fab7122601f2c4f41560a
15ba162b90858156f7be7d037d5577ccbe27720030608c6a6a4054c8994982ca
18bef914d9394fb470b7faa0402881527df938cf2add1e526a8d901e3f656bf5
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
1f98016af7863e9375dc797ad3f658094061862855d5b35f8a2eb4ad42c1dc55
208205bdec1ba25e00bb82dd733447e7092f96f45427a51499ca8b348a514ca5
23e730822e5279636a3c1ea587c53270a38897de967bcca83352d561dd1c69b0
27b298cc293c9ed9f0c9287259d1b1657fefd29398bd1eb446c3028d24244958
2af905d92cfd34b5413126a54f639da408166cbbcb54318e413ad5e10b5bf6ec
2cc061085907c749f4f81a853ae49a331efe4fcd538da758a65bb855dd1dcd2d
3c2ce731a0fb36e28c1cc50b12c121c81ae56fbaef0a109c516f3de4e67eb0b8
3e290fd043b2f300fcc6802ce9762f59dc63a4486ba3fa5a5d4491c1bef84677
42302bc06dea45564bd5a0676cc5ca3fd7c5b8af3dc88e6aaf278ebd0c4975b7
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4c69f084b0373735f91cab66434c1b57f99d022f24d220200b275f9bf7dbbcb1
4c6cd63c2969bb05e6f04ef0a3fc0f8d46e5278b280d48bcbaf61e6a8755f112
4d22584e7ed981a2cccef4f52827565bb11f052535d4bb647a3210957ccd2d6d
4eb64fef9cc9f636740ce1142a5dd7682ee88f51ed6ea3509b081d14939547df
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
50658afdf69a9ae3177f81fe2156fcd616e766a401c8407de929f0936d3bd517
51e18b5d04e2bff91b7c53bc09a646f0b30f4d11452beb2c078d3a046a5f67c4
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
552bdb67c124807fd4a78a9af1bf8675b32e8c2a5b15fe04ab52504c64d39146
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5843f9c838c1b6efece847bc6d696ed906c1826782b126ad5db09920b6270105
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
66f1cdfbf890e2d5e08c3ceaafa41ac0a1296ce1b057b89db0ad5f22e733ed3b
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
6814ef46f686990cf4e946f966167b0507e1d642c44e51f61bffb0bba2d4672b
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
74d73ce62bf4e55531f706c6d6dcf8c7b95208101207e608d39c3296a6fa8ff4
75ba0e9c35e2379a79f86786534917bff2df3f6341ffd026b71a055112b2badb
75c8dd961325f7367f1b846efc96e829b6a3ebc03aebd108ad8f631ad28b872a
782ae98c072f0e0e45013aa1b0444d0d8e3f6c3c9c1e237c215e93efebc26886
78a786bdd2bf005f25ddb215e67486b3a8a6aa6c86eb386b07aa8103c397db3b
7cf52051751d6931387b02e6c53e80025e40807be955e06b0954c52447bfe339
7e5fe921affab5fc16bb76cb0138677bc52dc4abe1257ecfcae99bf225f09b01
7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1
82579c118595edaf3938bd630ff491419d33e0b52c907fa3f9f61f4a05f0451a
829810d625bfa081a203d32317d65b3cffefcb4854baf822e95120dd8daeb911
82e05e9c8efe37209ca0af8149b94fe2973ac6eb749d12dfa7b5963ee5d5037c
868b03314a758384d3a1969a05cfea274fc34966df1f88f020e6b5623c3a368e
8c660e0b2d031b0efa6f5c892800da2d4f8555550eb929c66223bbb52a024f19
8d5497632832a0db2a9a50c25d750e74e9497ba42f40622d5ca66350352bab7b
9017691cf30115d70bf13b495b0af9ed517ecb07e1270952ee7f3094043c8c71
96271179d44086ad6cfba78c4788e3ac34dac8c8bfd18d2c2226d12d5abd0063
9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
a59a536f6a35976c81d050cc1f734740643674e9736ae066f85213a5535e7a0a
a9e9d5d62bdbbe46fee9a3a0ba4c2d7fe5a6f4b53c10df3ac7d34796ffb7c96b
ac2dd4848e29d55d9d05965e66295266f840fde1e7e5c625b8056ed5e17ed515
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae76d384435e2a9c9b328827d7c0527d27541437f0387551a12225488bcb78db
af8545de3876815292506711e1369bff9dfe57ec7e04c45c3e1bdac48a11f3b2
afab1de3356fb47e43fc4bae6ee7aa54f06b131f8a31f16cc4ac79118c74743a
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b627a031966227afe6a97cf9188c9f8c2cb852336a0231566655b5c9de84b482
b7ac26cc635252b12278db01f4616403bd626ed7823fcf5e52576eeeff3b3548
b98b576cf86540a5ce760ea71801cf6ba087b7f1d6e92c09a3a4e849daf3bc3f
c0790c2d2916752f04091f3dc2ff8f1fb793bc09c07bf99809706cea80223780
c2a101f313f27c267a744088e44664a87d2ec7dc2a3464bf1319a95094dc76db
c3977a57ffee5f9602acb2256a493b055b0fbe0c683c5544573bb7e81473be89
c4efdd29b2f63cac6ca076e38260e5296db1f53ddcdf04af3a7446f38e2bf275
c5370a5f05408ac6c35354c362f4ac427f28438f4c4431c8f4f6555775073d62
c75578ffab4599d4d5556304c004482eb29241e114891fe4e6a72c45eddf9d22
cac9b2d14af4e726aa81343794ca74fea196b05c890eb1e0d47e0a35f8b10611
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
d15a6bd0f96369f06aed1411eb2da9a874450957a952f0aec17550aad4496b63
d27aa8bf9677cf4ef12acd7b37afc20f1f661d7c163b929ae9caf103b01fce37
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d7d9ea4f669b0903451c5d87e2e3801cab236ca50e609435013ace47eda4d95c
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e2d4b7ac2cf724a064d15a4379ccca7a81c346dcb143f279d83a0e99f9563cc7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e655517e7fbdca05e234e076d682568be673643e5bdc7fbb12f5ad23a5cb487d
e97b650032c4807fe8534ae690b1cf062a9c17f48792d34156875c4ccf296ccd
eeda6f6208cf7226321ea4ff61ec9b93fde032d5dd25cff49a4941fbca6b2816
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f27902b2b9390fb8b4b9b4239b762bc52fb4e6e2098d3dfecc1fdb37c9431b8f
f88b2e2275b3f0cae0a176e1d249ae53f39bced3d6b5b1422419ac8b54d03217
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

bolster.ai Open in urlscan Pro 2606:4700:10::6816:43db Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

123 Requests

97 %HTTPS

57 %IPv6

38 Domains

50 Subdomains

45 IPs

5 Countries

2784 kBTransfer

6667 kBSize

49 Cookies

22 Outgoing links

Redirected requests

123 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bolster.ai Open in urlscan Pro
2606:4700:10::6816:43db Public Scan

Screenshot
Live screenshot

Full Image

123
Requests

97 %
HTTPS

57 %
IPv6

38
Domains

50
Subdomains

45
IPs

5
Countries

2784 kB
Transfer

6667 kB
Size

49
Cookies

123 HTTP transactions
0 data transactions