urlscan.io logo urlscan.io
SecurityTrails logo

www.gitbit.org Open in urlscan Pro
2606:50c0:8002::153  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.gitbit.org/course/ms-500/blog/the-anatomy-of-great-phishing-emails-xgbfcvv4n
Submission: On December 07 via manual from IE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 5 countries across 10 domains to perform 24 HTTP transactions. The main IP is 2606:50c0:8002::153, located in United States and belongs to FASTLY, US. The main domain is www.gitbit.org.
TLS certificate: Issued by R3 on November 16th 2022. Valid for: 3 months.
This is the only time www.gitbit.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2606:50c0:800... 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
2 162.19.58.161 16276 (OVH)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2620:1ec:46::60 8068 (MICROSOFT...)
3 2001:4860:480... 15169 (GOOGLE)
1 151.139.128.10 20446 (STACKPATH...)
2 34.149.139.129 15169 (GOOGLE)
2 52.184.204.244 8075 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 20.234.93.27 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
24 12
3    2606:50c0:8002::153 (United States)

ASN54113 (FASTLY, US)
www.gitbit.org
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    162.19.58.161 (France)

ASN16276 (OVH, FR)
PTR: ns3096669.ip-162-19-58.eu
i.ibb.co
2    2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2620:1ec:46::60 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
3    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
cdn2.decide.dev
2    34.149.139.129 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 129.139.149.34.bc.googleusercontent.com
decide.dev
2    52.184.204.244 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
n.clarity.ms
2    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    20.234.93.27 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
Apex Domain
Subdomains		 Transfer
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1399
n.clarity.ms — Cisco Umbrella Rank: 10343
c.clarity.ms — Cisco Umbrella Rank: 2123
21 KB
3 decide.dev
cdn2.decide.dev — Cisco Umbrella Rank: 40554
decide.dev — Cisco Umbrella Rank: 26310
6 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2448
417 B
3 gstatic.com
fonts.gstatic.com
47 KB
3 gitbit.org
www.gitbit.org
256 KB
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
34 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 65
135 KB
2 ibb.co
i.ibb.co — Cisco Umbrella Rank: 13158
149 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 296
554 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 51
1 KB
24 10
Domain Requested by
3 region1.google-analytics.com www.googletagmanager.com
3 fonts.gstatic.com fonts.googleapis.com
3 www.gitbit.org www.gitbit.org
2 c.clarity.ms 1 redirects
2 stats.g.doubleclick.net decide.dev
2 n.clarity.ms www.clarity.ms
2 decide.dev cdn2.decide.dev
2 www.clarity.ms www.googletagmanager.com
www.clarity.ms
2 www.googletagmanager.com www.gitbit.org
www.googletagmanager.com
2 i.ibb.co www.gitbit.org
1 c.bing.com 1 redirects
1 cdn2.decide.dev gitbit
1 fonts.googleapis.com www.gitbit.org
24 13
Subject Issuer Validity Valid
www.gitbit.org
R3		 2022-11-16 -
2023-02-14		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
ibb.co
R3		 2022-10-09 -
2023-01-07		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-01 -
2023-12-01		 a year crt.sh
cdn2.decide.dev
R3		 2022-11-07 -
2023-02-05		 3 months crt.sh
decide.dev
GTS CA 1D4		 2022-11-07 -
2023-02-05		 3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 02		 2022-06-07 -
2023-06-02		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.gitbit.org/course/ms-500/blog/the-anatomy-of-great-phishing-emails-xgbfcvv4n
Frame ID: 8E6ED6EBB2D0FC8F86900B44FF51F07E
Requests: 20 HTTP requests in this frame

Frame: https://decide.dev/lad/15664931508787046?pubid=ld-534-9587&pubo=https%3A%2F%2Fwww.gitbit.org&rid=&width=1152
Frame ID: FDB2E54DF8369C4D5845F9CA580698F8
Requests: 2 HTTP requests in this frame

Frame: https://decide.dev/lad/15664932884518758?pubid=ld-7740-2760&pubo=https%3A%2F%2Fwww.gitbit.org&rid=&width=1152
Frame ID: A8044E185F391D700513920ED46FE254
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Anatomy of Great Phishing Emails - GitBit

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

24
Requests

96 %
HTTPS

62 %
IPv6

10
Domains

13
Subdomains

12
IPs

5
Countries

650 kB
Transfer

1915 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=CDA6FD33667D48F19EB1CDC398BEE94E&RedC=c.clarity.ms&MXFR=21633FADC032698D08452DDEC43267B3 HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=CDA6FD33667D48F19EB1CDC398BEE94E&MUID=0155809FB20C6C9C23A092ECB3676DD8

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request the-anatomy-of-great-phishing-emails-xgbfcvv4n
www.gitbit.org/course/ms-500/blog/ 		48 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gitbit.org/course/ms-500/blog/the-anatomy-of-great-phishing-emails-xgbfcvv4n
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
8fcb7461b2fc930d6400f0920d9762bd399235fcb069d199190a228b6db4995c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
0
cache-control
max-age=600
content-encoding
gzip
content-length
10215
content-type
text/html; charset=utf-8
date
Wed, 07 Dec 2022 16:12:33 GMT
etag
W/"638eaf1f-c0ff"
expires
Wed, 07 Dec 2022 11:03:56 GMT
last-modified
Tue, 06 Dec 2022 02:55:27 GMT
server
GitHub.com
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
1
x-fastly-request-id
d8a51667d780fe297366cb19fa16ffa547cb9105
x-github-request-id
CD00:7D31:3ABE19:3CFA30:639070C4
x-proxy-cache
MISS
x-served-by
cache-ams21066-AMS
x-timer
S1670429553.291730,VS0,VE94
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Requested by
Host: www.gitbit.org
URL: https://www.gitbit.org/course/ms-500/blog/the-anatomy-of-great-phishing-emails-xgbfcvv4n
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a0ae09929605e6f45470f62f9ec51e9ec846c70ba08947c673728468044ca1f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gitbit.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 07 Dec 2022 16:12:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 14:38:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 07 Dec 2022 16:12:33 GMT
gitbit-icon-light-80x80.png
www.gitbit.org/assets/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gitbit.org/assets/gitbit-icon-light-80x80.png
Requested by
Host: www.gitbit.org
URL: https://www.gitbit.org/course/ms-500/blog/the-anatomy-of-great-phishing-emails-xgbfcvv4n
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
2ae103ea08e41bb53db7ebe2452a7fbfb9f6e4ca2c0306ca6d571de36c8cdd4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gitbit.org/course/ms-500/blog/the-anatomy-of-great-phishing-emails-xgbfcvv4n
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-fastly-request-id
e3c3061bb95bd2c956f776b2fe6335bfb96d6cd3
date
Wed, 07 Dec 2022 16:12:33 GMT
via
1.1 varnish
expires
Wed, 07 Dec 2022 09:32:31 GMT
age
0
x-cache
HIT
x-proxy-cache
MISS
content-length
5106
x-served-by
cache-ams21066-AMS
last-modified
Tue, 06 Dec 2022 02:55:27 GMT
server
GitHub.com
x-github-request-id
C668:7F9F:2FAF85:31B455:63905B57
x-timer
S1670429553.432387,VS0,VE102
etag
"638eaf1f-13f2"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-cache-hits
1
How-to-create-a-great-phishing-campaign.jpg
i.ibb.co/R760yZT/ 		140 KB
140 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/R760yZT/How-to-create-a-great-phishing-campaign.jpg
Requested by
Host: www.gitbit.org
URL: https://www.gitbit.org/course/ms-500/blog/the-anatomy-of-great-phishing-emails-xgbfcvv4n
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.58.161 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3096669.ip-162-19-58.eu
Software
nginx /
Resource Hash
2efed88ff7fa35a7ce9cfe5633d37c0f70bfd37242d37ade00bcbecadf43ab83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gitbit.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 16:12:33 GMT
last-modified
Mon, 05 Dec 2022 18:37:31 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
143245
expires
Thu, 31 Dec 2037 23:55:55 GMT
mailbox-is-almost-full.png
i.ibb.co/MpJDrdM/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/MpJDrdM/mailbox-is-almost-full.png
Requested by
Host: www.gitbit.org
URL: https://www.gitbit.org/course/ms-500/blog/the-anatomy-of-great-phishing-emails-xgbfcvv4n
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.58.161 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3096669.ip-162-19-58.eu
Software
nginx /
Resource Hash
5e9fd9f5ecd58443b632073f1069122d012f36d5e168c0d0edf6924ffe3a861b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gitbit.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 16:12:33 GMT
last-modified
Mon, 05 Dec 2022 18:38:17 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
8884
expires
Thu, 31 Dec 2037 23:55:55 GMT
the-anatomy-of-great-phishing-emails-xgbfcvv4n.js
www.gitbit.org/course/ms-500/blog/ 		1 MB
241 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gitbit.org/course/ms-500/blog/the-anatomy-of-great-phishing-emails-xgbfcvv4n.js
Requested by
Host: www.gitbit.org
URL: https://www.gitbit.org/course/ms-500/blog/the-anatomy-of-great-phishing-emails-xgbfcvv4n
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
3c89264e5a4581baab18de99b1ad00fcc18b96ea27cafb98b7d339389a16cde9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gitbit.org/course/ms-500/blog/the-anatomy-of-great-phishing-emails-xgbfcvv4n
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-fastly-request-id
4cd68f312a724c96d8a036c493f70d707d5bb054
date
Wed, 07 Dec 2022 16:12:33 GMT
content-encoding
gzip
via
1.1 varnish
x-cache-hits
0
age
0
x-cache
MISS
x-proxy-cache
MISS
content-length
246027
x-served-by
cache-ams21066-AMS
last-modified
Tue, 06 Dec 2022 02:55:27 GMT
server
GitHub.com
x-github-request-id
7688:5CCC:64D6B4:67FC2F:6390BB71
x-timer
S1670429554.518670,VS0,VE130
etag
W/"638eaf1f-117f3e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
expires
Wed, 07 Dec 2022 16:22:33 GMT
gtm.js
www.googletagmanager.com/ 		151 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5LLZMLD
Requested by
Host: www.gitbit.org
URL: https://www.gitbit.org/course/ms-500/blog/the-anatomy-of-great-phishing-emails-xgbfcvv4n
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
eec644b7408cb4dfedd54777e52bfcd0ba3c2aab45358c28f9f775114a3c43ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gitbit.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 16:12:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56876
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 07 Dec 2022 16:12:33 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gitbit.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 11:59:40 GMT
x-content-type-options
nosniff
age
533573
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Dec 2023 11:59:40 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gitbit.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 19:42:15 GMT
x-content-type-options
nosniff
age
505818
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Dec 2023 19:42:15 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gitbit.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 16:44:52 GMT
x-content-type-options
nosniff
age
170861
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Dec 2023 16:44:52 GMT
js
www.googletagmanager.com/gtag/ 		233 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-205ESKGTXB&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LLZMLD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
070a78effe0aad2ba2acca1379aed67dbc11e6f104d867ae2dc12aa3937ddeca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gitbit.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 16:12:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80692
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 07 Dec 2022 16:12:33 GMT
8czgv3r8lz
www.clarity.ms/tag/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/8czgv3r8lz?ref=gtm
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LLZMLD
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::60 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6e7b3d6064929b875dee5487b021272e41c946a2e94bc992b07c4ae18f3a3ad5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gitbit.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
application/x-javascript
date
Wed, 07 Dec 2022 16:12:33 GMT
cache-control
no-cache, no-store
expires
-1
x-azure-ref
0cbuQYwAAAAB2PWv6QrA0QY52nYAHThKoRlJBMzFFREdFMDMxOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
request-context
appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
collect
region1.google-analytics.com/g/ 		0
346 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-205ESKGTXB&gtm=2oebu0&_p=1243176193&cid=998799571.1670429554&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1670429553&sct=1&seg=0&dl=https%3A%2F%2Fwww.gitbit.org%2Fcourse%2Fms-500%2Fblog%2Fthe-anatomy-of-great-phishing-emails-xgbfcvv4n&dt=The%20Anatomy%20of%20Great%20Phishing%20Emails%20-%20GitBit&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-205ESKGTXB&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gitbit.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 16:12:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.gitbit.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-2SLC0NFNCH&gtm=2oebu0&_p=1243176193&cid=998799571.1670429554&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1670429553&sct=1&seg=0&dl=https%3A%2F%2Fwww.gitbit.org%2Fcourse%2Fms-500%2Fblog%2Fthe-anatomy-of-great-phishing-emails-xgbfcvv4n&dt=The%20Anatomy%20of%20Great%20Phishing%20Emails%20-%20GitBit&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-205ESKGTXB&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gitbit.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 16:12:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.gitbit.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ajs.js
cdn2.decide.dev/_js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.decide.dev/_js/ajs.js
Requested by
Host: gitbit
URL: webpack://gitbit/./src/pages/course/ms-500/blog/the-anatomy-of-great-phishing-emails-xgbfcvv4n.js_+_91_modules?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
f8c4fdb5d5d285dc8316d90b5f924e13abb66c4ec75d273f2f5b1f5bd91c3d92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gitbit.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 16:12:33 GMT
content-encoding
gzip
via
1.1 google
last-modified
Tue, 06 Dec 2022 12:57:20 GMT
etag
W/"1a40-184e7831da2"
x-hw
1670429553.cds261.fr8.hn,1670429553.cds259.fr8.c
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=86400
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2962
clarity.js
www.clarity.ms/eus2-f/s/0.6.43/ 		54 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus2-f/s/0.6.43/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/8czgv3r8lz?ref=gtm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::60 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
cc8a16ce849d72f106bd67187e4b60c20da3093375202bf0b53f23e8f40a8b11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gitbit.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 16:12:33 GMT
content-encoding
br
last-modified
Wed, 01 Jun 2022 12:22:22 GMT
server
Microsoft-IIS/10.0
x-azure-ref-originshield
0/3SQYwAAAAA0EjsEmiQtR4i5suD8oKeYRlJBMjMxMDUwNDE3MDI3ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag
"1d9082948124e4c"
x-azure-ref
0cbuQYwAAAAAYNFxi3ZAQTqH5wbfEbcThRlJBMzFFREdFMDMxOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
TCP_HIT
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
accept-ranges
bytes
request-context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
15664931508787046
decide.dev/lad/ Frame FDB2 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://decide.dev/lad/15664931508787046?pubid=ld-534-9587&pubo=https%3A%2F%2Fwww.gitbit.org&rid=&width=1152
Requested by
Host: cdn2.decide.dev
URL: https://cdn2.decide.dev/_js/ajs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.139.129 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
129.139.149.34.bc.googleusercontent.com
Software
/
Resource Hash
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Referer
https://www.gitbit.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, max-age=0, must-revalidate, no-store
content-length
1376
content-type
text/html; charset=utf-8
date
Wed, 07 Dec 2022 16:12:34 GMT
via
1.1 google
15664932884518758
decide.dev/lad/ Frame A804 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://decide.dev/lad/15664932884518758?pubid=ld-7740-2760&pubo=https%3A%2F%2Fwww.gitbit.org&rid=&width=1152
Requested by
Host: cdn2.decide.dev
URL: https://cdn2.decide.dev/_js/ajs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.139.129 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
129.139.149.34.bc.googleusercontent.com
Software
/
Resource Hash
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Referer
https://www.gitbit.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, max-age=0, must-revalidate, no-store
content-length
1376
content-type
text/html; charset=utf-8
date
Wed, 07 Dec 2022 16:12:34 GMT
via
1.1 google
collect
n.clarity.ms/ 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://n.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-f/s/0.6.43/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.184.204.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.gitbit.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin
https://www.gitbit.org
date
Wed, 07 Dec 2022 16:12:33 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
vary
Origin
request-context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
dc.js
stats.g.doubleclick.net/ Frame A804 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: decide.dev
URL: https://decide.dev/lad/15664932884518758?pubid=ld-7740-2760&pubo=https%3A%2F%2Fwww.gitbit.org&rid=&width=1152
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://decide.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 07 Dec 2022 16:07:20 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
314
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Wed, 07 Dec 2022 18:07:20 GMT
dc.js
stats.g.doubleclick.net/ Frame FDB2 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: decide.dev
URL: https://decide.dev/lad/15664931508787046?pubid=ld-534-9587&pubo=https%3A%2F%2Fwww.gitbit.org&rid=&width=1152
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://decide.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 07 Dec 2022 16:07:20 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
314
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Wed, 07 Dec 2022 18:07:20 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=CDA6FD33667D48F19EB1CDC398BEE94E&RedC=c.clarity.ms&MXFR=21633FADC032698D08452DDEC43267B3
  • https://c.clarity.ms/c.gif?CtsSyncId=CDA6FD33667D48F19EB1CDC398BEE94E&MUID=0155809FB20C6C9C23A092ECB3676DD8
42 B
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=CDA6FD33667D48F19EB1CDC398BEE94E&MUID=0155809FB20C6C9C23A092ECB3676DD8
Protocol
H2
Server
20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gitbit.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 16:12:34 GMT
last-modified
Thu, 13 Oct 2022 20:07:05 GMT
server
Microsoft-IIS/10.0
etag
"40db785d3fdfd81:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Wed, 07 Dec 2022 16:12:33 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: CA69B47AE5B942A2B800C36440211C83 Ref B: FRAEDGE1406 Ref C: 2022-12-07T16:12:34Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=CDA6FD33667D48F19EB1CDC398BEE94E&MUID=0155809FB20C6C9C23A092ECB3676DD8
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
collect
n.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://n.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-f/s/0.6.43/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.184.204.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.gitbit.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin
https://www.gitbit.org
date
Wed, 07 Dec 2022 16:12:34 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
vary
Origin
request-context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-205ESKGTXB&gtm=2oebu0&_p=1243176193&cid=998799571.1670429554&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1670429553&sct=1&seg=0&dl=https%3A%2F%2Fwww.gitbit.org%2Fcourse%2Fms-500%2Fblog%2Fthe-anatomy-of-great-phishing-emails-xgbfcvv4n&dt=The%20Anatomy%20of%20Great%20Phishing%20Emails%20-%20GitBit&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-205ESKGTXB&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gitbit.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 16:12:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.gitbit.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontentvisibilityautostatechange object| dataLayer object| google_tag_manager object| google_tag_data function| clarity function| onYouTubeIframeAPIReady object| gaGlobal object| ldAdInit object| adsbygoogle object| _ldAdIdMap

10 Cookies

Domain/Path Name / Value
.gitbit.org/ Name: _ga_205ESKGTXB
Value: GS1.1.1670429553.1.0.1670429553.0.0.0
.gitbit.org/ Name: _ga
Value: GA1.1.998799571.1670429554
.gitbit.org/ Name: _ga_2SLC0NFNCH
Value: GS1.1.1670429553.1.0.1670429553.0.0.0
www.clarity.ms/ Name: CLID
Value: bc95cd3ff32b418f8153fb30457404a7.20221207.20231207
.gitbit.org/ Name: _clck
Value: l46630|1|f77|0
.gitbit.org/ Name: _clsk
Value: 18mk7b3|1670429554506|1|1|n.clarity.ms/collect
.c.bing.com/ Name: SRM_B
Value: 0155809FB20C6C9C23A092ECB3676DD8
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 0155809FB20C6C9C23A092ECB3676DD8
.c.clarity.ms/ Name: ANONCHK
Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.bing.com
c.clarity.ms
cdn2.decide.dev
decide.dev
fonts.googleapis.com
fonts.gstatic.com
i.ibb.co
n.clarity.ms
region1.google-analytics.com
stats.g.doubleclick.net
www.clarity.ms
www.gitbit.org
www.googletagmanager.com
151.139.128.10
162.19.58.161
20.234.93.27
2001:4860:4802:34::36
2606:50c0:8002::153
2620:1ec:46::60
2620:1ec:c11::200
2a00:1450:4001:803::2008
2a00:1450:4001:806::200a
2a00:1450:4001:828::2003
2a00:1450:400c:c00::9c
34.149.139.129
52.184.204.244
070a78effe0aad2ba2acca1379aed67dbc11e6f104d867ae2dc12aa3937ddeca
2ae103ea08e41bb53db7ebe2452a7fbfb9f6e4ca2c0306ca6d571de36c8cdd4e
2efed88ff7fa35a7ce9cfe5633d37c0f70bfd37242d37ade00bcbecadf43ab83
3c89264e5a4581baab18de99b1ad00fcc18b96ea27cafb98b7d339389a16cde9
5e9fd9f5ecd58443b632073f1069122d012f36d5e168c0d0edf6924ffe3a861b
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
6e7b3d6064929b875dee5487b021272e41c946a2e94bc992b07c4ae18f3a3ad5
8fcb7461b2fc930d6400f0920d9762bd399235fcb069d199190a228b6db4995c
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a0ae09929605e6f45470f62f9ec51e9ec846c70ba08947c673728468044ca1f0
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b
cc8a16ce849d72f106bd67187e4b60c20da3093375202bf0b53f23e8f40a8b11
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eec644b7408cb4dfedd54777e52bfcd0ba3c2aab45358c28f9f775114a3c43ff
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8c4fdb5d5d285dc8316d90b5f924e13abb66c4ec75d273f2f5b1f5bd91c3d92