info.phishlabs.com Open in urlscan Pro
2606:4700::6811:81b4 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
Submission: On October 28 via api (October 28th 2020, 4:12:41 pm UTC) from CH

Summary HTTP 118 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 36 IPs in 6 countries across 31 domains to perform 118 HTTP transactions. The main IP is 2606:4700::6811:81b4, located in United States and belongs to CLOUDFLARENET, US. The main domain is info.phishlabs.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 16th 2020. Valid for: a year.

This is the only time info.phishlabs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
21	2606:4700::68... 2606:4700::6811:81b4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:f2cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	209.128.119.150 209.128.119.150	7151 (BAYAREA-AS) (BAYAREA-AS)
1	172.217.18.162 172.217.18.162	15169 (GOOGLE) (GOOGLE)
18	62.113.194.12 62.113.194.12	47447 (TTM) (TTM)
1	52.205.51.47 52.205.51.47	14618 (AMAZON-AES) (AMAZON-AES)
2	65.9.190.70 65.9.190.70	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:815::2003	15169 (GOOGLE) (GOOGLE)
1	163.171.128.148 163.171.128.148	54994 (QUANTILNE...) (QUANTILNETWORKS)
3	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE)
2	104.109.95.62 104.109.95.62	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c09::9c	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:817::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
4	2a02:26f0:eb:... 2a02:26f0:eb:3a3::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.111.9.64 23.111.9.64	33438 (HIGHWINDS2) (HIGHWINDS2)
1	206.19.49.24 206.19.49.24	7018 (ATT-INTER...) (ATT-INTERNET4)
1 2	2a05:f500:11:... 2a05:f500:11:101::b93f:9005	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	54.165.164.251 54.165.164.251	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6811:45b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:eacc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:71b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:14bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	52.214.70.9 52.214.70.9	16509 (AMAZON-02) (AMAZON-02)
1 2	65.9.190.44 65.9.190.44	16509 (AMAZON-02) (AMAZON-02)
6	52.38.14.212 52.38.14.212	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:c8cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:800e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
1 1	151.101.193.140 151.101.193.140	54113 (FASTLY) (FASTLY)
1	199.232.53.140 199.232.53.140	54113 (FASTLY) (FASTLY)
118	36

21 2606:4700::6811:81b4 (United States)

ASN13335 (CLOUDFLARENET, US)

info.phishlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:f2cc (United States)

ASN13335 (CLOUDFLARENET, US)

cdn2.hubspot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

static.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 209.128.119.150 (United States)

ASN7151 (BAYAREA-AS, US)
PTR: 209-128-119-150.bayarea.net

stats.sa-as.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 62.113.194.12 (Hamburg, Germany)

ASN47447 (TTM, DE)
PTR: edge-481.b-cdn.net

load.sumome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
load.sumo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.205.51.47 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-51-47.compute-1.amazonaws.com

cdn.callrail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.190.70 (Seattle, United States)

ASN16509 (AMAZON-02, US)

tag.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:815::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.171.128.148 (Germany)

ASN54994 (QUANTILNETWORKS, US)

trk.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.95.62 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a104-109-95-62.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c09::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:817::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

130-bfb-942.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:eb:3a3::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.9.64 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

scout-cdn.salesloft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 206.19.49.24 (United States)

ASN7018 (ATT-INTERNET4, US)

apt.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:11:101::b93f:9005 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.165.164.251 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-164-251.compute-1.amazonaws.com

scout.salesloft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:45b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:eacc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:71b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:14bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.214.70.9 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-70-9.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.190.44 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)

segments.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.38.14.212 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-38-14-212.us-west-2.compute.amazonaws.com

sumo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:c8cc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients6.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:800e:face:b00c:0:2 (Ireland)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.140 (United States) 1 redirects

ASN54113 (FASTLY, US)

reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.53.140 (United States)

ASN54113 (FASTLY, US)

www.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	sumo.com load.sumo.com sumo.com	630 KB
21	phishlabs.com info.phishlabs.com	219 KB
9	hubspot.com static.hubspot.com app.hubspot.com track.hubspot.com forms.hubspot.com	7 KB
6	google.com www.google.com clients6.google.com	475 B
6	google-analytics.com www.google-analytics.com	19 KB
5	google.de www.google.de	475 B
5	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	4 KB
5	googleapis.com fonts.googleapis.com	6 KB
4	licdn.com snap.licdn.com	6 KB
3	company-target.com 1 redirects api.company-target.com segments.company-target.com	2 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	1 KB
3	salesloft.com scout-cdn.salesloft.com scout.salesloft.com	4 KB
3	sa-as.com stats.sa-as.com	2 KB
2	reddit.com 1 redirects reddit.com www.reddit.com	871 B
2	facebook.com graph.facebook.com api.facebook.com	1 KB
2	bidr.io 2 redirects match.prod.bidr.io	1019 B
2	marketo.net munchkin.marketo.net	6 KB
2	techtarget.com trk.techtarget.com apt.techtarget.com	3 KB
2	gstatic.com fonts.gstatic.com	22 KB
2	googletagmanager.com www.googletagmanager.com	70 KB
2	googleadservices.com www.googleadservices.com	24 KB
2	hubspot.net cdn2.hubspot.net	46 KB
1	hubapi.com api.hubapi.com	368 B
1	hs-banner.com js.hs-banner.com	11 KB
1	hsadspixel.net js.hsadspixel.net	2 KB
1	hsleadflows.net js.hsleadflows.net	72 KB
1	hs-analytics.net js.hs-analytics.net	18 KB
1	mktoresp.com 130-bfb-942.mktoresp.com	311 B
1	demandbase.com tag.demandbase.com	16 KB
1	callrail.com cdn.callrail.com	312 B
1	sumome.com load.sumome.com	2 KB
118	31

	Domain	Requested by
21	info.phishlabs.com	info.phishlabs.com
17	load.sumo.com	load.sumome.com
6	sumo.com	load.sumo.com
6	www.google-analytics.com	www.googletagmanager.com info.phishlabs.com www.google-analytics.com
5	www.google.de	info.phishlabs.com
5	www.google.com	info.phishlabs.com
5	fonts.googleapis.com	info.phishlabs.com
4	snap.licdn.com	info.phishlabs.com snap.licdn.com js.hsadspixel.net
4	static.hubspot.com	info.phishlabs.com
3	track.hubspot.com
3	stats.g.doubleclick.net	www.google-analytics.com
3	stats.sa-as.com	info.phishlabs.com
2	segments.company-target.com	1 redirects info.phishlabs.com
2	match.prod.bidr.io	2 redirects
2	scout.salesloft.com	scout-cdn.salesloft.com
2	px.ads.linkedin.com	1 redirects info.phishlabs.com
2	munchkin.marketo.net	info.phishlabs.com munchkin.marketo.net
2	googleads.g.doubleclick.net	www.googleadservices.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.googletagmanager.com	info.phishlabs.com js.hsadspixel.net
2	www.googleadservices.com	info.phishlabs.com www.googletagmanager.com
2	cdn2.hubspot.net	info.phishlabs.com
1	www.reddit.com
1	reddit.com	1 redirects
1	api.facebook.com	load.sumo.com
1	graph.facebook.com	load.sumo.com
1	clients6.google.com	load.sumo.com
1	forms.hubspot.com	js.hsleadflows.net
1	api.hubapi.com	js.hsadspixel.net
1	api.company-target.com	tag.demandbase.com
1	js.hs-banner.com	info.phishlabs.com
1	js.hsadspixel.net	info.phishlabs.com
1	js.hsleadflows.net	info.phishlabs.com
1	js.hs-analytics.net	info.phishlabs.com
1	www.linkedin.com	1 redirects
1	apt.techtarget.com	info.phishlabs.com
1	app.hubspot.com	info.phishlabs.com
1	scout-cdn.salesloft.com	info.phishlabs.com
1	130-bfb-942.mktoresp.com	munchkin.marketo.net
1	trk.techtarget.com	info.phishlabs.com
1	tag.demandbase.com	info.phishlabs.com
1	cdn.callrail.com	info.phishlabs.com
1	load.sumome.com	info.phishlabs.com
118	43

This site contains links to these domains. Also see Links.

Domain
www.phishlabs.com
www.fsisac.com
www.facebook.com
www.linkedin.com
twitter.com

Subject Issuer	Validity	Valid
info.phishlabs.com Cloudflare Inc ECC CA-3	`2020-08-16` - `2021-08-16`	a year	crt.sh
hubspot.net Cloudflare Inc ECC CA-3	`2020-07-03` - `2021-07-03`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2020-07-27` - `2021-07-27`	a year	crt.sh
stats.sa-as.com Sectigo RSA Domain Validation Secure Server CA	`2019-03-14` - `2021-03-13`	2 years	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.sumome.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-06-01`	a year	crt.sh
cdn.callrail.com Amazon	`2020-04-24` - `2021-05-24`	a year	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2020-10-14` - `2021-11-15`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
trk.techtarget.com Sectigo RSA Domain Validation Secure Server CA	`2020-02-17` - `2022-05-17`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2020-03-14` - `2021-04-13`	a year	crt.sh
*.sumo.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-30` - `2021-05-30`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.mktoresp.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2022-01-21`	2 years	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
salesloft.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-23` - `2021-03-23`	a year	crt.sh
*.techtarget.com Sectigo RSA Domain Validation Secure Server CA	`2019-10-25` - `2021-10-24`	2 years	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2020-08-05` - `2021-02-05`	6 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-14` - `2021-08-14`	a year	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2020-10-09` - `2021-10-28`	a year	crt.sh
*.company-target.com Go Daddy Secure Certificate Authority - G2	`2019-06-19` - `2021-08-18`	2 years	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2020-07-03` - `2021-07-03`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-09-11` - `2020-12-10`	3 months	crt.sh
*.reddit.com DigiCert SHA2 Secure Server CA	`2020-08-26` - `2021-02-22`	6 months	crt.sh

This page contains 1 frames:

Primary Page: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
Frame ID: 5756A4FD6EEDB4D8BB3146D52F00C7BA
Requests: 115 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

118
Requests

99 %
HTTPS

58 %
IPv6

31
Domains

43
Subdomains

36
IPs

6
Countries

1192 kB
Transfer

5404 kB
Size

16
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://www.phishlabs.com/about-us/careers/
Title: CAREERS

Search URL Search Domain Scan URL

URL: https://www.phishlabs.com/client-login/
Title: CLIENT LOGIN

Search URL Search Domain Scan URL

URL: https://www.phishlabs.com/

Search URL Search Domain Scan URL

URL: https://www.phishlabs.com/drp-digital-risk-protection/
Title: Digital Risk Protection

Search URL Search Domain Scan URL

URL: https://www.phishlabs.com/email-intelligence-response/
Title: Email Intelligence & Response

Search URL Search Domain Scan URL

URL: https://www.phishlabs.com/use-cases/
Title: Use Cases

Search URL Search Domain Scan URL

URL: https://www.phishlabs.com/resources/
Title: Resources

Search URL Search Domain Scan URL

URL: https://www.fsisac.com/events/ews78#new_tab
Title: Digital Risk Protection: Evolving Your Cyber Threat Intel Program into Action

Search URL Search Domain Scan URL

URL: http://www.facebook.com/share.php?u=https%3A%2F%2Finfo.phishlabs.com%2Fwebinar-look-alike-domains-bec-brand-abuse%3Futm_medium%3Dsocial%26utm_source%3Dfacebook

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Finfo.phishlabs.com%2Fwebinar-look-alike-domains-bec-brand-abuse%3Futm_medium%3Dsocial%26utm_source%3Dlinkedin

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?original_referer=https%3A%2F%2Finfo.phishlabs.com%2Fwebinar-look-alike-domains-bec-brand-abuse%3Futm_medium%3Dsocial%26utm_source%3Dtwitter&url=https%3A%2F%2Finfo.phishlabs.com%2Fwebinar-look-alike-domains-bec-brand-abuse%3Futm_medium%3Dsocial%26utm_source%3Dtwitter&source=tweetbutton&text=Webinar%3A%20Look-alike%20Domains%2C%20BEC%2C%20and%20Brand%20Abuse

Search URL Search Domain Scan URL

URL: https://www.phishlabs.com/about/
Title: COMPANY

Search URL Search Domain Scan URL

URL: https://www.phishlabs.com/careers/
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.phishlabs.com/careers/#positions
Title: Open Positions

Search URL Search Domain Scan URL

URL: https://www.phishlabs.com/leadership/
Title: Leadership

Search URL Search Domain Scan URL

URL: https://www.phishlabs.com/board-of-directors/
Title: Board of Directors

Search URL Search Domain Scan URL

URL: https://www.phishlabs.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.phishlabs.com/partners/
Title: Partners

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=27536&time=1603901544718&url=https%3A%2F%2Finfo.phishlabs.com%2Fwebinar-look-alike-domains-bec-brand-abuse HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D27536%26time%3D1603901544718%26url%3Dhttps%253A%252F%252Finfo.phishlabs.com%252Fwebinar-look-alike-domains-bec-brand-abuse%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=27536&time=1603901544718&url=https%3A%2F%2Finfo.phishlabs.com%2Fwebinar-look-alike-domains-bec-brand-abuse&liSync=true

Request Chain 62

https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
https://segments.company-target.com/log?vendor=choca&user_id=AAHES06_MzEAAA-t9K4KQA HTTP 303
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAHES06_MzEAAA-t9K4KQA&verifyHash=3ac1d022ab7f3035c5d93cb0a0b856739d975bcb

Request Chain 111

https://reddit.com/button_info.json?url=https%3A%2F%2Finfo.phishlabs.com%2Fwebinar-look-alike-domains-bec-brand-abuse&jsonp=jQuery110205197408693115826_1603901544757&_=1603901544758 HTTP 301
https://www.reddit.com/button_info.json?url=https%3A%2F%2Finfo.phishlabs.com%2Fwebinar-look-alike-domains-bec-brand-abuse&jsonp=jQuery110205197408693115826_1603901544757&_=1603901544758

118 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request webinar-look-alike-domains-bec-brand-abuse Show response
info.phishlabs.com/ 50 KB
11 KB 95ms
74ms Document
text/html 2606:4700::6811:81b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:81b4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / HubSpot

Resource Hash

c3c181155b39df93ee752f752ed404685a62ae5e1217f6c4d8a3e78d447c62a8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0

Request headers

:method: GET
:authority: info.phishlabs.com
:scheme: https
:path: /webinar-look-alike-domains-bec-brand-abuse
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Wed, 28 Oct 2020 16:12:24 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d143466914be043cf1385996d08a37c721603901544; expires=Fri, 27-Nov-20 16:12:24 GMT; path=/; domain=.info.phishlabs.com; HttpOnly; SameSite=Lax __cfruid=381a7c3454000e8ca1cf14c5267ccb66b1bfe8a2-1603901544; path=/; domain=.info.phishlabs.com; HttpOnly; Secure; SameSite=None
cache-control: s-maxage=10800, max-age=0
etag: W/"48d95d7637289ccc0c78faae3be91f83"
last-modified: Sat, 24 Oct 2020 05:57:18 GMT
link: </hs/hsstatic/AsyncSupport/static-1.89/js/rss_listing_asset.js>; rel=preload; as=script,</hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/project.js>; rel=preload; as=script,</hs/hsstatic/cos-i18n/static-1.27/bundles/project.js>; rel=preload; as=script,</_hcms/forms/v2.js>; rel=preload; as=script,</hs/hsstatic/HubspotToolsMenu/static-1.79/js/index.js>; rel=preload; as=script
strict-transport-security: max-age=0
cf-cache-status: HIT
cache-tag: CT-35849326147,P-326665,L-2963416061,L-2989234018,L-3995025991,CW-5737084471,E-2963421206,E-2989234608,MENU-2970208927,MENU-2970214782,PGS-ALL,SW-1,GC-32058681602
content-security-policy: upgrade-insecure-requests
edge-cache-tag: CT-35849326147,P-326665,L-2963416061,L-2989234018,L-3995025991,CW-5737084471,E-2963421206,E-2989234608,MENU-2970208927,MENU-2970214782,PGS-ALL,SW-1,GC-32058681602
x-hs-cache-config: BrowserCache-5s-EdgeCache-180s
x-hs-combine-css: Disabled
x-hs-content-campaign-id: d8908ad2-5ef2-455b-bb6c-60e9c2103fdb
x-hs-content-id: 35849326147
x-hs-hub-id: 326665
x-powered-by: HubSpot
cf-request-id: 0611946f1d00002b8970a74000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 5e95f02b5b5a2b89-FRA
content-encoding: br
cf-h2-pushed: </hs/hsstatic/AsyncSupport/static-1.89/js/rss_listing_asset.js>,</hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/project.js>,</hs/hsstatic/cos-i18n/static-1.27/bundles/project.js>,</_hcms/forms/v2.js>,</hs/hsstatic/HubspotToolsMenu/static-1.79/js/index.js>

GET
H2 200 rss_listing_asset.js Show response
info.phishlabs.com/hs/hsstatic/AsyncSupport/static-1.89/js/ 4 KB
2 KB 19ms
0ms Script
application/javascript 2606:4700::6811:81b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.phishlabs.com/hs/hsstatic/AsyncSupport/static-1.89/js/rss_listing_asset.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:81b4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

116163e5f71189c0a015cb9f02a8c8b1b356c25e8e2da91af85d6391ec74247b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 16:12:24 GMT
via: 1.1 3af85c3075e12aff72b9e148b99d6623.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 1593285
x-amz-server-side-encryption: AES256
cf-ray: 5e95f02bccd82b89-FRA
x-cache: RefreshHit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 0611946f5d00002b89011ef000000001
last-modified: Fri, 09 Oct 2020 17:06:38 GMT
server: cloudflare
etag: W/"4c48c346ef9139c2ed1649b74d208eb1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: PiyADSPmsCuhAlD6zAf7hjn7jlpC8D4L
cache-control: public, max-age=31536000
x-amz-cf-pop: AMS54-C1
content-type: application/javascript
x-amz-cf-id: K_7dr7nX7cUB2DXow42AadVSZ7f3iQWWE7Kb9scRnKJjcL5gS1fdIQ==
expires: Thu, 28 Oct 2021 16:12:24 GMT

GET
H2 200 project.js Show response
info.phishlabs.com/hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/ 2 KB
907 B 17ms
0ms Script
application/javascript 2606:4700::6811:81b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.phishlabs.com/hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/project.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:81b4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb56af9f7623a55839dfb9cf019b05664a62e1b41671d925f3ed587c506443b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 16:12:24 GMT
via: 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 1122018
x-amz-server-side-encryption: AES256
cf-ray: 5e95f02bccdc2b89-FRA
x-cache: Miss from cloudfront
status: 200
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 0611946f5d00002b894935f000000001
last-modified: Wed, 19 Aug 2020 22:24:11 GMT
server: cloudflare
etag: W/"ef84f26c310485299d6b75777414eddb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: gEenO44eZUewxnIWfgj9q6LB.g9OszNv
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: -bjBpDLBmubi0JyyOO6c50MWIeHPxrvqJi6UQE98w6qUwOfEbY-KRg==
expires: Thu, 28 Oct 2021 16:12:24 GMT

GET
H2 200 project.js Show response
info.phishlabs.com/hs/hsstatic/cos-i18n/static-1.27/bundles/ 1 KB
947 B 20ms
0ms Script
application/javascript 2606:4700::6811:81b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.phishlabs.com/hs/hsstatic/cos-i18n/static-1.27/bundles/project.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:81b4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3f99c65ea3d6186991a21add80eeea6d79500fcb3c9d8263680e0de270e0753

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 16:12:24 GMT
via: 1.1 1c1b89f1f3c38ed1685254901bc8fb2d.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 1122806
x-amz-server-side-encryption: AES256
cf-ray: 5e95f02bccde2b89-FRA
x-cache: Miss from cloudfront
status: 200
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 0611946f5d00002b8904b06000000001
last-modified: Wed, 19 Aug 2020 22:31:39 GMT
server: cloudflare
etag: W/"d0cd32f08bf823a0389da03beed61887"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: 2tzxWhBqhFrbWNOKYsoHIauxtaBoTuuO
cache-control: public, max-age=31536000
x-amz-cf-pop: ATL51-C1
content-type: application/javascript
x-amz-cf-id: N2g9BdCJiknAD9Q9J2E5dpmQGZ0UpBVuzcRudBtYmO2ebqh72MTcrA==
expires: Thu, 28 Oct 2021 16:12:24 GMT

GET
H2 200 v2.js Show response
info.phishlabs.com/_hcms/forms/ 472 KB
117 KB 19ms
0ms Script
application/javascript 2606:4700::6811:81b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.phishlabs.com/_hcms/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:81b4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28a10c1f5d82f21d724f45b8fe8d90be175ca8b321efa5ee71888cbe540060ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 16:12:24 GMT
via: 1.1 5a45573ebecfd555d93af04bbbcf0557.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
age: 165
x-amz-server-side-encryption: AES256
cf-ray: 5e95f02bccdf2b89-FRA
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 0611946f5d00002b89001b9000000001
last-modified: Thu, 15 Oct 2020 02:32:44 UTC
server: cloudflare
etag: W/"a442134e9b64c42c15f1ed8e6a94aefd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: yjyeVe_DCYhRLr8umQt3KURdr9unA.5k
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=0
x-amz-cf-pop: IAD66-C2
content-type: application/javascript; charset=utf-8
x-amz-cf-id: DVs5eciA0-Xaed1WgOVgbPpGFKL_cF_dmngPqkWV3I-xt7RfYmFf2w==

GET
H2 200 index.js Show response
info.phishlabs.com/hs/hsstatic/HubspotToolsMenu/static-1.79/js/ 10 KB
4 KB 21ms
0ms Script
application/javascript 2606:4700::6811:81b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.phishlabs.com/hs/hsstatic/HubspotToolsMenu/static-1.79/js/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:81b4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd3eb59038a5df086653388d9394fed2f2f1d72d9c01cfdc4920247a9d371e83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 16:12:24 GMT
via: 1.1 ccc3c8305c079db66ab9ac68a1ea9cd9.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 1367388
x-amz-server-side-encryption: AES256
cf-ray: 5e95f02bcce02b89-FRA
x-cache: Miss from cloudfront
status: 200
x-amz-replication-status: PENDING
content-encoding: br
cf-request-id: 0611946f5d00002b89569db000000001
last-modified: Mon, 14 Sep 2020 20:19:23 GMT
server: cloudflare
etag: W/"e669ca94e2fffafc96a88184dda30834"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: RcBG9DPSu_6ZVzKnktPJ4cTzKi_y_4VM
cache-control: public, max-age=31536000
x-amz-cf-pop: HAM50-C3
content-type: application/javascript
x-amz-cf-id: u_eXPpZdn84J8B8aDCV4RN0BLZcyawTQivbvQu0fvitATQsQxuAYaA==
expires: Thu, 28 Oct 2021 16:12:24 GMT

GET
H2 200 jquery-1.7.1.js Show response
info.phishlabs.com/hs/hsstatic/jquery-libs/static-1.1/jquery/ 92 KB
33 KB 36ms
35ms Script
application/javascript 2606:4700::6811:81b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.phishlabs.com/hs/hsstatic/jquery-libs/static-1.1/jquery/jquery-1.7.1.js

Requested by

Host: info.phishlabs.com
URL: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:81b4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 16:12:24 GMT
via: 1.1 3283735112d0a322451d32ef038129c9.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 1345103
cf-ray: 5e95f02bdd222b89-FRA
x-cache: Miss from cloudfront
status: 200
content-encoding: br
cf-request-id: 0611946f6c00002b891493e000000001
last-modified: Tue, 25 Nov 2014 17:03:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: null
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA53
content-type: application/javascript
x-amz-cf-id: pOzGbJU5LFrThhOJ1q-01XMvynxolEOl9W10R8vpW820ZWymRybHmQ==
expires: Thu, 28 Oct 2021 16:12:24 GMT

GET
H2 200 rss_post_listing.css
info.phishlabs.com/hs/hsstatic/AsyncSupport/static-1.89/sass/ 910 B
502 B 37ms
37ms Stylesheet
text/css 2606:4700::6811:81b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.phishlabs.com/hs/hsstatic/AsyncSupport/static-1.89/sass/rss_post_listing.css

Requested by

Host: info.phishlabs.com
URL: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:81b4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

723fbf8d73cd4e75f64f7d21558585aa1658b11332e87bd288f6987e398ecfb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 16:12:24 GMT
via: 1.1 086617c9385713660fb060f989a2a627.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 1630610
x-amz-server-side-encryption: AES256
cf-ray: 5e95f02bdd192b89-FRA
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 0611946f6b00002b8933244000000001
last-modified: Fri, 09 Oct 2020 17:06:38 GMT
server: cloudflare
etag: W/"e1b521ec14a912d6d385c21388ec7d79"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: qFq6UeI5XWw7okL59PPhW2zwyy_UNTUy
cache-control: public, max-age=31536000
x-amz-cf-pop: JFK51-C1
content-type: text/css
x-amz-cf-id: 9lq-ZDBpFvJAoB3YlASQA5IkMIYtF79fTykxUORngRgIHSVpMi9VRg==
expires: Thu, 28 Oct 2021 16:12:24 GMT

GET
H2 200 layout.min.css
cdn2.hubspot.net/hub/-1/hub_generated/template_assets/1495141902003/hubspot_default/shared/responsive/ 5 KB
2 KB 44ms
26ms Stylesheet
text/css 2606:4700::6811:f2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/-1/hub_generated/template_assets/1495141902003/hubspot_default/shared/responsive/layout.min.css
Requested by: Host: info.phishlabs.com
URL: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 341a4d40ad1b2560db940f906716d0e9539d4c0785399d7e0348fd0d3af00170

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 16:12:24 GMT
content-encoding: br
cf-cache-status: HIT
age: 758263
status: 200
x-amz-meta-md5-hash: 0b0c633d59ab0af9553a98c0e7d97349
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 8
cf-request-id: 0611946f7e0000c2bd7b3e8000000001
last-modified: Thu, 18 May 2017 21:11:43 GMT
server: cloudflare
etag: W/"0b0c633d59ab0af9553a98c0e7d97349"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: s-maxage=7200, max-age=7200
x-amz-cf-pop: IAD89-C1
cf-ray: 5e95f02bfd86c2bd-FRA
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 8

GET
H2 200 PhishLabs-June2015-style.css
info.phishlabs.com/hs-fs/hub/326665/hub_generated/template_assets/2963421206/1594316264985/Coded_files/Custom/page/PhishLabs-June2015-theme/ 82 KB
16 KB 43ms
42ms Stylesheet
text/css 2606:4700::6811:81b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://info.phishlabs.com/hs-fs/hub/326665/hub_generated/template_assets/2963421206/1594316264985/Coded_files/Custom/page/PhishLabs-June2015-theme/PhishLabs-June2015-style.css
Requested by: Host: info.phishlabs.com
URL: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:81b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccf4a0adea58942beaef83fbd7f58989d9d67b8c00423c0fcd2de2004d1cf77a

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 16:12:24 GMT
via: 1.1 b5e757a7da6f6fe6261f56a8a9646881.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 2008
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
status: 200
x-amz-cf-pop: IAD89-C1
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 5
content-encoding: br
x-amz-request-id: A04ABD32793F890A
x-amz-id-2: 1bJG939IyJX3nP6MzQQwjvAaa0wQH9DDmMTSLKLRzyXDUyF8+DVBcsdPoUr5Jwqw7ic/4RMI/S4=
last-modified: Thu, 09 Jul 2020 17:37:45 GMT
server: cloudflare
etag: W/"08dea9de6c31cbadf522a4c97cb15ad0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: s-maxage=7200, max-age=7200, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: .BBtvUsjCXX5dUHnByfdIlslIOOamiNy
cf-request-id: 0611946f6c00002b893f2bb000000001
cf-ray: 5e95f02bdd212b89-FRA
x-amz-cf-id: Lie0P1pcq6rxTd85tmtsFro580S71-leXCY9_FesoAX2veWLBBrVIA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 5

GET
H2 200 PhishLabs_Logo_CMYK_NEWnotag.png
info.phishlabs.com/hs-fs/hubfs/ 4 KB
4 KB 211ms
207ms Image
image/webp 2606:4700::6811:81b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://info.phishlabs.com/hs-fs/hubfs/PhishLabs_Logo_CMYK_NEWnotag.png?width=226&name=PhishLabs_Logo_CMYK_NEWnotag.png
Requested by: Host: info.phishlabs.com
URL: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:81b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 255dded404d185ab11e9c0ea77f93486ae5f1bb63c6b36e97688f4db24c1a44b

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 16:12:24 GMT
via: 1.1 2e50d9b1ee017f302768660f02b7418e.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 1087996
cf-polished: origFmt=png, origSize=7800
edge-cache-tag: F-32058416270,P-326665,FLS-ALL
status: 200
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="PhishLabs_Logo_CMYK_NEWnotag.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
content-length: 3852
cf-request-id: 0611946fa400002b8902be7000000001
x-amz-server-side-encryption: AES256
last-modified: Thu, 15 Oct 2020 20:25:44 GMT
server: cloudflare
x-cache: RefreshHit from cloudfront
etag: "7dc54dfab5c2f7b89e0b92c337ba6258"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cf-bgj: imgq:85,h2pri
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
x-amz-cf-pop: IAD89-C1
accept-ranges: bytes
cf-ray: 5e95f02c3e342b89-FRA
x-amz-cf-id: ikIGDF6f8auOMM3lYHEdCTYtKrrrQQBCsCdkCYX1oUMyy6vDucDNNg==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 phishlabs_logo_dark.png
info.phishlabs.com/hubfs/Phishlabs-Images/ 4 KB
5 KB 39ms
36ms Image
image/webp 2606:4700::6811:81b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://info.phishlabs.com/hubfs/Phishlabs-Images/phishlabs_logo_dark.png
Requested by: Host: info.phishlabs.com
URL: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:81b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87590e82d7148881f992efe13b0aa584520f3026f638a1b504a2ebb10d35f53c

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 16:12:24 GMT
via: 1.1 eaaa1e97697a6ab196c5224bbc70d9c8.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-2998235150,P-326665,FLS-ALL
age: 577344
cf-polished: origFmt=png, origSize=6663
edge-cache-tag: F-2998235150,P-326665,FLS-ALL
status: 200
content-disposition: inline; filename="phishlabs_logo_dark.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
x-amz-request-id: 3335F037797B7479
cf-request-id: 0611946fa300002b890a3c3000000001
x-cache: RefreshHit from cloudfront
accept-ranges: bytes
last-modified: Sun, 08 Oct 2017 12:45:50 GMT
server: cloudflare
etag: "14396310173b5d3c23cc3b932604f636"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
x-amz-id-2: K+l1mMiaDKbXPBPScaZEnKOBTHApMmRz3XODYA516DFhJMBIiXbG3Vhr4AGg8YY5NcGOq5x6ABE=
cf-bgj: imgq:85,h2pri
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: reLKUvLMvD4lGJzL2tFZjjHwErvcDzGh
x-amz-cf-pop: MXP64-C2
content-length: 4074
cf-ray: 5e95f02c3e362b89-FRA
x-amz-cf-id: NX1YDg4ALO-6dVa_XXFjamMnOOtRfLcxa-qKMs97H9vUxUA_2Javkw==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 facebook-24x24.png
static.hubspot.com/final/img/common/icons/social/ 805 B
923 B 26ms
17ms Image
image/png 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.hubspot.com/final/img/common/icons/social/facebook-24x24.png

Requested by

Host: info.phishlabs.com
URL: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd82530897a8eceb7dbafc2d3de217d1d0e5cc5aec39a0d0c37f3aa8b5a2c6f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 16:12:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1058935
status: 200
content-length: 805
cf-request-id: 0611946fa90000074681863000000001
last-modified: Mon, 16 Jan 2012 16:31:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 5e95f02c4d160746-FRA
expires: Thu, 28 Oct 2021 22:01:10 GMT

GET
H2 200 linkedin-24x24.png
static.hubspot.com/final/img/common/icons/social/ 2 KB
2 KB 27ms
18ms Image
image/png 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.hubspot.com/final/img/common/icons/social/linkedin-24x24.png

Requested by

Host: info.phishlabs.com
URL: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb4da57439fc6e37cf864ae6498a5cc2ce419777ecb95c1edd6afeb9142267d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 16:12:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 768925
status: 200
content-length: 2348
cf-request-id: 0611946fa90000074669bb1000000001
last-modified: Tue, 25 Jun 2013 20:47:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 5e95f02c4d140746-FRA
expires: Thu, 28 Oct 2021 22:01:10 GMT

GET
H2 200 twitter-24x24.png
static.hubspot.com/final/img/common/icons/social/ 2 KB
2 KB 23ms
14ms Image
image/png 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.hubspot.com/final/img/common/icons/social/twitter-24x24.png

Requested by

Host: info.phishlabs.com
URL: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72c17c028cb82a7044544696b9ab7bcb5065912cf9322d72837e38aa396a7f2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 16:12:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1054121
status: 200
content-length: 1896
cf-request-id: 0611946fa90000074657a2f000000001
last-modified: Wed, 19 Dec 2012 16:31:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 5e95f02c4d0e0746-FRA
expires: Thu, 28 Oct 2021 22:01:10 GMT

GET
H2 200 email-24x24.png
static.hubspot.com/final/img/common/icons/social/ 590 B
708 B 18ms
18ms Image
image/png 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.hubspot.com/final/img/common/icons/social/email-24x24.png

Requested by

Host: info.phishlabs.com
URL: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae79cb1248fc7296b3b68fe4a77fd5bd51be17a0f6405692cf6cfeafcff145da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 16:12:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 438292
status: 200
content-length: 590
cf-request-id: 0611946fb80000074643203000000001
last-modified: Mon, 10 Sep 2012 23:31:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 5e95f02c5d680746-FRA
expires: Thu, 28 Oct 2021 22:01:10 GMT

GET
H2 200 Look-alike%20Domains%20Webinar%20-%20Resources%20img.jpg
info.phishlabs.com/hs-fs/hubfs/ 15 KB
16 KB 49ms
47ms Image
image/webp 2606:4700::6811:81b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://info.phishlabs.com/hs-fs/hubfs/Look-alike%20Domains%20Webinar%20-%20Resources%20img.jpg?width=284&name=Look-alike%20Domains%20Webinar%20-%20Resources%20img.jpg
Requested by: Host: info.phishlabs.com
URL: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:81b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b565437b4f7cc22d9d5d5f85c647833d1bba3bc240b6952b32aa739be4cef66

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-request-id: 0611946fbe00002b894b959000000001
age: 2008
x-amz-server-side-encryption: AES256
edge-cache-tag: F-35877426918,P-326665,FLS-ALL
status: 200
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="Look-alike%20Domains%20Webinar%20-%20Resources%20img.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
cf-bgj: imgq:85,h2pri
etag: "6f4a74ec76ea1b14f4f1d74fd3e0794f"
vary: Accept, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1602246591687
content-type: image/webp
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11
date: Wed, 28 Oct 2020 16:12:24 GMT
via: 1.1 c9bc0840da506c3f9fd4715a063463a7.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=103924
x-cache: RefreshHit from cloudfront
x-amz-meta-index-tag: all
content-length: 15430
last-modified: Fri, 09 Oct 2020 12:29:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 5e95f02c6ec72b89-FRA
x-amz-cf-id: _aU4TzQJy_q_060DjrclhRGHGvtZEzzodzP-O9KmQxmU2NUf7eKL5g==

GET
H2 200 PhishLabs-June2015-main.js Show response
info.phishlabs.com/hs-fs/hub/326665/hub_generated/template_assets/2989234608/1569730873677/Coded_files/Custom/page/PhishLabs-June2015-theme/ 3 KB
1 KB 32ms
28ms Script
application/javascript 2606:4700::6811:81b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://info.phishlabs.com/hs-fs/hub/326665/hub_generated/template_assets/2989234608/1569730873677/Coded_files/Custom/page/PhishLabs-June2015-theme/PhishLabs-June2015-main.js
Requested by: Host: info.phishlabs.com
URL: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:81b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3277e215cde3d4471a195d6ff796768ee89c7852008fa552c3975c4ee775f41

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 16:12:24 GMT
via: 1.1 6b7e1e42d74fd61097787cc6c1a37c35.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 2008
x-cache: RefreshHit from cloudfront
status: 200
x-amz-cf-pop: IAD89-C1
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 5
content-encoding: br
x-amz-request-id: B22DAA84047D0FEC
x-amz-id-2: uuJ9YJ6H/OM1D72riOQrPJ/fYJgSJgOr0OKCPKIFOA02Or+KNqkES0Ffz7CEoL6kPUUEVasI2us=
last-modified: Sun, 29 Sep 2019 04:21:14 GMT
server: cloudflare
etag: W/"0eb40f8b0b2b645d5f8b304df2dc705d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: s-maxage=7200, max-age=7200, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: Xg1GtYdiWKEuB_ZwwK6Yw3RnqVRZ8FTs
cf-request-id: 0611946fa200002b892da31000000001
cf-ray: 5e95f02c3e2d2b89-FRA
x-amz-cf-id: KvEHwhRQ6r8UePAIoNwdp-8uIGFSTWGYBBKBTCRohFOozPx-boabXA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 5

GET
H/1.1 200
OK live.js Show response
stats.sa-as.com/ 1 KB
938 B 650ms
158ms Script
text/javascript 209.128.119.150
BAYAREA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.sa-as.com/live.js
Requested by: Host: info.phishlabs.com
URL: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.128.119.150 , United States, ASN7151 (BAYAREA-AS, US),
Reverse DNS: 209-128-119-150.bayarea.net
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 44b7fb6f761a2e8bf64400e3311c4c4bf343e888ee1b8bbf125881c4617ed70f

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 28 Oct 2020 16:12:24 GMT
Content-Encoding: gzip
Last-Modified: Fri, 14 Apr 2017 20:48:27 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "2800c0-52e-54d2690345cc0"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 630

GET
H2 200 326665.js Show response
info.phishlabs.com/hs/scriptloader/ 2 KB
621 B 431ms
430ms Script
application/javascript 2606:4700::6811:81b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://info.phishlabs.com/hs/scriptloader/326665.js
Requested by: Host: info.phishlabs.com
URL: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:81b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 099adac59986456b230e31afe8c2fb56c88905a47300df8ecd5e04bd11579e28

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 16:12:24 GMT
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
x-trace: 2B863130C87A93533CF768F5C1FDB2B34EA2D66802000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
status: 200
access-control-max-age: 3600
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 5e95f02c6ed52b89-FRA
cf-request-id: 0611946fc000002b8902bec000000001
expires: Wed, 28 Oct 2020 16:13:24 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 29 KB
11 KB 35ms
31ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: info.phishlabs.com
URL: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

fa7c2cd8fa0196bca6e808ed4259571ad5ff7372f37de837a16fd90aaca7e51d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 16:12:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11440
x-xss-protection: 0
server: cafe
etag: 2885770095241673848
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 28 Oct 2020 16:12:24 GMT

GET
H2 200 / Show response
load.sumome.com/ 2 KB
2 KB 77ms
23ms Script
text/javascript 62.113.194.12
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumome.com/
Requested by: Host: info.phishlabs.com
URL: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.113.194.12 Hamburg, Germany, ASN47447 (TTM, DE),
Reverse DNS: edge-481.b-cdn.net
Software: BunnyCDN-DE1-481 /
Resource Hash: 0c30678ce61936db0d9405256fc6d328eb49d38614d1650a3678a32ebb3b943c

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 16:12:24 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: DAB09AE9B177F609
status: 200
cdn-cachedat: 2020-10-23 16:20:26
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: CcJjIvRaRjhWqu8tdNj0T8kCQr2IBQ5WE4gehSO1bchznqTtTlhotMVOKAxORjfKZ7qD7E0JYYs=
access-control-allow-origin: *
last-modified: Fri, 23 Oct 2020 16:20:12 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=600
cdn-requestid: 99fd7f9b176acc352de328268ac287cf
cdn-requestcountrycode: BE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 swap.js Show response
cdn.callrail.com/companies/183982884/39c56d681fb32ea35c56/12/ 32 B
312 B 322ms
108ms Script
text/javascript 52.205.51.47
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.callrail.com/companies/183982884/39c56d681fb32ea35c56/12/swap.js
Requested by: Host: info.phishlabs.com
URL: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.51.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-51-47.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: d18beba8a6db32dd84b24258cf6542acca7684b030e529ef2977198993400c4b

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-runtime: 0.005007
date: Wed, 28 Oct 2020 16:12:24 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
etag: W/"d18beba8a6db32dd84b24258cf6542ac"
content-type: text/javascript; charset=utf-8
status: 200, 200 OK
cache-control: max-age=3600, public
timing-allow-origin: *
x-request-id: 6c761288-14a1-453c-9fc7-29f0302f8ea7

GET
H2 200 9f609f1a.min.js Show response
tag.demandbase.com/ 58 KB
16 KB 591ms
454ms Script
application/javascript 65.9.190.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.demandbase.com/9f609f1a.min.js
Requested by: Host: info.phishlabs.com
URL: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.190.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 63110ca5c68b0212db7273842b16a1514b4c57285cff6287cc774b485ebd9c81

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 9S7lBsvDQIBineH5xMKRsLozZLiIrPxI
content-encoding: gzip
last-modified: Thu, 03 Sep 2020 14:18:20 GMT
server: AmazonS3
x-amz-cf-pop: ZAG50-C1
etag: "496d0e79e4a26cab133d0d679223bf4e"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=utf-8
status: 200
cache-control: public, max-age=3600
date: Wed, 28 Oct 2020 16:12:25 GMT
x-amz-cf-id: UAeBDNckk2i7N6tMlacOrNfjTq9QIoZFHZhL8tvRxqalPVDlELTJIw==
via: 1.1 384bf15c1ac91d451725d766417680b1.cloudfront.net (CloudFront)

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 85 KB
33 KB 29ms
29ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5JL2H9R

Requested by

Host: info.phishlabs.com
URL: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4a02e2f912e8cbfe242c3fe025125b3e16a8d168a273ce4fe2ff8ea88dc6f500

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 16:12:24 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33262
x-xss-protection: 0
last-modified: Wed, 28 Oct 2020 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 28 Oct 2020 16:12:24 GMT

GET
H2 200 css
fonts.googleapis.com/ 32 KB
1 KB 17ms
16ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,300,200,200italic,300italic,400italic,600,600italic,700,700italic,900,900italic

Requested by

Host: info.phishlabs.com
URL: https://info.phishlabs.com/hs-fs/hub/326665/hub_generated/template_assets/2963421206/1594316264985/Coded_files/Custom/page/PhishLabs-June2015-theme/PhishLabs-June2015-style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5b717115900ddbb7f7a8797aad15ad75a7271740d479efc319a1fc62377b2da1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://info.phishlabs.com/hs-fs/hub/326665/hub_generated/template_assets/2963421206/1594316264985/Coded_files/Custom/page/PhishLabs-June2015-theme/PhishLabs-June2015-style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 28 Oct 2020 16:12:24 GMT
server: ESF
date: Wed, 28 Oct 2020 16:12:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 28 Oct 2020 16:12:24 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
639 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e87bfde8bd7a1a7ca26e8667ce624108b0fe20145e2f9b35a0d8d07db8b3c49d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://info.phishlabs.com/hs-fs/hub/326665/hub_generated/template_assets/2963421206/1594316264985/Coded_files/Custom/page/PhishLabs-June2015-theme/PhishLabs-June2015-style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 28 Oct 2020 15:04:30 GMT
server: ESF
date: Wed, 28 Oct 2020 16:12:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 28 Oct 2020 16:12:24 GMT

GET
H2 200 child-arrow.png
info.phishlabs.com/hubfs/Phishlabs-Images/ 148 B
676 B 29ms
29ms Image
image/png 2606:4700::6811:81b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://info.phishlabs.com/hubfs/Phishlabs-Images/child-arrow.png
Requested by: Host: info.phishlabs.com
URL: https://info.phishlabs.com/hs-fs/hub/326665/hub_generated/template_assets/2963421206/1594316264985/Coded_files/Custom/page/PhishLabs-June2015-theme/PhishLabs-June2015-style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:81b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33e82ba39c830ab1013da57a37b561989cfdd0fe4ef30b8f4af27b97c94f5026

Request headers

Referer: https://info.phishlabs.com/hs-fs/hub/326665/hub_generated/template_assets/2963421206/1594316264985/Coded_files/Custom/page/PhishLabs-June2015-theme/PhishLabs-June2015-style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 16:12:24 GMT
via: 1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-2981316494,P-326665,FLS-ALL
age: 1165037
cf-polished: status=not_needed
edge-cache-tag: F-2981316494,P-326665,FLS-ALL
status: 200
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
x-amz-request-id: 26A5259B1AB6A5B2
cf-request-id: 0611946fec00002b89300ac000000001
accept-ranges: bytes
last-modified: Sun, 08 Oct 2017 12:45:48 GMT
server: cloudflare
etag: "e279749aaf8ed40c3fe8e7d158f65d95"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-amz-id-2: y/6eAo30Q3N9TzeKdHET9wMGiahf4NGeFV2ZFa5agB1A9flQkYM2RgI/O0NBFMUbGcGROf7TwvE=
cf-bgj: imgq:85,h2pri
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: nU3KKmgC6mORZCONxKTQGFMKk.NA341c
x-amz-cf-pop: FRA6-C1
content-length: 148
cf-ray: 5e95f02cafc52b89-FRA
x-amz-cf-id: Aq_p8oFrP2E7qSXdkE2rRFKL6y5cYgu4Kvc2FWA8aleyDrt05NY1zA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 Header-plush-icon.png
info.phishlabs.com/hubfs/Phishlabs-Images/ 84 B
724 B 36ms
35ms Image
image/webp 2606:4700::6811:81b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://info.phishlabs.com/hubfs/Phishlabs-Images/Header-plush-icon.png
Requested by: Host: info.phishlabs.com
URL: https://info.phishlabs.com/hs-fs/hub/326665/hub_generated/template_assets/2963421206/1594316264985/Coded_files/Custom/page/PhishLabs-June2015-theme/PhishLabs-June2015-style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:81b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 901c52edb6d8e9070085905253e18b4c89ca43b1a6fb7374e0ede99fe8b2fe94

Request headers

Referer: https://info.phishlabs.com/hs-fs/hub/326665/hub_generated/template_assets/2963421206/1594316264985/Coded_files/Custom/page/PhishLabs-June2015-theme/PhishLabs-June2015-style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 16:12:24 GMT
via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-3083939123,P-326665,FLS-ALL
age: 1200437
cf-polished: origFmt=png, origSize=103
edge-cache-tag: F-3083939123,P-326665,FLS-ALL
status: 200
content-disposition: inline; filename="Header-plush-icon.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
x-amz-request-id: 244D86CD530EB496
cf-request-id: 0611946fec00002b89643a3000000001
x-cache: RefreshHit from cloudfront
accept-ranges: bytes
last-modified: Sun, 08 Oct 2017 12:45:59 GMT
server: cloudflare
etag: "c94fef87daa63faae41714a2b3e3df26"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
x-amz-id-2: 68TArWWJnrQV41rF27mKaRNwCT4q/VAmVhvt5ovmb1ILluT1wpAwbGJT97pmYHPcygw/D4Apfsk=
cf-bgj: imgq:85,h2pri
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: YZC5IdTNENJEiyVVY4bDX8n6mFF_dHAG
x-amz-cf-pop: DUS51-C1
content-length: 84
cf-ray: 5e95f02cafc82b89-FRA
x-amz-cf-id: ARIdnvyf4X3-rFelBf_5mNRF3meamrItePM7cIcOvXqNrrzaeb-m1g==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://info.phishlabs.com
Referer: https://fonts.googleapis.com/css?family=Montserrat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 11:20:42 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:14 GMT
server: sffe
age: 17502
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13708
x-xss-protection: 0
expires: Thu, 28 Oct 2021 11:20:42 GMT

GET
H2 200 rss.png
info.phishlabs.com/hubfs/Phishlabs-Images/ 520 B
1 KB 35ms
35ms Image
image/webp 2606:4700::6811:81b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://info.phishlabs.com/hubfs/Phishlabs-Images/rss.png
Requested by: Host: info.phishlabs.com
URL: https://info.phishlabs.com/hs-fs/hub/326665/hub_generated/template_assets/2963421206/1594316264985/Coded_files/Custom/page/PhishLabs-June2015-theme/PhishLabs-June2015-style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:81b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d01bd8a88346497a1af35f635c4ce5a9b976b72d6400336bb7cb4bd283640a0e

Request headers

Referer: https://info.phishlabs.com/hs-fs/hub/326665/hub_generated/template_assets/2963421206/1594316264985/Coded_files/Custom/page/PhishLabs-June2015-theme/PhishLabs-June2015-style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 16:12:24 GMT
via: 1.1 b6fbc074b6a76c1767be39d5e3a2839a.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-3095748102,P-326665,FLS-ALL
age: 576963
cf-polished: origFmt=png, origSize=608
edge-cache-tag: F-3095748102,P-326665,FLS-ALL
status: 200
content-disposition: inline; filename="rss.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
x-amz-request-id: B8D60ED0789FB66C
cf-request-id: 061194702a00002b89023d9000000001
x-cache: Miss from cloudfront
accept-ranges: bytes
last-modified: Sun, 08 Oct 2017 12:46:01 GMT
server: cloudflare
etag: "a5b05bbf28f294b02efd942a4e5ab806"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
x-amz-id-2: PhGZKjDALRK/wsLu7EuCECpC2Pu3xdENUfJfXGe5MS7FvBXIFi1A9+bp9bPeH/CtWQqFGP2X19I=
cf-bgj: imgq:85,h2pri
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: pb8GdwA9_atyNQ2T12N8q2D9x4SbtM4i
x-amz-cf-pop: MXP64-C2
content-length: 520
cf-ray: 5e95f02d08e12b89-FRA
x-amz-cf-id: Ky3NI16LN6h7QvbYu-PrtzI3YmelYsk4aPX9Xu45PE8hthgCO24lgg==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H3-Q050 200 JTUSjIg1_i6t8kCHKm459W1hyyTh89ZNpQ.woff2
fonts.gstatic.com/s/montserrat/v15/ 8 KB
8 KB 34ms
20ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459W1hyyTh89ZNpQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1529224e7f0d1dbb6cb34912d804e6bdcb2e7a6dff585eae58f53771ef544475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://info.phishlabs.com
Referer: https://fonts.googleapis.com/css?family=Montserrat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 11:23:13 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:59 GMT
server: sffe
age: 17351
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8108
x-xss-protection: 0
expires: Thu, 28 Oct 2021 11:23:13 GMT

GET
H/1.1 200
OK tracking.js Show response
trk.techtarget.com/ 4 KB
2 KB 190ms
121ms Script
text/javascript 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://trk.techtarget.com/tracking.js
Requested by: Host: info.phishlabs.com
URL: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 8b51552f523ecd57ca4f82df5ab10610349f91cacb7c0f72d0290bed3cc37e4e

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 28 Oct 2020 16:12:24 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Jun 2019 20:11:17 GMT
Server: PWS/8.3.1.0.8
Age: 260
X-Ws-Request-Id: 5f999868_PSdgflkfFRA1je9_45653-13608
Content-Type: text/javascript
Via: 1.1 VMmgnyNY3vz67:3 (W), 1.1 PSdgflkfFRA1hb199:0 (W), 1.1 PSdgflkfFRA1yq93:11 (W)
Cache-Control: max-age=600
X-Cache-Spec: Yes
X-Px: ht PSdgflkfFRA1yq93FRA
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1711
Expires: Wed, 28 Oct 2020 16:18:04 GMT

GET
H2 200 ed24ed60-7f2c-4a12-95b8-b9faed1dec64 Show response
info.phishlabs.com/_hcms/forms/embed/v3/form/326665/ 19 KB
4 KB 155ms
154ms Script
application/javascript 2606:4700::6811:81b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.phishlabs.com/_hcms/forms/embed/v3/form/326665/ed24ed60-7f2c-4a12-95b8-b9faed1dec64?callback=hs_reqwest_0&hutk=

Requested by

Host: info.phishlabs.com
URL: https://info.phishlabs.com/_hcms/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:81b4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a7a08cd848a19fc590f04369ee18e0ac67100549af4f945a4f7710a91841b90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 16:12:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
status: 200
content-disposition: attachment; filename=no-rfd.txt
vary: Accept-Encoding
cf-request-id: 061194709e00002b892da4f000000001
server: cloudflare
x-trace: 2BDD6EC3A6D66E36398879CA9A1DC9C713FF5B8FD6000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript;charset=utf-8
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 5e95f02dcaed2b89-FRA

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1003980311/ 2 KB
1 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1003980311/?random=1603901544523&cv=9&fst=1603901544523&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Finfo.phishlabs.com%2Fwebinar-look-alike-domains-bec-brand-abuse&tiba=Webinar%3A%20Look-alike%20Domains%2C%20BEC%2C%20and%20Brand%20Abuse&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88a5a17ef0f9b679c14de594a26d006b688d8d2e3e7fc080c792d2c559ce0d72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Oct 2020 16:12:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1026
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 72ms
23ms Script
application/x-javascript 104.109.95.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: info.phishlabs.com
URL: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.95.62 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a104-109-95-62.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Wed, 28 Oct 2020 16:12:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Aug 2020 03:11:00 GMT
Server: AkamaiNetStorage
ETag: "a67ed8ce0a86706b9f73a86806ce5bd3:1596597060.25158"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 752

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JL2H9R

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 1379
date: Wed, 28 Oct 2020 15:49:25 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Wed, 28 Oct 2020 17:49:25 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/159/ 11 KB
5 KB 30ms
30ms Script
application/x-javascript 104.109.95.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/159/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.95.62 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a104-109-95-62.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 28 Oct 2020 16:12:24 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 May 2020 02:24:14 GMT
Server: AkamaiNetStorage
ETag: "79274ffc293e4f76fc372b953f780d16:1588904654.430334"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4810
Expires: Fri, 05 Feb 2021 16:12:24 GMT

GET
H2 200 72.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 131 KB
44 KB 83ms
33ms Script
text/javascript 62.113.194.12
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/72.7e831236a32d6086ab3e.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.113.194.12 Hamburg, Germany, ASN47447 (TTM, DE),
Reverse DNS: edge-481.b-cdn.net
Software: BunnyCDN-DE1-481 /
Resource Hash: 73c748a03b271d7a4d7c1ed120f668653c1d7ed4632748920048ddcde2e6d759

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 16:12:24 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: DB8A7B876CF730C5
status: 200
cdn-cachedat: 2020-10-23 16:20:30
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: Wb8P1fdWl4crEi7odcTHNInmrWiA11JnGOZRzVdNEg/q/JNoO4rgmlsvpWPJ80Vnx54FGsjUcEk=
access-control-allow-origin: *
last-modified: Fri, 23 Oct 2020 16:19:48 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: bcd919ec54ccfa1b3c22f62669d2c313
cdn-requestcountrycode: BE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 73.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 289 KB
100 KB 93ms
43ms Script
text/javascript 62.113.194.12
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.113.194.12 Hamburg, Germany, ASN47447 (TTM, DE),
Reverse DNS: edge-481.b-cdn.net
Software: BunnyCDN-DE1-481 /
Resource Hash: f452c0a329f17acfb74497d9ddef4a0d5af4166d43da2a3824387fc71205cd4f

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 16:12:24 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: 7MBZ4K4Q6TBXBKDR
status: 200
cdn-cachedat: 2020-10-23 16:20:31
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: 15cIkDbQhY1pKAWtbL6xx21fVnirRNcpA8y12u6y/g4Kk1Sd35ehZGAc0WwJKXXuulDatshwdgk=
access-control-allow-origin: *
last-modified: Fri, 23 Oct 2020 16:19:49 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 6aad8e44908fb2f1341b67481b42815e
cdn-requestcountrycode: BE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
90 B 17ms
16ms XHR
text/plain 2a00:1450:400c:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-9152773-1&cid=744584906.1603901545&jid=1743567748&gjid=1000956859&_gid=616764111.1603901545&_u=YGBAgEABAAAAAE~&z=235206308

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 28 Oct 2020 16:12:24 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://info.phishlabs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
122 B 6ms
6ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j86&a=29571347&t=pageview&_s=1&dl=https%3A%2F%2Finfo.phishlabs.com%2Fwebinar-look-alike-domains-bec-brand-abuse&ul=en-us&de=UTF-8&dt=Webinar%3A%20Look-alike%20Domains%2C%20BEC%2C%20and%20Brand%20Abuse&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=1743567748&gjid=1000956859&cid=744584906.1603901545&tid=UA-9152773-1&_gid=616764111.1603901545&gtm=2wgae25JL2H9R&z=1683365413

Requested by

Host: info.phishlabs.com
URL: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Oct 2020 13:08:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11018
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1003980311/ 42 B
153 B 19ms
18ms Image
image/gif 2a00:1450:4001:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1003980311/?random=1603901544523&cv=9&fst=1603900800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Finfo.phishlabs.com%2Fwebinar-look-alike-domains-bec-brand-abuse&tiba=Webinar%3A%20Look-alike%20Domains%2C%20BEC%2C%20and%20Brand%20Abuse&fmt=3&is_vtc=1&random=1131109454&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: info.phishlabs.com
URL: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Oct 2020 16:12:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1003980311/ 42 B
153 B 21ms
21ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1003980311/?random=1603901544523&cv=9&fst=1603900800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Finfo.phishlabs.com%2Fwebinar-look-alike-domains-bec-brand-abuse&tiba=Webinar%3A%20Look-alike%20Domains%2C%20BEC%2C%20and%20Brand%20Abuse&fmt=3&is_vtc=1&random=1131109454&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: info.phishlabs.com
URL: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Oct 2020 16:12:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK visitWebPage Show response
130-bfb-942.mktoresp.com/webevents/ 2 B
311 B 511ms
101ms XHR
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://130-bfb-942.mktoresp.com/webevents/visitWebPage?_mchNc=1603901544636&_mchCn=&_mchId=130-BFB-942&_mchTk=_mch-phishlabs.com-1603901544636-76150&_mchHo=info.phishlabs.com&_mchPo=&_mchRu=%2Fwebinar-look-alike-domains-bec-brand-abuse&_mchPc=https%3A&_mchVr=159&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/159/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 28 Oct 2020 16:12:25 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 8e117d78-ce9f-4690-a9d4-50df20fd4d53

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
106 B 20ms
19ms Image
image/gif 2a00:1450:4001:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-9152773-1&cid=744584906.1603901545&jid=1743567748&_u=YGBAgEABAAAAAE~&z=697807160

Requested by

Host: info.phishlabs.com
URL: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Oct 2020 16:12:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
106 B 18ms
17ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-9152773-1&cid=744584906.1603901545&jid=1743567748&_u=YGBAgEABAAAAAE~&z=697807160

Requested by

Host: info.phishlabs.com
URL: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Oct 2020 16:12:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 965 B
761 B 8ms
7ms Script
application/x-javascript 2a02:26f0:eb:3a3::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: info.phishlabs.com
URL: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:eb:3a3::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 28 Oct 2020 16:12:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Sep 2020 22:01:48 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=30632
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 448

GET
H2 200 sl.js Show response
scout-cdn.salesloft.com/ 6 KB
3 KB 65ms
18ms Script
application/javascript 23.111.9.64
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://scout-cdn.salesloft.com/sl.js
Requested by: Host: info.phishlabs.com
URL: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.64 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: a959317813b70f3a91aceafa835bee05b1cf81ca27f7d2b7acbaed4a9c7a8762

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 16:12:24 GMT
content-encoding: gzip
last-modified: Mon, 27 Apr 2020 18:38:20 GMT
server: NetDNA-cache/2.2
x-amz-request-id: 1M0Q0M2T5WBK3MFY
etag: W/"f39a9ee69f7c11a788f004f2b71ace38"
x-cache: HIT
content-type: application/javascript
status: 200
x-amz-id-2: yeEg4chNBojrl4JXrkMVqiIyXvQBFa3sV5bFtxxpOWlVildDkLrwA9jcDZXhcngZZBNuyWOuLa8=

GET
H3-Q050 200 css
fonts.googleapis.com/ 2 KB
971 B 41ms
28ms Font
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e87bfde8bd7a1a7ca26e8667ce624108b0fe20145e2f9b35a0d8d07db8b3c49d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Origin: https://info.phishlabs.com
Referer: https://info.phishlabs.com/hs-fs/hub/326665/hub_generated/template_assets/2963421206/1594316264985/Coded_files/Custom/page/PhishLabs-June2015-theme/PhishLabs-June2015-style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 28 Oct 2020 14:51:52 GMT
server: ESF
date: Wed, 28 Oct 2020 16:12:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 28 Oct 2020 16:12:24 GMT

GET
H2 200 feed Show response
info.phishlabs.com/_hcms/rss/ 844 B
517 B 47ms
46ms XHR
application/json 2606:4700::6811:81b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://info.phishlabs.com/_hcms/rss/feed?feedId=aHR0cHM6Ly93d3cucGhpc2hsYWJzLmNvbS9mZWVkLw%3D%3D&limit=5&dateLanguage=ZW5fVVM%3D&dateFormat=c2hvcnQ%3D&zone=QW1lcmljYS9OZXdfWW9yaw%3D%3D&clickThrough=UmVhZCBtb3Jl&maxChars=200&property=link&property=title&hs-expires=1635055037&hs-version=2&hs-signature=AJ2IBuEWeE4c2z8aZQCGY13ldmQLUcPSTA
Requested by: Host: info.phishlabs.com
URL: https://info.phishlabs.com/hs/hsstatic/AsyncSupport/static-1.89/js/rss_listing_asset.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:81b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1da808fa2466cf8893cd082a9840bc7fa70c07faa859185554d8577de257b6f7

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray: 5e95f02e5caf2b89-FRA
date: Wed, 28 Oct 2020 16:12:24 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 2008
x-trace: 2B7C7ADD5146C001D311448E282D942950B7CADB39000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json;charset=utf-8
status: 200
access-control-allow-credentials: false
x-robots-tag: none
cf-request-id: 06119470f800002b89512ef000000001

GET
H2 200 feed Show response
info.phishlabs.com/_hcms/rss/ 764 B
486 B 24ms
23ms XHR
application/json 2606:4700::6811:81b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://info.phishlabs.com/_hcms/rss/feed?feedId=MzI2NjY1OjM1MzExOTc5NDow&limit=5&dateLanguage=ZW5fVVM%3D&dateFormat=c2hvcnQ%3D&zone=QW1lcmljYS9OZXdfWW9yaw%3D%3D&clickThrough=UmVhZCBtb3Jl&maxChars=200&property=link&property=title&hs-expires=1635055037&hs-version=2&hs-signature=AJ2IBuHb_V8mVgg9UGcC-ggRZVv5t6IjtQ
Requested by: Host: info.phishlabs.com
URL: https://info.phishlabs.com/hs/hsstatic/AsyncSupport/static-1.89/js/rss_listing_asset.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:81b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3973a838556b39da17d5ec4f312c1ff79ce0236f191eaedba866f603446189e7

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray: 5e95f02e5cb12b89-FRA
date: Wed, 28 Oct 2020 16:12:24 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 2008
x-trace: 2B39D49EA2192B744D85E75294D63633459B81E0F7000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json;charset=utf-8
status: 200
access-control-allow-credentials: false
x-robots-tag: none
cf-request-id: 06119470f800002b8949397000000001

GET
H2 204 has-permission Show response
app.hubspot.com/content-tools-menu/api/v1/tools-menu/ 0
121 B 113ms
111ms Script
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission?portalId=326665&callback=jsonpHandler

Requested by

Host: info.phishlabs.com
URL: https://info.phishlabs.com/hs/hsstatic/HubspotToolsMenu/static-1.79/js/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 16:12:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-trace: 2B1643870A709AE4CBC8E9AC8F36D1C76FD91B9B3B000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
status: 204
cache-control: max-age=0
access-control-allow-credentials: false
cf-ray: 5e95f02e5b970746-FRA
cf-request-id: 06119470fa00000746b239a000000001

GET
H/1.1 200
OK insight.beta.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 8ms
8ms Script
application/x-javascript 2a02:26f0:eb:3a3::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:eb:3a3::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 28 Oct 2020 16:12:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Sep 2020 22:01:48 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=40063
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1799

GET
H/1.1 200
OK activity.gif
apt.techtarget.com/activity/ 43 B
450 B 429ms
107ms Image
image/gif 206.19.49.24
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apt.techtarget.com/activity/activity.gif?activityTypeId=31&cid=16703113&version=2.0&ref=https%3A%2F%2Finfo.phishlabs.com%2Fwebinar-look-alike-domains-bec-brand-abuse&r=1603901544714
Requested by: Host: info.phishlabs.com
URL: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 206.19.49.24 , United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 28 Oct 2020 16:12:25 GMT
Last-Modified: Tue, 26 Mar 2019 18:30:29 GMT
ETag: "2b-5850384029cff"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=14
Content-Length: 43

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=27536&time=1603901544718&url=https%3A%2F%2Finfo.phishlabs.com%2Fwebinar-look-alike-domains-bec-brand-abuse
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D27536%26time%3D1603901544718%26url%3Dhttps%253A%252F%252Finfo.phishlabs.com%252Fw...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=27536&time=1603901544718&url=https%3A%2F%2Finfo.phishlabs.com%2Fwebinar-look-alike-domains-bec-brand-abuse&liSync=true

0
63 B

175ms
175ms

Image
application/javascript

2a05:f500:11:101::b93f:9005
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=27536&time=1603901544718&url=https%3A%2F%2Finfo.phishlabs.com%2Fwebinar-look-alike-domains-bec-brand-abuse&liSync=true
Requested by: Host: info.phishlabs.com
URL: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 16:12:25 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
status: 200
x-li-proto: http/2
x-li-pop: prod-tln1
content-type: application/javascript
content-length: 0
x-li-uuid: eaThHPUzQhYw740M6yoAAA==

Redirect headers

content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-content-type-options: nosniff
linkedin-action: 1
status: 302
content-length: 0
x-li-uuid: 2BT9E/UzQhaApVB0ZysAAA==
pragma: no-cache
x-li-pop: afd-prod-lor1
x-msedge-ref: Ref A: CF335F565AB0409FBC0FE22DBCD2A619 Ref B: FRAEDGE1514 Ref C: 2020-10-28T16:12:24Z
x-frame-options: sameorigin
date: Wed, 28 Oct 2020 16:12:25 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=2592000
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=27536&time=1603901544718&url=https%3A%2F%2Finfo.phishlabs.com%2Fwebinar-look-alike-domains-bec-brand-abuse&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 fontawesome-webfont.woff
cdn2.hubspot.net/hubfs/326665/Phishlabs-Fonts/ 43 KB
44 KB 56ms
41ms Font
application/font-woff 2606:4700::6811:f2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hubfs/326665/Phishlabs-Fonts/fontawesome-webfont.woff
Requested by: Host: info.phishlabs.com
URL: https://info.phishlabs.com/hs-fs/hub/326665/hub_generated/template_assets/2963421206/1594316264985/Coded_files/Custom/page/PhishLabs-June2015-theme/PhishLabs-June2015-style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849

Request headers

Origin: https://info.phishlabs.com
Referer: https://info.phishlabs.com/hs-fs/hub/326665/hub_generated/template_assets/2963421206/1594316264985/Coded_files/Custom/page/PhishLabs-June2015-theme/PhishLabs-June2015-style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 16:12:24 GMT
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-2970562277,P-326665,FLS-ALL
age: 1058885
edge-cache-tag: F-2970562277,P-326665,FLS-ALL
status: 200
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
content-encoding: br
x-amz-request-id: 0DBF634637A7DFED
cf-request-id: 061194715300002c0d5c2fb000000001
x-amz-id-2: fIDhai9mB72TaSFIra0eq+18BCQ4hPRvSzAhURoge/kuGeL23aHBbDLKbm25coaX4ygjKFBFeA0=
last-modified: Sun, 08 Oct 2017 12:45:47 GMT
server: cloudflare
etag: W/"3293616ec0c605c7c2db25829a0a509e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: Ufd7z4m.vpAxwa.3BN0r6ubaz9xC7c_e
x-amz-cf-pop: FRA50-C1
cf-ray: 5e95f02eed9f2c0d-FRA
x-amz-cf-id: G-Zvdj1QUygA2TC9UE1jznS1t6I69EGNJXnUPDTihSoeSxpUJPiSrg==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 r Show response
scout.salesloft.com/ 41 B
405 B 314ms
103ms XHR
application/json 54.165.164.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://scout.salesloft.com/r?tid=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0Ijo3MzgxfQ.wTFzhF-uZ32v817FJmU2XMNPhxmktsUmIa0fGBNQivQ

Requested by

Host: scout-cdn.salesloft.com
URL: https://scout-cdn.salesloft.com/sl.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.165.164.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-165-164-251.compute-1.amazonaws.com

Software

Resource Hash

e05ae076790852a21a47535d8a06e4ebdfc3079536d9c3f9f91d9f5b29303f0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 16:12:25 GMT
status: 200
strict-transport-security: max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://info.phishlabs.com
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 41
x-request-id: 26e8d88499042c502c38ef448693234b

GET
H2 200 326665.js Show response
js.hs-analytics.net/analytics/1603901400000/ 60 KB
18 KB 228ms
227ms Script
text/javascript 2606:4700::6811:45b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1603901400000/326665.js
Requested by: Host: info.phishlabs.com
URL: https://info.phishlabs.com/hs/scriptloader/326665.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:45b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74505f68a0d965a06a1c847a01b75009cde925fa9ca19b862bb468ce97b2761b

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 16:12:25 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: B21D507F8ADDAC94
x-amz-server-side-encryption: AES256
cf-ray: 5e95f02f1826323c-FRA
status: 200
x-amz-id-2: B8r/+vcc3rdm25pSQD0cVehUmdxoNF0sYwgEVefagRBF6GMKIFIa71WuPpUV2QIWicR1fGc1l/c=
last-modified: Mon, 19 Oct 2020 17:10:01 GMT
server: cloudflare
etag: W/"02c9449e9b831d4173284ceefde37a70"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-request-id: 06119471730000323c3e839000000001
content-type: text/javascript
expires: Wed, 28 Oct 2020 16:17:24 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 421 KB
72 KB 60ms
42ms Script
application/javascript 2606:4700::6811:eacc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: info.phishlabs.com
URL: https://info.phishlabs.com/hs/scriptloader/326665.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:eacc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dde04d4c6101f721beb7b725504125d1103debe5427e9cf6816be90d83f04480

Request headers

Origin: https://info.phishlabs.com
Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 16:12:24 GMT
via: 1.1 d4b41c13595dcfd327649d8cdea72ce8.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 50008
x-amz-server-side-encryption: AES256
cf-ray: 5e95f02f3b4c177a-FRA
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 06119471840000177af4393000000001
last-modified: Wed, 21 Oct 2020 11:05:54 UTC
server: cloudflare
etag: W/"16d8f096f5ab0f797a7dfd1c482da004"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: ZdCnXXI0Xvf686WRRW7HIB_l.noC9TOr
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-amz-cf-pop: IAD89-C3
content-type: application/javascript; charset=utf-8
x-amz-cf-id: qQGv-Chz9N5yFA3tjk27dFlKXkjpHD7ZsrySw1rBIshDcBAInYiHOg==

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
2 KB 18ms
17ms Script
application/javascript 2606:4700::6811:71b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: info.phishlabs.com
URL: https://info.phishlabs.com/hs/scriptloader/326665.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:71b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 242409fa576bcb5b1a71fef56b23678871ee7d04566ab52d02cac40901ed6953

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 16:12:24 GMT
via: 1.1 20f0d9cf6610f77242f5c592d2ecfd1d.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 86
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
content-encoding: br
content-type: application/javascript; charset=utf-8
cf-request-id: 061194717300000605d9ab3000000001
last-modified: Wed, 21 Oct 2020 12:53:35 UTC
server: cloudflare
etag: W/"ccf4c3930c4c7f11e70b8e920469c952"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: MfiKUsk1dHgHPpisLj.Sxbewlnw9Cy4F
cache-control: max-age=600
x-amz-cf-pop: IAD89-C3
cf-ray: 5e95f02f1c9b0605-FRA
x-amz-cf-id: a2cqV6I0l1ThSUJIpRk13aRm6_U9OIZfUYjxmRLpH3fYzcmB87atog==

GET
H2 200 326665.js Show response
js.hs-banner.com/ 46 KB
11 KB 60ms
59ms Script
text/javascript 2606:4700::6812:14bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/326665.js
Requested by: Host: info.phishlabs.com
URL: https://info.phishlabs.com/hs/scriptloader/326665.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a32eeb5c538e35e64e61796d8a0b83a15d9366ec2b79fef8d5fda696a9f4499d

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=U6RFfA==, md5=504/lx9KGO99Dkc/i2oeMw==
date: Wed, 28 Oct 2020 16:12:24 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-guploader-uploadid: ABg5-UwE6dww8K-tnObac8AKgBPzufL-ACU_F9AA5E5OE2CcnHfzqLPoM7OzQGiXzaHiHuOt-M1YWLxCXSKhjR3_uRyReEZyIw
x-goog-storage-class: STANDARD
status: 200
access-control-max-age: 604800
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: text/javascript; charset=UTF-8
cf-request-id: 06119471730000145a7b132000000001
timing-allow-origin: *
last-modified: Mon, 26 Oct 2020 16:47:00 GMT
server: cloudflare
etag: W/"e74e3f971f4a18ef7d0e473f8b6a1e33"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-goog-generation: 1603730820739067
access-control-allow-origin: https://www.phishlabs.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
x-goog-stored-content-length: 47053
cf-ray: 5e95f02f18b5145a-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Wed, 28 Oct 2020 16:17:24 GMT

GET
H2 200 ip.json Show response
api.company-target.com/api/v2/ 435 B
939 B 272ms
179ms XHR
application/json 65.9.190.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Finfo.phishlabs.com%2Fwebinar-look-alike-domains-bec-brand-abuse&page_title=Webinar%3A%20Look-alike%20Domains%2C%20BEC%2C%20and%20Brand%20Abuse&src=tag&key=62626ea9f76fb4146f721488bd7fca3c
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/9f609f1a.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.190.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: d4ea3e72d13f7392cf63396cfad6069a9c80d1b43f2de63b763cfec67d77540c

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 16:12:25 GMT
identification-source: CENTRAL
vary: Accept-Encoding, Origin
x-amz-cf-pop: ZAG50-C1
x-cache: Miss from cloudfront
status: 200
request-id: 4de98bc5-48bf-44ae-9364-6afb4d0e5f18
content-encoding: gzip
pragma: no-cache
access-control-allow-origin: https://info.phishlabs.com
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
via: 1.1 2fd9c5b0508a46d517c437af26a3a5c8.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5bMzMT4wQuhBQF01IELQOPhVQFWjxj4O5wBF0uh19Lf8x-DfiKDwZg==
expires: Tue, 27 Oct 2020 16:12:25 GMT

GET
H/1.1

200
OK

validateCookie
segments.company-target.com/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/demandbase
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
https://segments.company-target.com/log?vendor=choca&user_id=AAHES06_MzEAAA-t9K4KQA
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAHES06_MzEAAA-t9K4KQA&verifyHash=3ac1d022ab7f3035c5d93cb0a0b856739d975bcb

26 B
409 B

257ms
257ms

Image
image/gif

65.9.190.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAHES06_MzEAAA-t9K4KQA&verifyHash=3ac1d022ab7f3035c5d93cb0a0b856739d975bcb
Requested by: Host: info.phishlabs.com
URL: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.190.44 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 28 Oct 2020 16:12:25 GMT
Via: 1.1 f857c6fa23ed7b2d0b237aefe9c50960.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ZAG50-C1
Vary: Origin
X-Cache: Miss from cloudfront
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
trace-id: e12c3ead86746ba6
X-Amz-Cf-Id: vX6K9SNygngEGd--6b6mYnRbURGB5Zpiyv_LcDaR9NAdgyf7Qhpn4g==

Redirect headers

Date: Wed, 28 Oct 2020 16:12:25 GMT
Via: 1.1 f857c6fa23ed7b2d0b237aefe9c50960.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ZAG50-C1
Vary: Origin
X-Cache: Miss from cloudfront
Location: /validateCookie?vendor=choca&user_id=AAHES06_MzEAAA-t9K4KQA&verifyHash=3ac1d022ab7f3035c5d93cb0a0b856739d975bcb
Connection: keep-alive
trace-id: bcb5d4c721baf30d
Content-Length: 0
X-Amz-Cf-Id: Ryh6g4EOj-mkFBPA186lpfZqiDXY6DeE4VTcnifL899CP6d6SzwFOQ==

GET
H/1.1 200
OK index.php
stats.sa-as.com/ 95 B
403 B 483ms
167ms Image
image/png 209.128.119.150
BAYAREA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats.sa-as.com/index.php?DID=259092&MyPage=undefined&MyID=undefined&MySearch=undefined&TitleTag=Webinar%3A%20Look-alike%20Domains%2C%20BEC%2C%20and%20Brand%20Abuse&Hst=info.phishlabs.com&width=1600&height=1200&ColDep=24&Lang=en-US&Cook=true&Page=%2Fwebinar-look-alike-domains-bec-brand-abuse&Reff=&FullPage=https%3A%2F%2Finfo.phishlabs.com%2Fwebinar-look-alike-domains-bec-brand-abuse&PMCD=https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse&r=0.6083721969534939
Requested by: Host: info.phishlabs.com
URL: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.128.119.150 , United States, ASN7151 (BAYAREA-AS, US),
Reverse DNS: 209-128-119-150.bayarea.net
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 28 Oct 2020 16:12:25 GMT
Content-Encoding: gzip
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: close
Content-Type: IMAGE/PNG
Content-Length: 102

GET
H/1.1 200
OK index.php
stats.sa-as.com/ 95 B
348 B 647ms
166ms Image
image/png 209.128.119.150
BAYAREA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats.sa-as.com/index.php?DID=259092&MyPage=undefined&MyID=undefined&MySearch=undefined&TitleTag=Webinar%3A%20Look-alike%20Domains%2C%20BEC%2C%20and%20Brand%20Abuse&Hst=info.phishlabs.com&width=1600&height=1200&ColDep=24&Lang=en-US&Cook=true&Page=%2Fwebinar-look-alike-domains-bec-brand-abuse&Reff=&FullPage=https%3A%2F%2Finfo.phishlabs.com%2Fwebinar-look-alike-domains-bec-brand-abuse&PMCD=https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse&r=0.31793248818744213
Requested by: Host: info.phishlabs.com
URL: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.128.119.150 , United States, ASN7151 (BAYAREA-AS, US),
Reverse DNS: 209-128-119-150.bayarea.net
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 28 Oct 2020 16:12:25 GMT
Server: Apache/2.2.15 (CentOS)
Connection: close
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
X-Powered-By: PHP/5.3.3
Content-Length: 95
Content-Type: IMAGE/PNG

GET
H2 200 i Show response
scout.salesloft.com/ 48 B
513 B 103ms
103ms XHR
application/json 54.165.164.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://scout.salesloft.com/i

Requested by

Host: scout-cdn.salesloft.com
URL: https://scout-cdn.salesloft.com/sl.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.165.164.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-165-164-251.compute-1.amazonaws.com

Software

Resource Hash

537aa08c650939dd330df2412b7df411bad4464ae9c280050fd109e72ca6cf57

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 16:12:25 GMT
status: 200
strict-transport-security: max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://info.phishlabs.com
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 48
x-request-id: fdbde2374d745f3a62d3f56aff060e18

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
63 B 6ms
6ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j86&a=29571347&t=event&ni=1&_s=2&dl=https%3A%2F%2Finfo.phishlabs.com%2Fwebinar-look-alike-domains-bec-brand-abuse&ul=en-us&de=UTF-8&dt=Webinar%3A%20Look-alike%20Domains%2C%20BEC%2C%20and%20Brand%20Abuse&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Demandbase&ea=API%20Resolution&el=IP%20API&_u=aHBAgEABAAAAAE~&jid=&gjid=&cid=744584906.1603901545&tid=UA-9152773-1&_gid=616764111.1603901545&gtm=2wgae25JL2H9R&cd1=(Non-Company%20Visitor)&cd2=(Non-Company%20Visitor)&cd3=(Non-Company%20Visitor)&cd4=(Non-Company%20Visitor)&cd5=(Non-Company%20Visitor)&cd6=(Non-Company%20Visitor)&cd7=Bot&cd8=(Non-Company%20Visitor)&cd9=(Non-Company%20Visitor)&cd10=Brussels&cd11=BRU&cd12=Belgium&cd13=(Non-Company%20Visitor)&cd14=(Non-Company%20Visitor)&cd15=(Non-Company%20Visitor)&cd16=(Non-Company%20Visitor)&cd17=(Non-Company%20Visitor)&z=618251462

Requested by

Host: info.phishlabs.com
URL: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Oct 2020 13:08:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11019
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
sumo.com/api/load/ 845 B
1 KB 537ms
183ms XHR
application/json 52.38.14.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/api/load/

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.38.14.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-38-14-212.us-west-2.compute.amazonaws.com

Software

nginx/1.14.1 /

Resource Hash

712c31d5542919ca0252129dd8c65c6ca14d0fd607eca6bcbde0af8de1abc9ee

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 28 Oct 2020 16:12:26 GMT
vary: Origin, Accept-Encoding
server: nginx/1.14.1
status: 200
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://info.phishlabs.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 845

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
72 B 13ms
13ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=29571347&t=pageview&_s=1&dl=https%3A%2F%2Finfo.phishlabs.com%2Fwebinar-look-alike-domains-bec-brand-abuse&ul=en-us&de=UTF-8&dt=Webinar%3A%20Look-alike%20Domains%2C%20BEC%2C%20and%20Brand%20Abuse&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHDAAEABAAAAAG~&jid=1223150683&gjid=981046964&cid=744584906.1603901545&tid=UA-9152773-1&_gid=616764111.1603901545&_r=1&_slc=1&z=1883726366

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 28 Oct 2020 16:12:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://info.phishlabs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 130 B
368 B 112ms
112ms XHR
application/json 2606:4700::6811:c8cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=326665

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c8cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a20c151707fc1611e046a966810f52039e8d06219c90646848ff0cb040bfca1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 16:12:25 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-request-id: 06119474de000005d8683fe000000001
server: cloudflare
x-trace: 2B3595BAC6271EA86A89C6EA38BC20C83EFF6BDD80000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://info.phishlabs.com
access-control-allow-credentials: false
cf-ray: 5e95f034999c05d8-FRA
access-control-allow-headers: *

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
257 B 21ms
21ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=17&fi=ed24ed60-7f2c-4a12-95b8-b9faed1dec64&fci=f631c82c-abdf-454e-8231-da40eed691b6&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2978788718&v=1.1&a=326665&pi=35849326147&ct=landing-page&ccu=https%3A%2F%2Finfo.phishlabs.com%2Fwebinar-look-alike-domains-bec-brand-abuse&cpi=35849326147&lpi=35849326147&lvi=35849326147&pu=https%3A%2F%2Finfo.phishlabs.com%2Fwebinar-look-alike-domains-bec-brand-abuse&t=Webinar%3A+Look-alike+Domains%2C+BEC%2C+and+Brand+Abuse&cts=1603901545699&vi=ace63f811be1a756748615c7c53dfaa7&nc=true&u=61627571.ace63f811be1a756748615c7c53dfaa7.1603901545694.1603901545694.1603901545694.1&b=61627571.1.1603901545694

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray: 5e95f034bee70746-FRA
date: Wed, 28 Oct 2020 16:12:25 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI CUR ADM OUR NOR STA NID"
status: 200
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
content-length: 45
cf-request-id: 06119474ef0000074697a5b000000001
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
129 B 39ms
39ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=ed24ed60-7f2c-4a12-95b8-b9faed1dec64&fci=f631c82c-abdf-454e-8231-da40eed691b6&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2978788718&v=1.1&a=326665&pi=35849326147&ct=landing-page&ccu=https%3A%2F%2Finfo.phishlabs.com%2Fwebinar-look-alike-domains-bec-brand-abuse&cpi=35849326147&lpi=35849326147&lvi=35849326147&pu=https%3A%2F%2Finfo.phishlabs.com%2Fwebinar-look-alike-domains-bec-brand-abuse&t=Webinar%3A+Look-alike+Domains%2C+BEC%2C+and+Brand+Abuse&cts=1603901545706&vi=ace63f811be1a756748615c7c53dfaa7&nc=true&u=61627571.ace63f811be1a756748615c7c53dfaa7.1603901545694.1603901545694.1603901545694.1&b=61627571.1.1603901545694

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray: 5e95f034bee90746-FRA
date: Wed, 28 Oct 2020 16:12:25 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI CUR ADM OUR NOR STA NID"
status: 200
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
content-length: 45
cf-request-id: 06119474ef0000074696bbc000000001
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
129 B 24ms
23ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2978788718&v=1.1&a=326665&pi=35849326147&ct=landing-page&ccu=https%3A%2F%2Finfo.phishlabs.com%2Fwebinar-look-alike-domains-bec-brand-abuse&cpi=35849326147&lpi=35849326147&lvi=35849326147&pu=https%3A%2F%2Finfo.phishlabs.com%2Fwebinar-look-alike-domains-bec-brand-abuse&t=Webinar%3A+Look-alike+Domains%2C+BEC%2C+and+Brand+Abuse&cts=1603901545707&vi=ace63f811be1a756748615c7c53dfaa7&nc=true&u=61627571.ace63f811be1a756748615c7c53dfaa7.1603901545694.1603901545694.1603901545694.1&b=61627571.1.1603901545694

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray: 5e95f034beec0746-FRA
date: Wed, 28 Oct 2020 16:12:25 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI CUR ADM OUR NOR STA NID"
status: 200
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
content-length: 45
cf-request-id: 06119474f0000007465a2a6000000001
x-robots-tag: none

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
447 B 41ms
14ms XHR
text/plain 2a00:1450:400c:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-9152773-1&cid=744584906.1603901545&jid=1223150683&gjid=981046964&_gid=616764111.1603901545&_u=aHDAAEABAAAAAG~&z=2055326991

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 28 Oct 2020 16:12:25 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://info.phishlabs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 167 B
486 B 157ms
157ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=326665&utk=ace63f811be1a756748615c7c53dfaa7&__hstc=61627571.ace63f811be1a756748615c7c53dfaa7.1603901545694.1603901545694.1603901545694.1&__hssc=61627571.1.1603901545694&contentId=35849326147&currentUrl=https%3A%2F%2Finfo.phishlabs.com%2Fwebinar-look-alike-domains-bec-brand-abuse

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9adec45109f3cc270287a7547c174ead59633b7a964b8fbff18c411c0176bfeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 16:12:25 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-request-id: 06119474f6000005fdeebef000000001
x-robots-tag: none
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://info.phishlabs.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 5e95f034bd2605fd-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
25 B 13ms
13ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=29571347&t=event&ni=1&_s=1&dl=https%3A%2F%2Finfo.phishlabs.com%2Fwebinar-look-alike-domains-bec-brand-abuse&ul=en-us&de=UTF-8&dt=Webinar%3A%20Look-alike%20Domains%2C%20BEC%2C%20and%20Brand%20Abuse&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth%20(Engagement)&ea=25&el=https%3A%2F%2Finfo.phishlabs.com%2Fwebinar-look-alike-domains-bec-brand-abuse&ev=0&_u=aHDAAEABAAAAAG~&jid=1517824880&gjid=613349580&cid=744584906.1603901545&tid=UA-9152773-1&_gid=616764111.1603901545&_r=1&gtm=2wgae25JL2H9R&z=218247236

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 28 Oct 2020 16:12:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://info.phishlabs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 6ms
6ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j86&a=29571347&t=event&ni=1&_s=1&dl=https%3A%2F%2Finfo.phishlabs.com%2Fwebinar-look-alike-domains-bec-brand-abuse&ul=en-us&de=UTF-8&dt=Webinar%3A%20Look-alike%20Domains%2C%20BEC%2C%20and%20Brand%20Abuse&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth%20(Engagement)&ea=50&el=https%3A%2F%2Finfo.phishlabs.com%2Fwebinar-look-alike-domains-bec-brand-abuse&ev=0&_u=aHDAAEABAAAAAG~&jid=&gjid=&cid=744584906.1603901545&tid=UA-9152773-1&_gid=616764111.1603901545&gtm=2wgae25JL2H9R&z=1792634351

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Oct 2020 13:08:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11019
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
28 B 22ms
18ms XHR
text/plain 2a00:1450:400c:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-9152773-1&cid=744584906.1603901545&jid=1517824880&gjid=613349580&_gid=616764111.1603901545&_u=aHDAAEABAAAAAG~&z=67896822

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 28 Oct 2020 16:12:25 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://info.phishlabs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
87 B 17ms
17ms Image
image/gif 2a00:1450:4001:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-9152773-1&cid=744584906.1603901545&jid=1223150683&_u=aHDAAEABAAAAAG~&z=413693104

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Oct 2020 16:12:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.de/ads/ 42 B
87 B 18ms
18ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-9152773-1&cid=744584906.1603901545&jid=1223150683&_u=aHDAAEABAAAAAG~&z=413693104

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Oct 2020 16:12:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
64 B 19ms
18ms Image
image/gif 2a00:1450:4001:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-9152773-1&cid=744584906.1603901545&jid=1517824880&_u=aHDAAEABAAAAAG~&z=1077927105

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Oct 2020 16:12:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.de/ads/ 42 B
64 B 18ms
18ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-9152773-1&cid=744584906.1603901545&jid=1517824880&_u=aHDAAEABAAAAAG~&z=1077927105

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Oct 2020 16:12:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 94 KB
38 KB 60ms
46ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-698066554

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3819ab6c190ee33a0bcddb0cc2466ff7e2ebc1d2a3b1bfb3c0658c41a1c77049

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 16:12:25 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37952
x-xss-protection: 0
last-modified: Wed, 28 Oct 2020 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 28 Oct 2020 16:12:25 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 965 B
761 B 7ms
7ms Script
application/x-javascript 2a02:26f0:eb:3a3::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:eb:3a3::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 28 Oct 2020 16:12:25 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Sep 2020 22:01:48 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=30631
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 448

GET
H/1.1 200
OK insight.beta.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 7ms
7ms Script
application/x-javascript 2a02:26f0:eb:3a3::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:eb:3a3::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 28 Oct 2020 16:12:25 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Sep 2020 22:01:48 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=40062
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1799

GET
H3-Q050 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 30 KB
12 KB 39ms
24ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-698066554

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d232588001d2ec9548daf7016595f95e5c93c12ba52304fdc866a50ccc8d44ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 16:12:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11926
x-xss-protection: 0
server: cafe
etag: 1696345407682633036
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 28 Oct 2020 16:12:25 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/698066554/ 2 KB
2 KB 42ms
28ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698066554/?random=1603901545923&cv=9&fst=1603901545923&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oaae2&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Finfo.phishlabs.com%2Fwebinar-look-alike-domains-bec-brand-abuse&tiba=Webinar%3A%20Look-alike%20Domains%2C%20BEC%2C%20and%20Brand%20Abuse&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

166e8ffd3cdd32887aea00f87186008c941eda8cefc53932f74fce550e40c65a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Oct 2020 16:12:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1068
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/698066554/ 42 B
65 B 21ms
21ms Image
image/gif 2a00:1450:4001:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/698066554/?random=1603901545923&cv=9&fst=1603900800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oaae2&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Finfo.phishlabs.com%2Fwebinar-look-alike-domains-bec-brand-abuse&tiba=Webinar%3A%20Look-alike%20Domains%2C%20BEC%2C%20and%20Brand%20Abuse&async=1&fmt=3&is_vtc=1&random=4280684896&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Oct 2020 16:12:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/698066554/ 42 B
65 B 26ms
25ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/698066554/?random=1603901545923&cv=9&fst=1603900800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oaae2&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Finfo.phishlabs.com%2Fwebinar-look-alike-domains-bec-brand-abuse&tiba=Webinar%3A%20Look-alike%20Domains%2C%20BEC%2C%20and%20Brand%20Abuse&async=1&fmt=3&is_vtc=1&random=4280684896&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Oct 2020 16:12:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 services Show response
sumo.com/ 2 KB
1 KB 178ms
178ms XHR
application/json 52.38.14.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/services

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.38.14.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-38-14-212.us-west-2.compute.amazonaws.com

Software

nginx/1.14.1 /

Resource Hash

2944206e47f515a767693cbdc804a7f3d15007846119d8d030d93441e303d025

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
X-Sumo-Auth: 3LWFUrZqICDY5ops2uEGOmCq
Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 28 Oct 2020 16:12:26 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
server: nginx/1.14.1
status: 200
x-frame-options: SAMEORIGIN
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://info.phishlabs.com
access-control-allow-credentials: true
content-type: application/json; charset=utf-8

OPTIONS
H2 204 services
sumo.com/ 0
0 178ms
177ms Other 52.38.14.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sumo.com/services
Protocol: H2
Server: 52.38.14.212 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-38-14-212.us-west-2.compute.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-sumo-auth
Origin: https://info.phishlabs.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

status: 204
server: nginx/1.14.1
date: Wed, 28 Oct 2020 16:12:26 GMT
access-control-allow-origin: https://info.phishlabs.com
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-headers: pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
access-control-max-age: 2592000

GET
H2 200 7.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 97 KB
33 KB 36ms
35ms Script
text/javascript 62.113.194.12
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/7.7e831236a32d6086ab3e.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.113.194.12 Hamburg, Germany, ASN47447 (TTM, DE),
Reverse DNS: edge-481.b-cdn.net
Software: BunnyCDN-DE1-481 /
Resource Hash: c60b93effcbac344d2c30270e0d97323af0f64f43f3ac4d8abd486a875477169

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 16:12:26 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: EFAD72AE934F8B67
status: 200
cdn-cachedat: 2020-10-23 16:20:32
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: jw/ETwE8g/nVc4I58YE+a2eEobVZyql07RbaOHLMzRjX+GgXVsiJex9KHOBJ0Iht0QkebM6skYQ=
access-control-allow-origin: *
last-modified: Fri, 23 Oct 2020 16:19:46 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 5e7b505c6e76110dac39c020f7d1a885
cdn-requestcountrycode: BE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 4.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 5 KB
3 KB 28ms
27ms Script
text/javascript 62.113.194.12
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/4.7e831236a32d6086ab3e.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.113.194.12 Hamburg, Germany, ASN47447 (TTM, DE),
Reverse DNS: edge-481.b-cdn.net
Software: BunnyCDN-DE1-481 /
Resource Hash: 3f351eef4b0a3ccd70ff9d4239851252a0a6eba79471e530f9deec0b3421d132

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 16:12:26 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: 0DF052D558D82A2C
status: 200
cdn-cachedat: 2020-10-23 16:20:30
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: +pCCVGNtD3MIsgtc78dWzUqn2LiwSjwl23UPjht9NJf2pimm86qexz5dMAmU433c+3x27dfH+Bs=
access-control-allow-origin: *
last-modified: Fri, 23 Oct 2020 16:19:21 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: cf4b5066ed0dad471479c324ec3cb171
cdn-requestcountrycode: BE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 2.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 3 KB
2 KB 27ms
26ms Script
text/javascript 62.113.194.12
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/2.7e831236a32d6086ab3e.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.113.194.12 Hamburg, Germany, ASN47447 (TTM, DE),
Reverse DNS: edge-481.b-cdn.net
Software: BunnyCDN-DE1-481 /
Resource Hash: 5dc9d61931a73fa03b59af510868b7e89e4523df5a53935212ca8a9b31af0b8d

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 16:12:26 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: D54EE2247462E26B
status: 200
cdn-cachedat: 2020-10-23 16:20:30
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: mX+7UN7OzXXUbEizXuOav9jNidQjvqshi7qtVAPXziCLGuXswUomn19jPxYttwYo5GqIJaKZZ54=
access-control-allow-origin: *
last-modified: Fri, 23 Oct 2020 16:19:05 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 1502feaf5cc7be081b3452284632167b
cdn-requestcountrycode: BE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 10.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 11 KB
5 KB 28ms
27ms Script
text/javascript 62.113.194.12
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/10.7e831236a32d6086ab3e.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.113.194.12 Hamburg, Germany, ASN47447 (TTM, DE),
Reverse DNS: edge-481.b-cdn.net
Software: BunnyCDN-DE1-481 /
Resource Hash: 4b6753aef2f81a4813434523b259d9d19f368ae41cd40162bf0897bc4e334cb9

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 16:12:26 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: FA5D4E660058898D
status: 200
cdn-cachedat: 2020-10-23 16:20:32
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: PuhIR7t4TxR7yVmgBNo5QOKvsK54U/W9zt19qgVQUYL5N8nzGcmSGcCq5xOH29M5HRCC4Vsb7U8=
access-control-allow-origin: *
last-modified: Fri, 23 Oct 2020 16:18:51 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 313e938f98a9360525b229c6efe89ff5
cdn-requestcountrycode: BE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 22.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 92 KB
25 KB 28ms
27ms Script
text/javascript 62.113.194.12
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/22.7e831236a32d6086ab3e.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.113.194.12 Hamburg, Germany, ASN47447 (TTM, DE),
Reverse DNS: edge-481.b-cdn.net
Software: BunnyCDN-DE1-481 /
Resource Hash: 4c2a0a41bdbc55f5d0f74f367110639cb7fe35122a7a140846d1395d21609a6d

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 16:12:26 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: 952A025082763550
status: 200
cdn-cachedat: 2020-10-23 16:20:31
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: ckxZP9Q0LLiCZBLsHK9odE9LmK9H1XJDuRGSwAeYkSbIYpJO856lADTgD0HWA21b/amSj+7dQY4=
access-control-allow-origin: *
last-modified: Fri, 23 Oct 2020 16:19:07 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: d9b0629cb643b4d66761782d06c880ae
cdn-requestcountrycode: BE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 23.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 329 KB
94 KB 29ms
28ms Script
text/javascript 62.113.194.12
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/23.7e831236a32d6086ab3e.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.113.194.12 Hamburg, Germany, ASN47447 (TTM, DE),
Reverse DNS: edge-481.b-cdn.net
Software: BunnyCDN-DE1-481 /
Resource Hash: 36aecd4542cf4c62f3d0b0517e0e560aabd649e4efcfce254a95c5adeb388a5c

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 16:12:26 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: 2CE847A2CD17863D
status: 200
cdn-cachedat: 2020-10-23 16:20:31
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: LQB5S6e6jgRzigT3bjhM+tvret3EGH8Ya2j9xQJ3ElQ4/JVNGEaygQfSVLyB/vkqXYpxLQHq0Os=
access-control-allow-origin: *
last-modified: Fri, 23 Oct 2020 16:19:07 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: e483b9d3a5236a58cb48525933b353de
cdn-requestcountrycode: BE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 21.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 179 KB
51 KB 35ms
34ms Script
text/javascript 62.113.194.12
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/21.7e831236a32d6086ab3e.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.113.194.12 Hamburg, Germany, ASN47447 (TTM, DE),
Reverse DNS: edge-481.b-cdn.net
Software: BunnyCDN-DE1-481 /
Resource Hash: 967ff48c41053bf7c36f819b71ee6b509bd9971857397d74b41c75acc5bd27ae

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 16:12:26 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: E9D9E172F21D5D7F
status: 200
cdn-cachedat: 2020-10-23 16:20:31
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: T5V467KgN0SfZPBLOSTeD624YBuNkITzOCbIihW+c+4fd07jgtM7n685OOjSkjdGwwhR9i3V2qE=
access-control-allow-origin: *
last-modified: Fri, 23 Oct 2020 16:19:06 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 60fdb9c3125e83b2345d9267985e0cab
cdn-requestcountrycode: BE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 64.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 1 KB
1 KB 35ms
34ms Script
text/javascript 62.113.194.12
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/64.7e831236a32d6086ab3e.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.113.194.12 Hamburg, Germany, ASN47447 (TTM, DE),
Reverse DNS: edge-481.b-cdn.net
Software: BunnyCDN-DE1-481 /
Resource Hash: fe39eced72c33ae4c1b3bdd9843bc853265b9909040d41555faa02f62cb29ef2

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 16:12:26 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: 902877B1F7C2A315
status: 200
cdn-cachedat: 2020-10-23 16:20:30
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: 4mSZPeU7nLQNbrCk0BISlDrFUK0eRz5tskfyPifYjrwuKOEr+rTrsjtTbDB1tm12ImTRCoA0YK8=
access-control-allow-origin: *
last-modified: Fri, 23 Oct 2020 16:19:42 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: e8caab5abe4e71930a197432c3f6d56d
cdn-requestcountrycode: BE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 0.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 5 KB
3 KB 22ms
20ms Script
text/javascript 62.113.194.12
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/0.7e831236a32d6086ab3e.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.113.194.12 Hamburg, Germany, ASN47447 (TTM, DE),
Reverse DNS: edge-481.b-cdn.net
Software: BunnyCDN-DE1-481 /
Resource Hash: dd9c85c873b9b644468988e8165e079b0e747a550ce13fa3f7d0c1839b0fd503

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 16:12:26 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: EEF78FA0D8420361
status: 200
cdn-cachedat: 2020-10-23 16:20:30
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: FLytoG3RAIwZ9zDN3xkXCRtn+De+07HtWy3TKXrTe8kugeLbl9xW68tB6jk6O9DOqTfrzp8H/W8=
access-control-allow-origin: *
last-modified: Fri, 23 Oct 2020 16:18:50 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 04e7551cc46a9aacc35d6363cc3b521b
cdn-requestcountrycode: BE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 1.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 1 KB
2 KB 29ms
28ms Script
text/javascript 62.113.194.12
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/1.7e831236a32d6086ab3e.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.113.194.12 Hamburg, Germany, ASN47447 (TTM, DE),
Reverse DNS: edge-481.b-cdn.net
Software: BunnyCDN-DE1-481 /
Resource Hash: b5d439b0a1670a4a56384b0b48fcdfabef6e8a5124683f32c6913d1fe22e9563

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 16:12:26 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: 36E47D490D542E26
status: 200
cdn-cachedat: 2020-10-23 16:20:30
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: 95BpOX4lKcy5+e6D+WCGh2lrNp7nfEDLWaDibmTcJN4RU5ea/QR/vzNjLqpRZk5JejHtc5oBT/I=
access-control-allow-origin: *
last-modified: Fri, 23 Oct 2020 16:18:51 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 31bf5c14fe04c9aecf433e409c8e2b95
cdn-requestcountrycode: BE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 3.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 5 KB
2 KB 22ms
21ms Script
text/javascript 62.113.194.12
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/3.7e831236a32d6086ab3e.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.113.194.12 Hamburg, Germany, ASN47447 (TTM, DE),
Reverse DNS: edge-481.b-cdn.net
Software: BunnyCDN-DE1-481 /
Resource Hash: 9b9b439612eecd459a6edf2abfcf4ae252710e0069772b1b78c4970b3c0f1830

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 16:12:26 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: 3B0E29884673E278
status: 200
cdn-cachedat: 2020-10-23 16:20:32
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: 5jRV7FUh0xLooObpu851q017+sWGb/TtQYFishy/ZmqhSBH11RjxwN+UgcUOhmr3S8uXmFWLy5w=
access-control-allow-origin: *
last-modified: Fri, 23 Oct 2020 16:19:13 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 00a65ad03f08ff11d1c8978d7ea66dc6
cdn-requestcountrycode: BE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 11.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 438 KB
129 KB 22ms
22ms Script
text/javascript 62.113.194.12
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/11.7e831236a32d6086ab3e.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.113.194.12 Hamburg, Germany, ASN47447 (TTM, DE),
Reverse DNS: edge-481.b-cdn.net
Software: BunnyCDN-DE1-481 /
Resource Hash: a73a98563485541039998520eaa3f1b8475e8da1f9ae414a74c73df0d5f24f8a

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 16:12:26 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: 9FBE1C344BE30E39
status: 200
cdn-cachedat: 2020-10-23 16:20:30
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: SQz280N5Me4yEDfmJphOG4kUz+h4O0ePj1Gv1Iig1pwcLJ+b3oZGAREUAObpQ9l57kmGVYIDLt0=
access-control-allow-origin: *
last-modified: Fri, 23 Oct 2020 16:18:58 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 04d1a5b44c633f3b46086fd71946c317
cdn-requestcountrycode: BE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 15.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 711 KB
53 KB 28ms
27ms Script
text/javascript 62.113.194.12
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/15.7e831236a32d6086ab3e.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.113.194.12 Hamburg, Germany, ASN47447 (TTM, DE),
Reverse DNS: edge-481.b-cdn.net
Software: BunnyCDN-DE1-481 /
Resource Hash: e146694637c659ec76a75f2f92253956460decf38696b9f77d825dde8308efaa

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 16:12:26 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: 813E5CEC5DA7FB7F
status: 200
cdn-cachedat: 2020-10-23 16:20:33
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: Qsnm4xgcbL6nkhJEfo6L5H7JG0lZ7thbWP5PRijJIq+JZ9n7r577MZWgDSjwxJB4j0UuWPMPewQ=
access-control-allow-origin: *
last-modified: Fri, 23 Oct 2020 16:19:01 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 0ad486fd4b6ffe683f0447f2465288d0
cdn-requestcountrycode: BE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 96.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 1 MB
79 KB 21ms
21ms Script
text/javascript 62.113.194.12
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/96.7e831236a32d6086ab3e.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.113.194.12 Hamburg, Germany, ASN47447 (TTM, DE),
Reverse DNS: edge-481.b-cdn.net
Software: BunnyCDN-DE1-481 /
Resource Hash: 535f84cffe4a18de721d24bd0f6a46f059068d48daf2327d143e0397431cbb14

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 16:12:26 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: B543D042E8833448
status: 200
cdn-cachedat: 2020-10-23 16:20:31
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: 2TWKWOu1m9uOffIR+bZiarOn/WOPskUaxh19hISs59MQJEv56Es+/QSRmX3LDpmXOAuPDtb7n9s=
access-control-allow-origin: *
last-modified: Fri, 23 Oct 2020 16:20:07 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: e898a10077eff74f121b09ecdfb14eed
cdn-requestcountrycode: BE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 97.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 221 B
877 B 27ms
27ms Script
text/javascript 62.113.194.12
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/97.7e831236a32d6086ab3e.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.113.194.12 Hamburg, Germany, ASN47447 (TTM, DE),
Reverse DNS: edge-481.b-cdn.net
Software: BunnyCDN-DE1-481 /
Resource Hash: 71b3e9761dec1834f8152f030e564ed3ccee88e6f133764557faadbebf869c2d

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 16:12:26 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: B4C85E33366344CE
status: 200
cdn-cachedat: 2020-10-23 16:20:31
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: NajqjT3QlE71PB4yKLbJUXks7PVyVjdkCuyfw4caJZOY43RKOMpDNN+D5L6kX9SxQiWJQ/iseiw=
access-control-allow-origin: *
last-modified: Fri, 23 Oct 2020 16:20:08 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 90db30d4119852d5f12c9cd76c760a42
cdn-requestcountrycode: BE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H3-Q050 200 css
fonts.googleapis.com/ 25 KB
2 KB 44ms
29ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,200,300,400,500,600,700,800

Requested by

Host: info.phishlabs.com
URL: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a758040e3d48d51c8085342320827fceb7a23d282f0c29d8e3e3aa414ba5c39d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 28 Oct 2020 14:54:26 GMT
server: ESF
date: Wed, 28 Oct 2020 16:12:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 28 Oct 2020 16:12:26 GMT

OPTIONS
H2 200 rpc
clients6.google.com/ 0
0 39ms
18ms Other
text/plain 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://clients6.google.com/rpc?key=AIzaSyCKSbrvQasunBoV16zDH9R33D88CeLr9gQ

Protocol

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://info.phishlabs.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

status: 200
access-control-allow-origin: https://info.phishlabs.com
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,PATCH,POST,PUT
access-control-max-age: 3600
access-control-allow-headers: content-type
content-type: text/plain; charset=UTF-8
vary: Origin X-Origin
date: Wed, 28 Oct 2020 16:12:26 GMT
expires: Wed, 28 Oct 2020 16:12:26 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 0
server: GSE
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 / Show response
graph.facebook.com/ 251 B
638 B 62ms
46ms Script
text/javascript 2a03:2880:f01c:800e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=https%3A%2F%2Finfo.phishlabs.com%2Fwebinar-look-alike-domains-bec-brand-abuse&callback=jQuery110205197408693115826_1603901544753&_=1603901544754

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:800e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0438af1c10e08a49551436dc269f4d92627dd46304896823361c678c51e52778

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
www-authenticate: OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
status: 200
x-fb-rev: 1002895534
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 193
pragma: no-cache
x-fb-debug: 6qdaK+lNXCJfYY5hmwRtR43LHeIk2FOLrrZ9zF8W9LF0RYcyOQAaFI5WGeqG/EuviDcbo5Y5nR+TpPWbByV0ig==
x-fb-trace-id: HoB7DGoQNg/
date: Wed, 28 Oct 2020 16:12:26 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: Avipe_V60l0dZRr7k-dGzAj
cache-control: no-store
facebook-api-version: v3.2
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 links.getStats Show response
api.facebook.com/method/ 433 B
628 B 49ms
33ms Script
text/javascript 2a03:2880:f01c:800e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://api.facebook.com/method/links.getStats?urls=https%3A%2F%2Finfo.phishlabs.com%2Fwebinar-look-alike-domains-bec-brand-abuse&format=json&callback=jQuery110205197408693115826_1603901544755&_=1603901544756

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:800e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

664d46ddb67da5c59b04b2115dbbbeebafc2cb8912a3aba66ea7f33ac69c9adc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
status: 200
x-fb-rev: 1002895534
content-length: 266
pragma: no-cache
x-fb-debug: K662r8VDo3gdrD0u/DII4zLQUkFu3XjULVY2YJWmnwqQPDNvNz4MiEP5jNA3lqnNQPRkFeCRiith4ZKVfYNKhA==
x-fb-trace-id: HzWwIscfWsu
date: Wed, 28 Oct 2020 16:12:26 GMT
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
x-fb-request-id: A74lIGzNk7sy8PWbcykbDRr
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v3.2
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST rpc
clients6.google.com/ 0
0

GET
H2

200

button_info.json Show response
www.reddit.com/
Redirect Chain

https://reddit.com/button_info.json?url=https%3A%2F%2Finfo.phishlabs.com%2Fwebinar-look-alike-domains-bec-brand-abuse&jsonp=jQuery110205197408693115826_1603901544757&_=1603901544758
https://www.reddit.com/button_info.json?url=https%3A%2F%2Finfo.phishlabs.com%2Fwebinar-look-alike-domains-bec-brand-abuse&jsonp=jQuery110205197408693115826_1603901544757&_=1603901544758

149 B
613 B

194ms
139ms

Script
application/javascript

199.232.53.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reddit.com/button_info.json?url=https%3A%2F%2Finfo.phishlabs.com%2Fwebinar-look-alike-domains-bec-brand-abuse&jsonp=jQuery110205197408693115826_1603901544757&_=1603901544758

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.53.140 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

snooserv /

Resource Hash

29b4d10eb211357449f9eb2bff9a8c5d750f2e8a8d4e2370fa868d96f6da535b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 16:12:27 GMT
via: 1.1 varnish
x-content-type-options: nosniff
status: 200
content-length: 149
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
x-moose: majestic
server: snooserv
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: X-Moose
cache-control: private, s-maxage=0, max-age=0, must-revalidate, no-store, max-age=0, must-revalidate
accept-ranges: bytes
expires: -1

Redirect headers

date: Wed, 28 Oct 2020 16:12:26 GMT
via: 1.1 varnish
server: snooserv
status: 301
strict-transport-security: max-age=15552000; includeSubDomains; preload
location: https://www.reddit.com/button_info.json?url=https%3A%2F%2Finfo.phishlabs.com%2Fwebinar-look-alike-domains-bec-brand-abuse&jsonp=jQuery110205197408693115826_1603901544757&_=1603901544758
cache-control: private, max-age=3600
accept-ranges: bytes
content-length: 0
retry-after: 0

GET
H3-Q050 200 css
fonts.googleapis.com/ 25 KB
1 KB 15ms
15ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,200,300,400,500,600,700,800

Requested by

Host: info.phishlabs.com
URL: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a758040e3d48d51c8085342320827fceb7a23d282f0c29d8e3e3aa414ba5c39d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 28 Oct 2020 15:07:09 GMT
server: ESF
date: Wed, 28 Oct 2020 16:12:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 28 Oct 2020 16:12:26 GMT

OPTIONS
H2 204 features
sumo.com/api/site/b9cb287191e1f8ef3d5e690b33ebd1ef7f160e7dec1faf7d507e5aa51a5dc4c5/ 0
0 172ms
172ms Other 52.38.14.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sumo.com/api/site/b9cb287191e1f8ef3d5e690b33ebd1ef7f160e7dec1faf7d507e5aa51a5dc4c5/features?site_id=b9cb287191e1f8ef3d5e690b33ebd1ef7f160e7dec1faf7d507e5aa51a5dc4c5
Protocol: H2
Server: 52.38.14.212 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-38-14-212.us-west-2.compute.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-sumo-auth
Origin: https://info.phishlabs.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

status: 204
server: nginx/1.14.1
date: Wed, 28 Oct 2020 16:12:27 GMT
access-control-allow-origin: https://info.phishlabs.com
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-headers: pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
access-control-max-age: 2592000

GET
H2 200 features Show response
sumo.com/api/site/b9cb287191e1f8ef3d5e690b33ebd1ef7f160e7dec1faf7d507e5aa51a5dc4c5/ 3 KB
1 KB 181ms
180ms XHR
application/json 52.38.14.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/api/site/b9cb287191e1f8ef3d5e690b33ebd1ef7f160e7dec1faf7d507e5aa51a5dc4c5/features?site_id=b9cb287191e1f8ef3d5e690b33ebd1ef7f160e7dec1faf7d507e5aa51a5dc4c5

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.38.14.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-38-14-212.us-west-2.compute.amazonaws.com

Software

nginx/1.14.1 /

Resource Hash

6b694b92be25a5184c016031bee18ba083c78c93433c3de028d07a5ffa57fb73

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-Sumo-Auth: 3LWFUrZqICDY5ops2uEGOmCq

Response headers

date: Wed, 28 Oct 2020 16:12:27 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
server: nginx/1.14.1
status: 200
etag: "-1903556544"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://info.phishlabs.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow

POST
H2 200 jsonpcallback Show response
sumo.com/api/ 16 B
239 B 176ms
176ms XHR
application/json 52.38.14.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/api/jsonpcallback

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.38.14.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-38-14-212.us-west-2.compute.amazonaws.com

Software

nginx/1.14.1 /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 28 Oct 2020 16:12:27 GMT
vary: Origin, Accept-Encoding
server: nginx/1.14.1
status: 200
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://info.phishlabs.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 16

POST
H2 200 perf Show response
info.phishlabs.com/_hcms/ 2 B
173 B 158ms
158ms XHR
text/plain 2606:4700::6811:81b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://info.phishlabs.com/_hcms/perf
Requested by: Host: info.phishlabs.com
URL: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:81b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://info.phishlabs.com/webinar-look-alike-domains-bec-brand-abuse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/json

Response headers

cf-ray: 5e95f04748582b89-FRA
date: Wed, 28 Oct 2020 16:12:28 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-trace: 2B5EFCEB5E39C847679FE0080E1B146B9650C16CC1000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
status: 200
access-control-allow-credentials: false
x-robots-tag: none
content-length: 2
cf-request-id: 061194808b00002b890a1e7000000001

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: clients6.google.com
URL: https://clients6.google.com/rpc?key=AIzaSyCKSbrvQasunBoV16zDH9R33D88CeLr9gQ

Verdicts & Comments Add Verdict or Comment

150 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.phishlabs.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.phishlabs.com/	1970-01-19 22:53:17	Name: __hstc Value: 61627571.ace63f811be1a756748615c7c53dfaa7.1603901545694.1603901545694.1603901545694.1
info.phishlabs.com/	1970-01-21 09:19:41	Name: slirequested Value: true
info.phishlabs.com/	1970-01-21 09:19:41	Name: sliguid Value: 9570817f-4bdc-46cd-9de5-7cae6f2bdaf9
info.phishlabs.com/	1970-01-19 13:41:46	Name: slireg Value: https://scout.us1.salesloft.com
.phishlabs.com/	1970-01-19 13:31:43	Name: __hssc Value: 61627571.1.1603901545694
info.phishlabs.com/	1970-01-19 14:14:53	Name: __smVID Value: c5bbe1f958ca7830c9d712a95fe2c99d180ba91c4508380514299892a4f9e7eb
.phishlabs.com/	1970-01-20 07:02:53	Name: _mkto_trk Value: id:130-BFB-942&token:_mch-phishlabs.com-1603901544636-76150
.phishlabs.com/	1970-01-19 13:33:07	Name: _gid Value: GA1.2.616764111.1603901545
.phishlabs.com/	1970-01-19 15:41:17	Name: _gcl_au Value: 1.1.615437719.1603901545
.phishlabs.com/	1970-01-20 07:02:53	Name: _ga Value: GA1.2.744584906.1603901545
.phishlabs.com/	1970-01-19 13:31:41	Name: _dc_gtm_UA-9152773-1 Value: 1
.phishlabs.com/	1970-01-19 13:31:41	Name: _gat Value: 1
.info.phishlabs.com/	1969-12-31 23:59:59	Name: __cfruid Value: 381a7c3454000e8ca1cf14c5267ccb66b1bfe8a2-1603901544
.phishlabs.com/	1970-01-19 22:53:17	Name: hubspotutk Value: ace63f811be1a756748615c7c53dfaa7
.info.phishlabs.com/	1970-01-19 14:14:53	Name: __cfduid Value: d143466914be043cf1385996d08a37c721603901544

17 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js(Line 26) Message: Query variable %s not found sumotoken
console-api	log	URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js(Line 1) Message: install sumo badge...
console-api	log	URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js(Line 26) Message: Query variable %s not found sumopath
console-api	info	URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js(Line 1) Message: CREATING SANDBOX FOR services/index/#services/index
console-api	info	URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js(Line 1) Message: CREATING SANDBOX FOR 156085c5-0017-4150-b225-a731ad248f38/service/#156085c5-0017-4150-b225-a731ad248f38/service
console-api	log	URL: https://load.sumo.com/15.7e831236a32d6086ab3e.js(Line 1) Message: rendering share...
console-api	log	URL: https://load.sumo.com/15.7e831236a32d6086ab3e.js(Line 1) Message: rendering for desktop...
console-api	log	URL: https://load.sumo.com/11.7e831236a32d6086ab3e.js(Line 1) Message: style buffer update...
console-api	log	URL: https://load.sumo.com/15.7e831236a32d6086ab3e.js(Line 1) Message: buffer
console-api	log	URL: https://load.sumo.com/15.7e831236a32d6086ab3e.js(Line 1) Message: facebook
console-api	log	URL: https://load.sumo.com/15.7e831236a32d6086ab3e.js(Line 1) Message: facebooklike
console-api	log	URL: https://load.sumo.com/15.7e831236a32d6086ab3e.js(Line 1) Message: googleplus
console-api	log	URL: https://load.sumo.com/15.7e831236a32d6086ab3e.js(Line 1) Message: pinterest
console-api	log	URL: https://load.sumo.com/15.7e831236a32d6086ab3e.js(Line 1) Message: reddit
console-api	log	URL: https://load.sumo.com/15.7e831236a32d6086ab3e.js(Line 1) Message: yummly
console-api	log	URL: https://load.sumo.com/11.7e831236a32d6086ab3e.js(Line 1) Message: undefined
console-api	log	URL: https://load.sumo.com/15.7e831236a32d6086ab3e.js(Line 1) Message: reddit: 0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

130-bfb-942.mktoresp.com
api.company-target.com
api.facebook.com
api.hubapi.com
app.hubspot.com
apt.techtarget.com
cdn.callrail.com
cdn2.hubspot.net
clients6.google.com
fonts.googleapis.com
fonts.gstatic.com
forms.hubspot.com
googleads.g.doubleclick.net
graph.facebook.com
info.phishlabs.com
js.hs-analytics.net
js.hs-banner.com
js.hsadspixel.net
js.hsleadflows.net
load.sumo.com
load.sumome.com
match.prod.bidr.io
munchkin.marketo.net
px.ads.linkedin.com
reddit.com
scout-cdn.salesloft.com
scout.salesloft.com
segments.company-target.com
snap.licdn.com
static.hubspot.com
stats.g.doubleclick.net
stats.sa-as.com
sumo.com
tag.demandbase.com
track.hubspot.com
trk.techtarget.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.reddit.com
clients6.google.com
104.109.95.62
151.101.193.140
163.171.128.148
172.217.18.162
192.28.144.124
199.232.53.140
206.19.49.24
209.128.119.150
23.111.9.64
2606:4700::6811:45b0
2606:4700::6811:71b0
2606:4700::6811:81b4
2606:4700::6811:c8cc
2606:4700::6811:eacc
2606:4700::6811:f2cc
2606:4700::6812:14bf
2606:4700::6813:9a53
2606:4700::6813:9b53
2620:1ec:21::14
2a00:1450:4001:800::200a
2a00:1450:4001:801::2003
2a00:1450:4001:806::200e
2a00:1450:4001:80b::2008
2a00:1450:4001:815::2003
2a00:1450:4001:817::2004
2a00:1450:4001:819::2002
2a00:1450:4001:81c::200e
2a00:1450:400c:c09::9c
2a02:26f0:eb:3a3::25ea
2a03:2880:f01c:800e:face:b00c:0:2
2a05:f500:11:101::b93f:9005
52.205.51.47
52.214.70.9
52.38.14.212
54.165.164.251
62.113.194.12
65.9.190.44
65.9.190.70
0438af1c10e08a49551436dc269f4d92627dd46304896823361c678c51e52778
099adac59986456b230e31afe8c2fb56c88905a47300df8ecd5e04bd11579e28
0c30678ce61936db0d9405256fc6d328eb49d38614d1650a3678a32ebb3b943c
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
116163e5f71189c0a015cb9f02a8c8b1b356c25e8e2da91af85d6391ec74247b
1529224e7f0d1dbb6cb34912d804e6bdcb2e7a6dff585eae58f53771ef544475
166e8ffd3cdd32887aea00f87186008c941eda8cefc53932f74fce550e40c65a
1da808fa2466cf8893cd082a9840bc7fa70c07faa859185554d8577de257b6f7
242409fa576bcb5b1a71fef56b23678871ee7d04566ab52d02cac40901ed6953
255dded404d185ab11e9c0ea77f93486ae5f1bb63c6b36e97688f4db24c1a44b
28a10c1f5d82f21d724f45b8fe8d90be175ca8b321efa5ee71888cbe540060ca
2944206e47f515a767693cbdc804a7f3d15007846119d8d030d93441e303d025
29b4d10eb211357449f9eb2bff9a8c5d750f2e8a8d4e2370fa868d96f6da535b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
33e82ba39c830ab1013da57a37b561989cfdd0fe4ef30b8f4af27b97c94f5026
341a4d40ad1b2560db940f906716d0e9539d4c0785399d7e0348fd0d3af00170
36aecd4542cf4c62f3d0b0517e0e560aabd649e4efcfce254a95c5adeb388a5c
3819ab6c190ee33a0bcddb0cc2466ff7e2ebc1d2a3b1bfb3c0658c41a1c77049
3973a838556b39da17d5ec4f312c1ff79ce0236f191eaedba866f603446189e7
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f351eef4b0a3ccd70ff9d4239851252a0a6eba79471e530f9deec0b3421d132
44b7fb6f761a2e8bf64400e3311c4c4bf343e888ee1b8bbf125881c4617ed70f
459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc
4a02e2f912e8cbfe242c3fe025125b3e16a8d168a273ce4fe2ff8ea88dc6f500
4b6753aef2f81a4813434523b259d9d19f368ae41cd40162bf0897bc4e334cb9
4c2a0a41bdbc55f5d0f74f367110639cb7fe35122a7a140846d1395d21609a6d
535f84cffe4a18de721d24bd0f6a46f059068d48daf2327d143e0397431cbb14
537aa08c650939dd330df2412b7df411bad4464ae9c280050fd109e72ca6cf57
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a7a08cd848a19fc590f04369ee18e0ac67100549af4f945a4f7710a91841b90
5b565437b4f7cc22d9d5d5f85c647833d1bba3bc240b6952b32aa739be4cef66
5b717115900ddbb7f7a8797aad15ad75a7271740d479efc319a1fc62377b2da1
5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55
5dc9d61931a73fa03b59af510868b7e89e4523df5a53935212ca8a9b31af0b8d
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
63110ca5c68b0212db7273842b16a1514b4c57285cff6287cc774b485ebd9c81
664d46ddb67da5c59b04b2115dbbbeebafc2cb8912a3aba66ea7f33ac69c9adc
6b694b92be25a5184c016031bee18ba083c78c93433c3de028d07a5ffa57fb73
712c31d5542919ca0252129dd8c65c6ca14d0fd607eca6bcbde0af8de1abc9ee
71b3e9761dec1834f8152f030e564ed3ccee88e6f133764557faadbebf869c2d
723fbf8d73cd4e75f64f7d21558585aa1658b11332e87bd288f6987e398ecfb4
72c17c028cb82a7044544696b9ab7bcb5065912cf9322d72837e38aa396a7f2b
73c748a03b271d7a4d7c1ed120f668653c1d7ed4632748920048ddcde2e6d759
74505f68a0d965a06a1c847a01b75009cde925fa9ca19b862bb468ce97b2761b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87590e82d7148881f992efe13b0aa584520f3026f638a1b504a2ebb10d35f53c
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
88a5a17ef0f9b679c14de594a26d006b688d8d2e3e7fc080c792d2c559ce0d72
8b51552f523ecd57ca4f82df5ab10610349f91cacb7c0f72d0290bed3cc37e4e
901c52edb6d8e9070085905253e18b4c89ca43b1a6fb7374e0ede99fe8b2fe94
967ff48c41053bf7c36f819b71ee6b509bd9971857397d74b41c75acc5bd27ae
9adec45109f3cc270287a7547c174ead59633b7a964b8fbff18c411c0176bfeb
9b9b439612eecd459a6edf2abfcf4ae252710e0069772b1b78c4970b3c0f1830
a20c151707fc1611e046a966810f52039e8d06219c90646848ff0cb040bfca1f
a32eeb5c538e35e64e61796d8a0b83a15d9366ec2b79fef8d5fda696a9f4499d
a73a98563485541039998520eaa3f1b8475e8da1f9ae414a74c73df0d5f24f8a
a758040e3d48d51c8085342320827fceb7a23d282f0c29d8e3e3aa414ba5c39d
a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f
a959317813b70f3a91aceafa835bee05b1cf81ca27f7d2b7acbaed4a9c7a8762
ae79cb1248fc7296b3b68fe4a77fd5bd51be17a0f6405692cf6cfeafcff145da
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b5d439b0a1670a4a56384b0b48fcdfabef6e8a5124683f32c6913d1fe22e9563
bb4da57439fc6e37cf864ae6498a5cc2ce419777ecb95c1edd6afeb9142267d9
c3c181155b39df93ee752f752ed404685a62ae5e1217f6c4d8a3e78d447c62a8
c3f99c65ea3d6186991a21add80eeea6d79500fcb3c9d8263680e0de270e0753
c60b93effcbac344d2c30270e0d97323af0f64f43f3ac4d8abd486a875477169
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ccf4a0adea58942beaef83fbd7f58989d9d67b8c00423c0fcd2de2004d1cf77a
d01bd8a88346497a1af35f635c4ce5a9b976b72d6400336bb7cb4bd283640a0e
d18beba8a6db32dd84b24258cf6542acca7684b030e529ef2977198993400c4b
d232588001d2ec9548daf7016595f95e5c93c12ba52304fdc866a50ccc8d44ee
d4ea3e72d13f7392cf63396cfad6069a9c80d1b43f2de63b763cfec67d77540c
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dd3eb59038a5df086653388d9394fed2f2f1d72d9c01cfdc4920247a9d371e83
dd9c85c873b9b644468988e8165e079b0e747a550ce13fa3f7d0c1839b0fd503
dde04d4c6101f721beb7b725504125d1103debe5427e9cf6816be90d83f04480
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e05ae076790852a21a47535d8a06e4ebdfc3079536d9c3f9f91d9f5b29303f0e
e146694637c659ec76a75f2f92253956460decf38696b9f77d825dde8308efaa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e87bfde8bd7a1a7ca26e8667ce624108b0fe20145e2f9b35a0d8d07db8b3c49d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093
f3277e215cde3d4471a195d6ff796768ee89c7852008fa552c3975c4ee775f41
f452c0a329f17acfb74497d9ddef4a0d5af4166d43da2a3824387fc71205cd4f
fa7c2cd8fa0196bca6e808ed4259571ad5ff7372f37de837a16fd90aaca7e51d
fb56af9f7623a55839dfb9cf019b05664a62e1b41671d925f3ed587c506443b5
fd82530897a8eceb7dbafc2d3de217d1d0e5cc5aec39a0d0c37f3aa8b5a2c6f4
fe39eced72c33ae4c1b3bdd9843bc853265b9909040d41555faa02f62cb29ef2

info.phishlabs.com Open in urlscan Pro 2606:4700::6811:81b4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

118 Requests

99 %HTTPS

58 %IPv6

31 Domains

43 Subdomains

36 IPs

6 Countries

1192 kBTransfer

5404 kBSize

16 Cookies

18 Outgoing links

Redirected requests

118 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

info.phishlabs.com Open in urlscan Pro
2606:4700::6811:81b4 Public Scan

Screenshot
Live screenshot

Full Image

118
Requests

99 %
HTTPS

58 %
IPv6

31
Domains

43
Subdomains

36
IPs

6
Countries

1192 kB
Transfer

5404 kB
Size

16
Cookies

118 HTTP transactions
0 data transactions