www.imsnetworking.com Open in urlscan Pro
54.71.226.19 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid
Effective URL:
https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/
Submission: On October 26 via api (October 26th 2024, 8:05:26 am UTC) from US — Scanned from DE

Summary HTTP 97 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 36 IPs in 6 countries across 27 domains to perform 97 HTTP transactions. The main IP is 54.71.226.19, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is www.imsnetworking.com.
TLS certificate: Issued by R11 on September 28th 2024. Valid for: 3 months.

This is the only time www.imsnetworking.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.35.104.127 52.35.104.127	16509 (AMAZON-02) (AMAZON-02)
23	54.71.226.19 54.71.226.19	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
1	51.11.20.152 51.11.20.152	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
2	104.16.158.101 104.16.158.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:2800:233... 2606:2800:233:66b5:799a:7cd3:f74d:7071	15133 (EDGECAST) (EDGECAST)
1 5	2606:4700::68... 2606:4700::6812:1feb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:68f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	63.208.65.83 63.208.65.83	3356 (LEVEL3) (LEVEL3)
4	2606:4700:303... 2606:4700:3036::6815:1b98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	63.174.23.41 63.174.23.41	17054 (EXPEDIENT) (EXPEDIENT)
4	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
1	2a02:26f0:350... 2a02:26f0:3500:10::210:a99	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	199.232.188.157 199.232.188.157	54113 (FASTLY) (FASTLY)
1	142.250.184.195 142.250.184.195	15169 (GOOGLE) (GOOGLE)
1 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:33::10 2620:1ec:33::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 4	2600:9000:264... 2600:9000:2644:dc00:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
2	18.245.46.63 18.245.46.63	16509 (AMAZON-02) (AMAZON-02)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	142.250.184.196 142.250.184.196	15169 (GOOGLE) (GOOGLE)
4	142.250.186.136 142.250.186.136	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	18.245.46.37 18.245.46.37	16509 (AMAZON-02) (AMAZON-02)
1	2a05:d018:cc3... 2a05:d018:cc3:fe04:a20b:3458:b6c7:91a5	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE)
1	172.217.16.195 172.217.16.195	15169 (GOOGLE) (GOOGLE)
1	216.239.32.36 216.239.32.36	15169 (GOOGLE) (GOOGLE)
1	2602:816:5001... 2602:816:5001::39	54113 (FASTLY) (FASTLY)
1	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
2	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
97	36

1 52.35.104.127 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-35-104-127.us-west-2.compute.amazonaws.com

imsnetworking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 54.71.226.19 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-71-226-19.us-west-2.compute.amazonaws.com

www.imsnetworking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.11.20.152 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

secure.venture365office.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.158.101 (None, )

ASN13335 (CLOUDFLARENET, US)

hello.staticstuff.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
win.staticstuff.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:66b5:799a:7cd3:f74d:7071 (United States)

ASN15133 (EDGECAST, US)

platform.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:1feb (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ck368.infusionsoft.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:68f (United States)

ASN13335 (CLOUDFLARENET, US)

ck368.infusionsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.208.65.83 (United States)

ASN3356 (LEVEL3, US)

www.rapidscansecure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3036::6815:1b98 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 63.174.23.41 (Pittsburgh, United States)

ASN17054 (EXPEDIENT, US)

msp.amp.vg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cmap.amp.vg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:10::210:a99 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 199.232.188.157 (Munich, Germany)

ASN54113 (FASTLY, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:33::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2644:dc00:6:9280:1080:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.245.46.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-63.fra56.r.cloudfront.net

cdn.calltrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.calltrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.245.46.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-37.fra56.r.cloudfront.net

js.calltrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:cc3:fe04:a20b:3458:b6c7:91a5 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.32.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:816:5001::39 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	imsnetworking.com 1 redirects imsnetworking.com www.imsnetworking.com	454 KB
11	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	914 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34 region1.google-analytics.com — Cisco Umbrella Rank: 3643	22 KB
5	adroll.com 1 redirects s.adroll.com — Cisco Umbrella Rank: 3395 d.adroll.com — Cisco Umbrella Rank: 1624	30 KB
5	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1472 syndication.twitter.com — Cisco Umbrella Rank: 1829	30 KB
5	infusionsoft.app 1 redirects ck368.infusionsoft.app	4 KB
5	linkedin.com 1 redirects platform.linkedin.com — Cisco Umbrella Rank: 3841 px.ads.linkedin.com — Cisco Umbrella Rank: 321 px4.ads.linkedin.com — Cisco Umbrella Rank: 6828	163 KB
4	calltrk.com cdn.calltrk.com — Cisco Umbrella Rank: 22692 js.calltrk.com — Cisco Umbrella Rank: 24060	21 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	156 KB
4	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1222	88 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	3 KB
3	amp.vg msp.amp.vg cmap.amp.vg	9 KB
2	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 245	986 B
2	bing.net bat.bing.net — Cisco Umbrella Rank: 20475	465 B
2	google.com www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 4401
2	bing.com bat.bing.com — Cisco Umbrella Rank: 348	15 KB
2	staticstuff.net hello.staticstuff.net — Cisco Umbrella Rank: 247834 win.staticstuff.net — Cisco Umbrella Rank: 155877	6 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 592	33 KB
1	google.de www.google.de — Cisco Umbrella Rank: 11271	63 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 136	550 B
1	gstatic.com fonts.gstatic.com	47 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 784	14 KB
1	rapidscansecure.com www.rapidscansecure.com — Cisco Umbrella Rank: 108499	985 B
1	infusionsoft.com ck368.infusionsoft.com	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	2 KB
1	venture365office.com secure.venture365office.com — Cisco Umbrella Rank: 925066	321 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 311	2 KB
97	27

	Domain	Requested by
23	www.imsnetworking.com	www.imsnetworking.com
11	www.googletagmanager.com	www.imsnetworking.com www.googletagmanager.com
5	ck368.infusionsoft.app	1 redirects www.imsnetworking.com
4	s.adroll.com	1 redirects www.imsnetworking.com
4	www.google-analytics.com	www.imsnetworking.com
4	platform.twitter.com	www.imsnetworking.com platform.twitter.com
4	connect.facebook.net	www.imsnetworking.com
4	use.fontawesome.com	www.imsnetworking.com use.fontawesome.com
3	js.calltrk.com	www.imsnetworking.com
3	www.facebook.com	www.imsnetworking.com connect.facebook.net
3	region1.google-analytics.com	www.imsnetworking.com
3	px.ads.linkedin.com	1 redirects www.imsnetworking.com
2	bam.nr-data.net	www.imsnetworking.com
2	cmap.amp.vg	www.imsnetworking.com
2	bat.bing.net	bat.bing.com www.imsnetworking.com
2	bat.bing.com	www.imsnetworking.com
1	syndication.twitter.com
1	js-agent.newrelic.com	www.imsnetworking.com
1	www.google.de	www.imsnetworking.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.imsnetworking.com
1	d.adroll.com	www.imsnetworking.com
1	www.google.com	www.googletagmanager.com
1	cdn.calltrk.com	www.imsnetworking.com
1	win.staticstuff.net	www.imsnetworking.com
1	px4.ads.linkedin.com	www.imsnetworking.com
1	fonts.gstatic.com	www.imsnetworking.com
1	snap.licdn.com	www.imsnetworking.com
1	msp.amp.vg	www.imsnetworking.com
1	www.rapidscansecure.com	www.imsnetworking.com
1	ck368.infusionsoft.com	www.imsnetworking.com
1	platform.linkedin.com	www.imsnetworking.com
1	hello.staticstuff.net	www.imsnetworking.com
1	fonts.googleapis.com	www.imsnetworking.com
1	secure.venture365office.com	www.imsnetworking.com
1	cdn.jsdelivr.net	www.imsnetworking.com
1	imsnetworking.com	1 redirects
97	37

This site contains links to these domains. Also see Links.

Domain
sitesdev.net
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com
www.flaticon.com
creativecommons.org
www.mindmatrix.net

Subject Issuer	Validity	Valid
www.imsnetworking.com R11	`2024-09-28` - `2024-12-27`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
secure.norm0care.com Sectigo RSA Domain Validation Secure Server CA	`2024-07-24` - `2025-08-05`	a year	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
staticstuff.net WE1	`2024-08-31` - `2024-11-29`	3 months	crt.sh
platform.linkedin.com DigiCert SHA2 Secure Server CA	`2024-06-13` - `2025-06-13`	a year	crt.sh
infusionsoft.app WE1	`2024-10-26` - `2025-01-24`	3 months	crt.sh
infusionsoft.com WE1	`2024-08-29` - `2024-11-27`	3 months	crt.sh
www.rapidscansecure.com Entrust Certification Authority - L1K	`2024-09-26` - `2025-09-26`	a year	crt.sh
use.fontawesome.com WE1	`2024-09-09` - `2024-12-09`	3 months	crt.sh
*.amp.vg GeoTrust TLS RSA CA G1	`2023-12-21` - `2025-01-02`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-04` - `2024-11-02`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-24` - `2025-07-25`	a year	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-10-14` - `2025-04-14`	6 months	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 03	`2024-09-16` - `2025-03-15`	6 months	crt.sh
s.adroll.com Amazon RSA 2048 M02	`2024-05-03` - `2025-06-01`	a year	crt.sh
swappy.callrail.com Amazon RSA 2048 M03	`2024-06-10` - `2025-07-09`	a year	crt.sh
*.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
bat.bing.net Microsoft Azure RSA TLS Issuing CA 03	`2024-07-30` - `2025-01-26`	6 months	crt.sh
d.adroll.com Amazon RSA 2048 M02	`2024-09-09` - `2025-10-09`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.google.de WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-21` - `2025-04-22`	a year	crt.sh
syndication.twitter.com R10	`2024-10-11` - `2025-01-09`	3 months	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-12` - `2025-08-12`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/
Frame ID: DF97ED5EE38C1B1294E709958478D9C4
Requests: 92 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fwww.imsnetworking.com
Frame ID: E08CCE91FD6608AD843B8692FC7158B2
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.6/plugins/share_button.php?app_id=144240632325488&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df512e074a09d8bfa4%26domain%3Dwww.imsnetworking.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.imsnetworking.com%252Ffeb71465e48248303%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.imsnetworking.com%2F2021%2F03%2F18%2Fhacker-uses-zoom-invites-to-steal-credentials-through-sendgrid%2F&layout=button_count&locale=en_US&mobile_iframe=true&sdk=joey
Frame ID: 2E0E6CB0BB4F8FBD0C3A0C7CD960788B
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.imsnetworking.com
Frame ID: A7C50CC5EE98322564574465C3C46CF2
Requests: 1 HTTP requests in this frame

Frame: https://ck368.infusionsoft.app/app/webTracking/websiteTriggerIframe
Frame ID: 27A32201E6415EA9CEBE8371E82BC4E9
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
Frame ID: 921CFCEF57C04647F83BEA0383F056EF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hacker Uses Zoom Invites To Steal Credentials Through Sendgrid | Information Management Systems

Page URL History Show full URLs

http://imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid HTTP 307
https://imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid HTTP 301
https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.linkedin\.com/in\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

97
Requests

96 %
HTTPS

50 %
IPv6

27
Domains

37
Subdomains

36
IPs

6
Countries

2015 kB
Transfer

5770 kB
Size

31
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://sitesdev.net/articles/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/
Title: Used with permission from Article Aggregator

Search URL Search Domain Scan URL

URL: https://www.facebook.com/imsnetworking
Title: Facebook

Search URL Search Domain Scan URL

URL: http://twitter.com/imsnetworking
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/information-management-systems
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.youtube.com/imsnetworking
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.flaticon.com/authors/scott-de-jonge
Title: Scott de Jonge

Search URL Search Domain Scan URL

URL: https://www.flaticon.com/
Title: www.flaticon.com

Search URL Search Domain Scan URL

URL: http://creativecommons.org/licenses/by/3.0/
Title: CC 3.0 BY

Search URL Search Domain Scan URL

URL: http://www.mindmatrix.net/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid HTTP 307
https://imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid HTTP 301
https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3752314&time=1729929919631&url=https%3A%2F%2Fwww.imsnetworking.com%2F2021%2F03%2F18%2Fhacker-uses-zoom-invites-to-steal-credentials-through-sendgrid%2F HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3752314&time=1729929919631&url=https%3A%2F%2Fwww.imsnetworking.com%2F2021%2F03%2F18%2Fhacker-uses-zoom-invites-to-steal-credentials-through-sendgrid%2F&e_ipv6=AQIjKa1Qc0zCkAAAAZLH271qg5b0tUkXKqxSO4XnkQeBAYttni88SGCPKcfr-ImXobQZ4p-F

Request Chain 63

https://s.adroll.com/j/pre/6QJ2DQZO7JEURFI7XLQWCQ/XADRIFJBUNAYXHCVJAXAQI/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

Request Chain 93

https://ck368.infusionsoft.app/app/webTracking/contact/1729929919367?contactId=0&screenResolution=1600x1200&plugins=&javaEnabled=false&domain=www.imsnetworking.com&location=https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/&referrer= HTTP 302
https://ck368.infusionsoft.app/slices/spacer.gif

97 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/
Redirect Chain

http://imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid
https://imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid
https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

119 KB
43 KB

1405ms
398ms

Document
text/html

54.71.226.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.71.226.19 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-71-226-19.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

eb96b0bab1e6df1935d50477519f04c35a08690f61d43ecff594af13a635fb95

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control: max-age=900, s-maxage=3600, stale-if-error=2592000, stale-while-revalidate=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 26 Oct 2024 08:05:17 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx
Strict-Transport-Security: max-age=15780000;
Transfer-Encoding: chunked
Vary: Accept-Encoding Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

Redirect headers

Cache-Control: max-age=86400, s-maxage=604800, stale-if-error=2592000, stale-while-revalidate=86400
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Sat, 26 Oct 2024 08:05:16 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Location: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx
Strict-Transport-Security: max-age=15780000;
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK layout.css
www.imsnetworking.com/wp-content/plugins/special-recent-posts/css/ 5 KB
2 KB 291ms
193ms Stylesheet
text/css 54.71.226.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imsnetworking.com/wp-content/plugins/special-recent-posts/css/layout.css

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.71.226.19 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-71-226-19.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

f0b92945f599cd606acb1d5bf60b30d1f6a6b4cee0ff6cb8ea0a29e6903a8cae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=15780000;
Cache-Control: max-age=604800
Content-Encoding: gzip
ETag: W/"5611dab3-121c"
Connection: keep-alive
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Expires: Sat, 02 Nov 2024 08:05:18 GMT
Date: Sat, 26 Oct 2024 08:05:18 GMT
Content-Type: text/css
Vary: Accept-Encoding
Server: nginx

GET
H/1.1 200
OK style.css
www.imsnetworking.com/wp-content/themes/designn/ 180 KB
37 KB 506ms
214ms Stylesheet
text/css 54.71.226.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imsnetworking.com/wp-content/themes/designn/style.css

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.71.226.19 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-71-226-19.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

f1411d3d13b55e58e583e168f036ae3b20888c997ac0ee94bf1b910d83f6e4b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=15780000;
Cache-Control: max-age=604800
Content-Encoding: gzip
ETag: W/"6634a91e-2d161"
Connection: keep-alive
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Expires: Sat, 02 Nov 2024 08:05:18 GMT
Date: Sat, 26 Oct 2024 08:05:18 GMT
Content-Type: text/css
Vary: Accept-Encoding
Server: nginx

GET
H/1.1 200
OK style.css
www.imsnetworking.com/wp-content/themes/designn-adv-child/ 616 KB
88 KB 827ms
454ms Stylesheet
text/css 54.71.226.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imsnetworking.com/wp-content/themes/designn-adv-child/style.css

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.71.226.19 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-71-226-19.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

3cc84eeb18d9be6c7e078b5a95095f4e2221d35e0f582ab35bb74d162085605c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=15780000;
Cache-Control: max-age=604800
Content-Encoding: gzip
ETag: W/"63ff21e3-9a023"
Connection: keep-alive
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Expires: Sat, 02 Nov 2024 08:05:18 GMT
Date: Sat, 26 Oct 2024 08:05:18 GMT
Content-Type: text/css
Vary: Accept-Encoding
Server: nginx

GET
H/1.1 200
OK custom.css
www.imsnetworking.com/files/assets/css/ 1 KB
1 KB 584ms
207ms Stylesheet
text/css 54.71.226.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imsnetworking.com/files/assets/css/custom.css

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.71.226.19 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-71-226-19.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

a2ae18f1e3d9b77fd5350d1b66c0b0b46eb2b99719f3f95552ceacd25b08a83c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=15780000;
Cache-Control: max-age=604800
Content-Encoding: gzip
ETag: W/"62e2a5a0-5c7"
Connection: keep-alive
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Expires: Sat, 02 Nov 2024 08:05:18 GMT
Date: Sat, 26 Oct 2024 08:05:18 GMT
Content-Type: text/css
Vary: Accept-Encoding
Server: nginx

GET
H/1.1 200
OK jquery.js Show response
www.imsnetworking.com/wp-includes/js/jquery/ 95 KB
39 KB 784ms
408ms Script
application/javascript 54.71.226.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imsnetworking.com/wp-includes/js/jquery/jquery.js

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.71.226.19 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-71-226-19.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=15780000;
Cache-Control: max-age=604800
Content-Encoding: gzip
ETag: W/"5d7719ad-17a6a"
Connection: keep-alive
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Expires: Sat, 02 Nov 2024 08:05:18 GMT
Date: Sat, 26 Oct 2024 08:05:18 GMT
Content-Type: application/javascript
Last-Modified: Tue, 10 Sep 2019 03:34:05 GMT
Server: nginx
Vary: Accept-Encoding

GET
H/1.1 200
OK jquery-migrate.min.js Show response
www.imsnetworking.com/wp-includes/js/jquery/ 10 KB
5 KB 595ms
219ms Script
application/javascript 54.71.226.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imsnetworking.com/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.71.226.19 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-71-226-19.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=15780000;
Cache-Control: max-age=604800
Content-Encoding: gzip
ETag: W/"59c66359-2748"
Connection: keep-alive
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Expires: Sat, 02 Nov 2024 08:05:18 GMT
Date: Sat, 26 Oct 2024 08:05:18 GMT
Content-Type: application/javascript
Last-Modified: Sat, 23 Sep 2017 13:36:25 GMT
Server: nginx
Vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 293 KB
101 KB 236ms
116ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZYLC7TJ3DT

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b9de472f9fd47efafae0dadee071b37dfdc71a283b788ad8d834f459ccb69130

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 26 Oct 2024 08:05:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 08:05:19 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 102617
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 jquery.sticky.min.js Show response
cdn.jsdelivr.net/npm/jquery-sticky@1.0.4/ 4 KB
2 KB 100ms
29ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery-sticky@1.0.4/jquery.sticky.min.js

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f92dcb98f1e0f493568ee7ec28088227b9a34084b762514d670ee53d0ff6c0ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"1109-83Sc+dXVi80Tq5swu4jwzM98Hqg"
age: 286744
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Sat, 26 Oct 2024 08:05:19 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230149-FRA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1547
x-jsd-version: 1.0.4

GET
H/1.1 200
OK 786597.js Show response
secure.venture365office.com/js/ 16 B
321 B 402ms
47ms Script
text/javascript 51.11.20.152
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.venture365office.com/js/786597.js
Requested by: Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.11.20.152 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c9e37afa8ce0c8144a2d49cdb263a51a4939f35b6f29b89f329f3ccff1e8a959

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/

Response headers

Transfer-Encoding: chunked
Cache-Control: public, max-age=86400
Content-Encoding: br
Connection: keep-alive
Request-Context: appId=cid-v1:abe8a76f-f1a2-4b2e-9017-0ea36ffb5c20
Date: Sat, 26 Oct 2024 08:05:18 GMT
Content-Type: text/javascript
Vary: Accept-Encoding

GET
H2 200 css
fonts.googleapis.com/ 28 KB
2 KB 178ms
64ms Other
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cd323e9a86b8011e1acc6cdc731f54393f01a80c5d6cbf7f7b36ffe476d5f5f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.imsnetworking.com
Referer: https://www.imsnetworking.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 26 Oct 2024 08:05:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 08:05:18 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sat, 26 Oct 2024 07:37:20 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 vaxion.js Show response
hello.staticstuff.net/w/ 15 KB
6 KB 110ms
43ms Script
text/javascript 104.16.158.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hello.staticstuff.net/w/vaxion.js
Requested by: Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.158.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61f0f5f937046770ff5acf5402da2c5a9b345034bbd3b876fca43aec32160a82

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/

Response headers

cache-control: public, max-age=604800
content-encoding: gzip
cf-cache-status: HIT
age: 90238
cf-ray: 8d88f0cc390762f0-HAM
expires: Sat, 02 Nov 2024 08:05:19 GMT
x-proxy-cache: MISS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Sat, 26 Oct 2024 08:05:19 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Thu, 24 Oct 2024 22:20:34 GMT

GET
H/1.1 200
OK logo-min.png
www.imsnetworking.com/files/2018/03/ 6 KB
6 KB 305ms
220ms Image
image/png 54.71.226.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imsnetworking.com/files/2018/03/logo-min.png

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.71.226.19 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-71-226-19.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

df8e2b1050def67f4048c5e4fcba51c4f552dfd4f5e0d7d13492680e5101d905

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

Strict-Transport-Security: max-age=15780000;
Cache-Control: max-age=604800
ETag: "625410f1-16dc"
Connection: keep-alive
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Expires: Sat, 02 Nov 2024 08:05:18 GMT
Accept-Ranges: bytes
Content-Length: 5852
Date: Sat, 26 Oct 2024 08:05:18 GMT
Content-Type: image/png
Last-Modified: Mon, 11 Apr 2022 11:28:49 GMT
Server: nginx

GET
H2 200 in.js Show response
platform.linkedin.com/ 510 KB
160 KB 162ms
37ms Script
text/javascript 2606:2800:233:66b5:799a:7cd3:f74d:7071
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.linkedin.com/in.js

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:66b5:799a:7cd3:f74d:7071 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ska/F68E) /

Resource Hash

87d049fc6d16da1f81063235c0e3d31a4656800cbbdca8277d6ae56614a52aba

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/

Response headers

content-encoding: gzip
age: 2758
x-cdn-proto: HTTP2
x-li-fabric: prod-lva1
x-content-type-options: nosniff
expires: Sat, 26 Oct 2024 08:19:20 GMT
x-li-proto: http/1.1
x-cache: HIT
date: Sat, 26 Oct 2024 08:05:18 GMT
content-type: text/javascript; charset=UTF-8
x-cdn-client-ip-version: IPV6
vary: Accept-Encoding
last-modified: Sat, 26 Oct 2024 07:19:20 GMT
x-li-pop: prod-lva1-x
cache-control: public, max-age=3600
x-cdn: ECST
x-li-uuid: AAYlXA3dVH63bB+O9bf9QQ==
accept-ranges: bytes
content-length: 163630
server: ECAcc (ska/F68E)

GET
H/1.1 200
OK zoom-meeting-resized.jpg
www.imsnetworking.com/files/2021/03/ 19 KB
20 KB 199ms
198ms Image
image/jpeg 54.71.226.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imsnetworking.com/files/2021/03/zoom-meeting-resized.jpg

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.71.226.19 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-71-226-19.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

eb33957d19c048ddbb7060092ff1f347bb8f009ed962a57261206a1693b909c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

Strict-Transport-Security: max-age=15780000;
Cache-Control: max-age=604800
ETag: "625410d6-4cf6"
Connection: keep-alive
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Expires: Sat, 02 Nov 2024 08:05:18 GMT
Accept-Ranges: bytes
Content-Length: 19702
Date: Sat, 26 Oct 2024 08:05:18 GMT
Content-Type: image/jpeg
Last-Modified: Mon, 11 Apr 2022 11:28:22 GMT
Server: nginx

GET
H/1.1 200
OK cover_UR7TUU4K3.png
www.imsnetworking.com/files/2022/11/ 111 KB
111 KB 389ms
388ms Image
image/png 54.71.226.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imsnetworking.com/files/2022/11/cover_UR7TUU4K3.png

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.71.226.19 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-71-226-19.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

6a44c49c8b0d97772c8e848fbdf15c0b12ed91b786658a64a4db5b15dbadbc0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

Strict-Transport-Security: max-age=15780000;
Cache-Control: max-age=604800
ETag: "636cd3f0-1bb2a"
Connection: keep-alive
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Expires: Sat, 02 Nov 2024 08:05:18 GMT
Accept-Ranges: bytes
Content-Length: 113450
Date: Sat, 26 Oct 2024 08:05:18 GMT
Content-Type: image/png
Last-Modified: Thu, 10 Nov 2022 10:35:28 GMT
Server: nginx

GET
H2 200 getTrackingCode Show response
ck368.infusionsoft.app/app/webTracking/ 7 KB
3 KB 288ms
197ms Script
text/javascript 2606:4700::6812:1feb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ck368.infusionsoft.app/app/webTracking/getTrackingCode

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1feb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4cf9a79fe9a4db827bf94185ef8ad95c548c5bc344e23cdc39b2e408fa33dc18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store
content-encoding: gzip
cf-cache-status: DYNAMIC
pragma: no-cache
x-content-type-options: nosniff
via: 1.1 google
cf-ray: 8d88f0ca2cb37266-HAM
expires: Sat, 26 Oct 2024 08:05:19 GMT
date: Sat, 26 Oct 2024 08:05:19 GMT
x-xss-protection: 1; mode=block
content-type: text/javascript;charset=UTF-8
vary: accept-encoding
server: cloudflare

GET
H2 200 timezoneInputJs Show response
ck368.infusionsoft.com/app/timezone/ 601 B
1 KB 301ms
199ms Script
text/javascript 2606:4700::6812:68f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ck368.infusionsoft.com/app/timezone/timezoneInputJs?xid=a69f134ca3f70dbd024af20c56cf1257

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:68f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20bb6b5389e2c13fa434309b8a26119fcb3479164a6ad81526e3531e6b649988

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://localhost:10239 http://local.infusiontest.com:10239 https://local.infusiontest.com:10239 https://app.intg.infusiontest.com https://app.stge.infusiontest.com https://app.infusionsoft.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' http://localhost:10239 http://local.infusiontest.com:10239 https://local.infusiontest.com:10239 https://app.intg.infusiontest.com https://app.stge.infusiontest.com https://app.infusionsoft.com
cache-control: no-cache, no-store
content-encoding: gzip
cf-cache-status: DYNAMIC
pragma: no-cache
x-content-type-options: nosniff
via: 1.1 google
cf-ray: 8d88f0cc1c67ca91-HAM
expires: Sat, 26 Oct 2024 08:05:19 GMT
date: Sat, 26 Oct 2024 08:05:19 GMT
x-xss-protection: 1; mode=block
content-type: text/javascript;charset=UTF-8
vary: accept-encoding
server: cloudflare

GET
H2 200 overwriteRefererJs Show response
ck368.infusionsoft.app/app/webform/ 202 B
513 B 207ms
203ms Script
text/javascript 2606:4700::6812:1feb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ck368.infusionsoft.app/app/webform/overwriteRefererJs

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1feb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbafd37b04603f38be311dca28a3e5ff54b8117a0bf6b56ba37674367c863dd7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://localhost:10239 http://local.infusiontest.com:10239 https://local.infusiontest.com:10239 https://app.intg.infusiontest.com https://app.stge.infusiontest.com https://app.infusionsoft.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' http://localhost:10239 http://local.infusiontest.com:10239 https://local.infusiontest.com:10239 https://app.intg.infusiontest.com https://app.stge.infusiontest.com https://app.infusionsoft.com
cache-control: no-cache, no-store
content-encoding: gzip
cf-cache-status: DYNAMIC
pragma: no-cache
x-content-type-options: nosniff
via: 1.1 google
cf-ray: 8d88f0cbce5c7266-HAM
expires: Sat, 26 Oct 2024 08:05:19 GMT
date: Sat, 26 Oct 2024 08:05:19 GMT
x-xss-protection: 1; mode=block
content-type: text/javascript;charset=UTF-8
vary: accept-encoding
server: cloudflare

GET
H/1.1 200
OK siteseal.js Show response
www.rapidscansecure.com/siteseal/ 518 B
985 B 658ms
142ms Script
text/javascript 63.208.65.83
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rapidscansecure.com/siteseal/siteseal.js?code=115,532095F694BEF0135D7C549A10B8CACA11320B90
Requested by: Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.208.65.83 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: /
Resource Hash: e0235bf8aee8cfe4358d894a03e13ab13fcc25ba1ea3715ed8082676afcb1178

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/

Response headers

Date: Sat, 26 Oct 2024 08:05:19 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 518

GET
H/1.1 200
OK main.js Show response
www.imsnetworking.com/wp-content/themes/designn-adv-child/js/ 70 KB
24 KB 199ms
198ms Script
application/javascript 54.71.226.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imsnetworking.com/wp-content/themes/designn-adv-child/js/main.js

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.71.226.19 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-71-226-19.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

f389e97751d2b9eda028a46072fbc1339db3b950e366af5808e5dc9e857d4669

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=15780000;
Cache-Control: max-age=604800
Content-Encoding: gzip
ETag: W/"66e851ad-117d8"
Connection: keep-alive
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Expires: Sat, 02 Nov 2024 08:05:19 GMT
Date: Sat, 26 Oct 2024 08:05:19 GMT
Content-Type: application/javascript
Last-Modified: Mon, 16 Sep 2024 15:41:33 GMT
Server: nginx
Vary: Accept-Encoding

GET
H2 200 e887c3298b.js Show response
use.fontawesome.com/ 9 KB
4 KB 252ms
189ms Script
text/javascript 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/e887c3298b.js
Requested by: Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2eb5c52a0caedf03be2b3a6d28b42771f7025508ca81cde1fe96720440c80ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/

Response headers

cache-control: max-age=1800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: REVALIDATED
etag: W/"269dcfc384f8bbc81ae188beb8204dca"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xPO78MyI8xVfJkZq32AGiiCzrnnOknqpxdI8Z%2FiAx%2FUW864Ihc6R7IimkcDBrfzi3of2%2BRUI6FFRVVoqyyoDbByC5wZc9jTCYRQOeOFJL%2FR%2B7m6RpIaV%2BuD9hat43AGwMDjQqQG4WiNpEnBK1nWLuby2"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d88f0cc2ed59311-CPH
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=23739&sent=7&recv=12&lost=0&retrans=0&sent_bytes=4018&recv_bytes=2243&delivery_rate=171239&cwnd=254&unsent_bytes=0&cid=3573adb0ccc8d804&ts=198&x=0"
date: Sat, 26 Oct 2024 08:05:19 GMT
content-type: text/javascript
last-modified: Fri, 22 Sep 2023 01:37:07 GMT
vary: Accept-Encoding
server: cloudflare

GET
H/1.1 200
OK jquery.fancybox.min.js Show response
www.imsnetworking.com/wp-content/plugins/easy-fancybox/js/ 19 KB
7 KB 194ms
193ms Script
application/javascript 54.71.226.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imsnetworking.com/wp-content/plugins/easy-fancybox/js/jquery.fancybox.min.js

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.71.226.19 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-71-226-19.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

948f0c154ad97428bc1d1dee456f2e20ec4e0e302b0d3189e08a4573cb63cdb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=15780000;
Cache-Control: max-age=604800
Content-Encoding: gzip
ETag: W/"5d9991bb-4d4f"
Connection: keep-alive
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Expires: Sat, 02 Nov 2024 08:05:19 GMT
Date: Sat, 26 Oct 2024 08:05:19 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Oct 2019 07:03:23 GMT
Server: nginx
Vary: Accept-Encoding

GET
H/1.1 200
OK jquery.easing.min.js Show response
www.imsnetworking.com/wp-content/plugins/easy-fancybox/js/ 2 KB
1 KB 195ms
193ms Script
application/javascript 54.71.226.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imsnetworking.com/wp-content/plugins/easy-fancybox/js/jquery.easing.min.js

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.71.226.19 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-71-226-19.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

0ec98adf593ebcc01bec60b1f494dacd47522abfef9038a714101d83f45e165d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=15780000;
Cache-Control: max-age=604800
Content-Encoding: gzip
ETag: W/"5d9991ba-8fe"
Connection: keep-alive
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Expires: Sat, 02 Nov 2024 08:05:19 GMT
Date: Sat, 26 Oct 2024 08:05:19 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Oct 2019 07:03:22 GMT
Server: nginx
Vary: Accept-Encoding

GET
H/1.1 200
OK jquery.metadata.min.js Show response
www.imsnetworking.com/wp-content/plugins/easy-fancybox/js/ 878 B
924 B 193ms
190ms Script
application/javascript 54.71.226.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imsnetworking.com/wp-content/plugins/easy-fancybox/js/jquery.metadata.min.js

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.71.226.19 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-71-226-19.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

6fd484cb3d4db92ba40c9460718c8cfa09cc5abe32336050b555e85079f1cf74

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=15780000;
Cache-Control: max-age=604800
Content-Encoding: gzip
ETag: W/"5d9991ba-36e"
Connection: keep-alive
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Expires: Sat, 02 Nov 2024 08:05:19 GMT
Date: Sat, 26 Oct 2024 08:05:19 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Oct 2019 07:03:22 GMT
Server: nginx
Vary: Accept-Encoding

GET
H2 200 payload.js Show response
msp.amp.vg/track/exdwjju2nf2/ 15 KB
5 KB 761ms
438ms Script
text/javascript 63.174.23.41
EXPEDIENT

General

Check archive.org

Show headers Download Go to

Full URL

https://msp.amp.vg/track/exdwjju2nf2/payload.js

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

63.174.23.41 Pittsburgh, United States, ASN17054 (EXPEDIENT, US),

Reverse DNS

Software

nginx /

Resource Hash

fd8b672ddc7dac829aa91db394f7af715dd838cac14648944d920be8c275831f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
content-encoding: gzip
pragma: no-cache
x-content-type-options: nosniff
expires: -1
requestid: _671ca2bf47dae26ff86546d6
date: Sat, 26 Oct 2024 08:05:20 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
server: nginx

GET
H/1.1 200
OK jquery.matchHeight.min.js Show response
www.imsnetworking.com/wp-content/themes/designn/js/ 3 KB
2 KB 190ms
189ms Script
application/javascript 54.71.226.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imsnetworking.com/wp-content/themes/designn/js/jquery.matchHeight.min.js

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.71.226.19 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-71-226-19.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

9af835a3bb7f20f3b8ab6f3dbd96097e847a0bf8d0f1812f1922b2db41b3c889

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=15780000;
Cache-Control: max-age=604800
Content-Encoding: gzip
ETag: W/"5cbff957-cc6"
Connection: keep-alive
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Expires: Sat, 02 Nov 2024 08:05:19 GMT
Date: Sat, 26 Oct 2024 08:05:19 GMT
Content-Type: application/javascript
Last-Modified: Wed, 24 Apr 2019 05:51:19 GMT
Server: nginx
Vary: Accept-Encoding

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 229 KB
58 KB 80ms
35ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

eab9cbb1928a9de3ed2b7164ea7215b1ee0c9d7584d04aac97fe5b6798140c48

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-scS1hjYd' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 26 Oct 2024 08:05:19 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-scS1hjYd' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=23, mss=1232, tbw=4460, tp=10, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: kYqv0pZugV3ewSyUKb9DDtVgc8ENzSsKcqe6634payRn6p0P0KVnE1F3GznwZUr7yXsojZPKWEhLxelRHvavJw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 59722
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 150ms
39ms Script
application/javascript 2a02:26f0:3500:10::210:a99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/

Response headers

cache-control: max-age=74172
content-encoding: gzip
x-cdn: AKAM
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 14628
date: Sat, 26 Oct 2024 08:05:19 GMT
last-modified: Thu, 22 Aug 2024 10:43:55 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 231 KB
82 KB 65ms
64ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NQGRG64

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7df436910aa5e12b04796a04642184a1f8bdc05957ea58e20d3e4412f8e35b35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Sat, 26 Oct 2024 08:05:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 08:05:19 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 26 Oct 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 83214
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 94ms
66ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

734e46cec74a67b68f3d256f6bc0c3a3dcaabba8f0ff217bdbc710e4b737201e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/

Response headers

content-md5: jqqd5xDdzCfXJhxgkc2wMw==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "96df44d3c56949693db1a5b4d96082b2"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 26 Oct 2024 08:10:22 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 26 Oct 2024 08:05:19 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: 3890cd4cd76cf98241ffde0dec071766
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=23, mss=1232, tbw=32732, tp=33, tpl=0, uplat=2, ullat=-1
x-fb-debug: /supbU2duJ7HPBA6bAByMpbTohC+161CbNwLX04lmD/1j/p/fikb/anZn/y5M964CRubWZZLGwNSw05BQwP2zQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
content-length: 1687
origin-agent-cluster: ?1

GET
H2 200 widgets.js Show response
platform.twitter.com/ 91 KB
27 KB 146ms
55ms Script
application/javascript 199.232.188.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/

Response headers

content-encoding: gzip
etag: "824beb891744db98ccbd3a456e59e0f7+gzip"
access-control-allow-methods: GET
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
date: Sat, 26 Oct 2024 08:05:19 GMT
last-modified: Mon, 11 Dec 2023 17:20:28 GMT
vary: Accept-Encoding
x-served-by: cache-iad-kcgs7200137-IAD, cache-muc13966-MUC
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1800
tw-cdn: FT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27597
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK fake-app-resized-150x150.jpg
www.imsnetworking.com/files/2018/10/ 7 KB
8 KB 199ms
198ms Image
image/jpeg 54.71.226.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imsnetworking.com/files/2018/10/fake-app-resized-150x150.jpg

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.71.226.19 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-71-226-19.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

562f6598ca02a600e1a7665c2aa507d5476c784474c353e88ba5e89d5a4e9b72

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

Strict-Transport-Security: max-age=15780000;
Cache-Control: max-age=604800
ETag: "625410ea-1ded"
Connection: keep-alive
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Expires: Sat, 02 Nov 2024 08:05:19 GMT
Accept-Ranges: bytes
Content-Length: 7661
Date: Sat, 26 Oct 2024 08:05:19 GMT
Content-Type: image/jpeg
Last-Modified: Mon, 11 Apr 2022 11:28:42 GMT
Server: nginx

GET
H/1.1 200
OK facebook-post-resized-150x150.jpg
www.imsnetworking.com/files/2018/06/ 6 KB
7 KB 197ms
196ms Image
image/jpeg 54.71.226.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imsnetworking.com/files/2018/06/facebook-post-resized-150x150.jpg

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.71.226.19 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-71-226-19.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

8bb671d88cac4c489add973db6acdd19795b3df45af5ecbf92f885399bb4a10e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

Strict-Transport-Security: max-age=15780000;
Cache-Control: max-age=604800
ETag: "625410e4-19a8"
Connection: keep-alive
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Expires: Sat, 02 Nov 2024 08:05:19 GMT
Accept-Ranges: bytes
Content-Length: 6568
Date: Sat, 26 Oct 2024 08:05:19 GMT
Content-Type: image/jpeg
Last-Modified: Mon, 11 Apr 2022 11:28:36 GMT
Server: nginx

GET
H/1.1 200
OK phishing-resized-150x150.jpg
www.imsnetworking.com/files/2020/03/ 3 KB
3 KB 353ms
208ms Image
image/jpeg 54.71.226.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imsnetworking.com/files/2020/03/phishing-resized-150x150.jpg

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.71.226.19 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-71-226-19.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

2ab099d0ce09f7933933f365e5081cde896b96678af2eac7a76ad990ce8eb6b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

Strict-Transport-Security: max-age=15780000;
Cache-Control: max-age=604800
ETag: "62541074-a5d"
Connection: keep-alive
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Expires: Sat, 02 Nov 2024 08:05:19 GMT
Accept-Ranges: bytes
Content-Length: 2653
Date: Sat, 26 Oct 2024 08:05:19 GMT
Content-Type: image/jpeg
Last-Modified: Mon, 11 Apr 2022 11:26:44 GMT
Server: nginx

GET
H/1.1 200
OK android-resized-150x150.png
www.imsnetworking.com/files/2020/11/ 37 KB
38 KB 342ms
202ms Image
image/png 54.71.226.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imsnetworking.com/files/2020/11/android-resized-150x150.png

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.71.226.19 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-71-226-19.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

13b220db3ef81b04d3ad03d2eae4fb2b619f0208c9cb7dbfd1b4adb631ed67ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

Strict-Transport-Security: max-age=15780000;
Cache-Control: max-age=604800
ETag: "6254105d-94d9"
Connection: keep-alive
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Expires: Sat, 02 Nov 2024 08:05:19 GMT
Accept-Ranges: bytes
Content-Length: 38105
Date: Sat, 26 Oct 2024 08:05:19 GMT
Content-Type: image/png
Last-Modified: Mon, 11 Apr 2022 11:26:21 GMT
Server: nginx

GET
H/1.1 200
OK SD-USB-resized-150x150.jpg
www.imsnetworking.com/files/2019/05/ 5 KB
5 KB 341ms
210ms Image
image/jpeg 54.71.226.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imsnetworking.com/files/2019/05/SD-USB-resized-150x150.jpg

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.71.226.19 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-71-226-19.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

f3fe7bd589ce08b9e49607a6b31d784b5e1114aff17858a43593f0dc3fb71697

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

Strict-Transport-Security: max-age=15780000;
Cache-Control: max-age=604800
ETag: "6254108e-13e5"
Connection: keep-alive
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Expires: Sat, 02 Nov 2024 08:05:19 GMT
Accept-Ranges: bytes
Content-Length: 5093
Date: Sat, 26 Oct 2024 08:05:19 GMT
Content-Type: image/jpeg
Last-Modified: Mon, 11 Apr 2022 11:27:10 GMT
Server: nginx

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 111ms
47ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.imsnetworking.com
Referer: https://www.imsnetworking.com/

Response headers

age: 315432
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 16:28:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 16:28:07 GMT
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48236
x-xss-protection: 0
server: sffe

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 288 KB
82 KB 38ms
37ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=bc2f3b079644ec8f73cada11c84707b8

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

c6171a31f768e6ef2e2c6c3114355d1ddb836459fd647d1a2950260c5b5d1669

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.imsnetworking.com
Referer: https://www.imsnetworking.com/

Response headers

content-md5: Cm9H8gIyhAa68hw4y3UInA==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "e763586200cec1e65f8f1f5651c28dcd"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sun, 26 Oct 2025 06:45:04 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 26 Oct 2024 08:05:19 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: 03ab5cfaec0628f9a413da27c8afafb8
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: UNKNOWN; q=-1, rtt=-1, rtx=0, c=20, mss=1232, tbw=1826, tp=5, tpl=0, uplat=0, ullat=-1
x-fb-debug: t9q4m5Xl6gwazarG/zjCuBs3gSG8APUuhdalhqkQLO3UWVSePW6hTUlkuGl3BWErz2n/8XnePZXZhFKe9t4N+A==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
content-length: 84057
origin-agent-cluster: ?1

GET
H3 200 468727558278160 Show response
connect.facebook.net/signals/config/ 67 KB
13 KB 180ms
180ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/468727558278160?v=2.9.174&r=stable&domain=www.imsnetworking.com&hme=ead923021ccd3483ef3b9b04703d0a78b943fbdc01e8d7cec21c5059f1f4a5e9&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C194%2C193%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

c350f63ddc4fb7f141008dcf891c8753396898a4a3a05d54f49f1473c7136b6c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-SamK17DS' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 26 Oct 2024 08:05:19 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-SamK17DS' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=33, rtx=0, c=76, mss=1232, tbw=70100, tp=68, tpl=0, uplat=149, ullat=1
pragma: public
x-fb-debug: Vf9CeD6/udrWw+eqQlpznTv3Khy8TUTsYR+IB7HZUY1VZSIZvAYAwUVm7b74NV9i6lbgkpkOImJ3x+INbLMQWA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
814 B 269ms
179ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=3752314&time=1729929919631&url=https%3A%2F%2Fwww.imsnetworking.com%2F2021%2F03%2F18%2Fhacker-uses-zoom-invites-to-steal-credentials-through-sendgrid%2F
Requested by: Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: *
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

x-li-pop: afd-prod-ltx1-x
content-encoding: gzip
x-fs-uuid: 0006255cb25b9356d0f4087c3557ab79
x-msedge-ref: Ref A: A9386A4F21644025AD9E96B01F681086 Ref B: CPH30EDGE0813 Ref C: 2024-10-26T08:05:19Z
x-li-fabric: prod-ltx1
x-restli-protocol-version: 1.0.0
access-control-allow-methods: GET, OPTIONS
x-li-uuid: AAYlXLJbk1bQ9Ah8NVereQ==
x-li-proto: http/2
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Sat, 26 Oct 2024 08:05:19 GMT
content-type: application/json
access-control-allow-headers: *

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3752314&time=1729929919631&url=https%3A%2F%2Fwww.imsnetworking.com%2F2021%2F03%2F18%2Fhacker-uses-zoom-invites-to-steal-credentials-through-sendgr...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3752314&time=1729929919631&url=https%3A%2F%2Fwww.imsnetworking.com%2F2021%2F03%2F18%2Fhacker-uses-zoom-invites-to-steal-credentials-through-sendg...

0
267 B

320ms
200ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3752314&time=1729929919631&url=https%3A%2F%2Fwww.imsnetworking.com%2F2021%2F03%2F18%2Fhacker-uses-zoom-invites-to-steal-credentials-through-sendgrid%2F&e_ipv6=AQIjKa1Qc0zCkAAAAZLH271qg5b0tUkXKqxSO4XnkQeBAYttni88SGCPKcfr-ImXobQZ4p-F
Requested by: Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 52BE866EF7BE4ADD94AEA08244B22D6E Ref B: CPH30EDGE0319 Ref C: 2024-10-26T08:05:20Z
x-li-fabric: prod-lor1
x-li-uuid: AAYlXLJgtAFODtEhLmVBSA==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Sat, 26 Oct 2024 08:05:19 GMT
content-type: application/javascript

Redirect headers

linkedin-action: 1
x-li-pop: afd-prod-lor1-x
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3752314&time=1729929919631&url=https%3A%2F%2Fwww.imsnetworking.com%2F2021%2F03%2F18%2Fhacker-uses-zoom-invites-to-steal-credentials-through-sendgrid%2F&e_ipv6=AQIjKa1Qc0zCkAAAAZLH271qg5b0tUkXKqxSO4XnkQeBAYttni88SGCPKcfr-ImXobQZ4p-F
x-msedge-ref: Ref A: 49958D35073B4955A1136F2525CBBC59 Ref B: CPH30EDGE0907 Ref C: 2024-10-26T08:05:19Z
x-li-fabric: prod-lor1
x-li-uuid: AAYlXLJbzdjjfiSFisNlHQ==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Sat, 26 Oct 2024 08:05:19 GMT

GET
H/1.1 200
OK srpthumb-p25616-50x50-no.jpg
www.imsnetworking.com/wp-content/plugins/special-recent-posts/cache/ 1 KB
2 KB 194ms
193ms Image
image/jpeg 54.71.226.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imsnetworking.com/wp-content/plugins/special-recent-posts/cache/srpthumb-p25616-50x50-no.jpg

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.71.226.19 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-71-226-19.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

2e68ab924fd8bfe8b0746485af728c9f43c33814a885368eb5b68d754638a4de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

Strict-Transport-Security: max-age=15780000;
Cache-Control: max-age=604800
ETag: "5eab1846-4c6"
Connection: keep-alive
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Expires: Sat, 02 Nov 2024 08:05:19 GMT
Accept-Ranges: bytes
Content-Length: 1222
Date: Sat, 26 Oct 2024 08:05:19 GMT
Content-Type: image/jpeg
Last-Modified: Thu, 30 Apr 2020 18:26:14 GMT
Server: nginx

GET
H/1.1 200
OK srpthumb-p25611-50x50-no.jpg
www.imsnetworking.com/wp-content/plugins/special-recent-posts/cache/ 1 KB
2 KB 202ms
201ms Image
image/jpeg 54.71.226.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imsnetworking.com/wp-content/plugins/special-recent-posts/cache/srpthumb-p25611-50x50-no.jpg

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.71.226.19 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-71-226-19.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

3b0cdd28d767825fd71a7790f701b9d682269c36ff01eba658c67732cc6c972b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

Strict-Transport-Security: max-age=15780000;
Cache-Control: max-age=604800
ETag: "608ece64-544"
Connection: keep-alive
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Expires: Sat, 02 Nov 2024 08:05:19 GMT
Accept-Ranges: bytes
Content-Length: 1348
Date: Sat, 26 Oct 2024 08:05:19 GMT
Content-Type: image/jpeg
Last-Modified: Sun, 02 May 2021 16:08:04 GMT
Server: nginx

GET
H3 200 in.php Show response
win.staticstuff.net/ 131 B
339 B 230ms
198ms Script
text/javascript 104.16.158.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://win.staticstuff.net/in.php?site_id=101045268&href=%2F2021%2F03%2F18%2Fhacker-uses-zoom-invites-to-steal-credentials-through-sendgrid%2F&title=Hacker%20Uses%20Zoom%20Invites%20To%20Steal%20Credentials%20Through%20Sendgrid%20%7C%20Information%20Management%20Systems&res=1600x1200&lang=de-DE&tz=Europe%2FBerlin&tc=&ck=1&x=5zg8w0
Requested by: Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.158.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d6c2aa0a446364169fba9251e31da41e2f618a09e3cceae2fccd617508e372f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

cache-control: max-age=0, must-revalidate, no-cache, no-store, private
content-encoding: gzip
cf-cache-status: DYNAMIC
cf-ray: 8d88f0ce2aae62f0-HAM
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Sat, 26 Oct 2024 08:05:19 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding
server: cloudflare

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 164ms
53ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

content-encoding: gzip
age: 2110
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Sat, 26 Oct 2024 09:30:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 07:30:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 bat.js Show response
bat.bing.com/ 50 KB
15 KB 151ms
53ms Script
application/javascript 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: gzip
etag: "028e0691d20db1:0"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BA21A4907F2C4EDBAD79ACDB4DD336EF Ref B: CPH30EDGE0911 Ref C: 2024-10-26T08:05:19Z
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 14570
date: Sat, 26 Oct 2024 08:05:19 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 22:47:44 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 88 KB
28 KB 150ms
43ms Script
text/javascript 2600:9000:2644:dc00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:dc00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 84de47ed6481524074cd5e375bb773f01b59fa6452539b3b60cdb916914ca0e1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

Access-Control-Max-Age: 600
Content-Encoding: gzip
X-Amz-Version-Id: XRapE5DFdXRGc5myIfsDq4zGHQVtai2E
Etag: W/"792eca3181a87960d692c005437f63e0"
Age: 670
Access-Control-Allow-Methods: GET
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: 2Dmd5nNh3UCkTGQ_cfKdHuOSDgTbkbibbwipsnJfZCtVrRz7-IM8CQ==
Date: Sat, 26 Oct 2024 07:54:10 GMT
Content-Type: text/javascript
Vary: Accept-Encoding
Last-Modified: Tue, 15 Oct 2024 15:51:52 GMT
Access-Control-Allow-Headers: *
Transfer-Encoding: chunked
Cache-Control: max-age=3600, must-revalidate
Connection: keep-alive
Access-Control-Allow-Credentials: false
Via: 1.1 e3f7f612cf7d05edb500a43ad2f70e96.cloudfront.net (CloudFront)
Access-Control-Allow-Origin: *
X-Amz-Cf-Pop: FRA60-P6
Server: AmazonS3
X-Amz-Server-Side-Encryption: AES256

GET
H2 200 swap.js Show response
cdn.calltrk.com/companies/831249547/1363dce43cb008676d63/12/ 39 KB
12 KB 240ms
134ms Script
text/javascript 18.245.46.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.calltrk.com/companies/831249547/1363dce43cb008676d63/12/swap.js

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.46.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-46-63.fra56.r.cloudfront.net

Software

Resource Hash

ff2f44a884c2cd98f89ce12596d909188ce7aa8e9f34e04cc93befdac01a8adc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

x-request-id: e801046b-ce4f-4de8-886c-b804ba7d2195
content-encoding: gzip
etag: W/"ff2f44a884c2cd98f89ce12596d90918"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-cache: Miss from cloudfront
x-amz-cf-id: DizJIv2yM4wWzv1A6e1PjkV7tbsYw_ayYPgartofs3f6rdebI1w_4w==
date: Sat, 26 Oct 2024 08:05:19 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-runtime: 0.008579
x-frame-options: SAMEORIGIN
cache-control: max-age=3600, public
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
via: 1.1 4f3281e2362f23bf5efc65311d3defb0.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P9

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 246 KB
88 KB 65ms
64ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T2WKNM4

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ac63009b1e5b9deaa3712d8cf4eb8c1431c6c060bd5ea7981ed9cb8bcb70044a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Sat, 26 Oct 2024 08:05:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 08:05:19 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 26 Oct 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 90402
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 293 KB
100 KB 77ms
76ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZYLC7TJ3DT&l=dataLayer&cx=c

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

98d76a76d55b80b555015e0d19b6d22ab41d723da3adf0d4704b9f741af1081e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 26 Oct 2024 08:05:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 08:05:19 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 102656
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 221 KB
79 KB 85ms
84ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-19661322-1&l=dataLayer&cx=c

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

73dcbd65337f4a9a6476286a9e87571dc0a722590ac572dfcd65b840fc44879a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 26 Oct 2024 08:05:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 08:05:19 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 26 Oct 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 80458
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 221 KB
79 KB 66ms
65ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-88748003-1&l=dataLayer&cx=c

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9f3c86cafd8bf6e7ca531f4c9a8c3be555e2ee6308f3b0e50c5e8f1738ed7ffd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 26 Oct 2024 08:05:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 08:05:19 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 26 Oct 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 80546
x-xss-protection: 0
server: Google Tag Manager

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
709 B 135ms
133ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: *
Content-Type: text/plain;charset=UTF-8

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 3CC5AD24CB204E47AB60B6EB4447B6F6 Ref B: CPH30EDGE0907 Ref C: 2024-10-26T08:05:19Z
x-li-fabric: prod-lva1
access-control-allow-credentials: true
x-li-uuid: AAYlXLJbPQ43RYwTZeBq2g==
x-li-proto: http/2
access-control-allow-origin: https://www.imsnetworking.com
x-cache: CONFIG_NOCACHE
date: Sat, 26 Oct 2024 08:05:19 GMT
vary: Origin

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 136ms
36ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-ZYLC7TJ3DT&gtm=45je4ao0v875243874za200zb854409174&_p=1729929919306&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533421~101823848&cid=797682654.1729929920&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1729929919&sct=1&seg=0&dl=https%3A%2F%2Fwww.imsnetworking.com%2F2021%2F03%2F18%2Fhacker-uses-zoom-invites-to-steal-credentials-through-sendgrid%2F&dt=Hacker%20Uses%20Zoom%20Invites%20To%20Steal%20Credentials%20Through%20Sendgrid%20%7C%20Information%20Management%20Systems&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=4218
Requested by: Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.imsnetworking.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 08:05:19 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 127ms
30ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=468727558278160&ev=PageView&dl=https%3A%2F%2Fwww.imsnetworking.com%2F2021%2F03%2F18%2Fhacker-uses-zoom-invites-to-steal-credentials-through-sendgrid%2F&rl=&if=false&ts=1729929919840&sw=1600&sh=1200&v=2.9.174&r=stable&ec=0&o=12318&fbp=fb.1.1729929919834.921912169480775925&ler=empty&cdl=API_unavailable&it=1729929919550&coo=false&rqm=GET

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=27, rtx=0, c=10, mss=1368, tbw=2920, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sat, 26 Oct 2024 08:05:19 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 281ms
202ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=468727558278160&ev=PageView&dl=https%3A%2F%2Fwww.imsnetworking.com%2F2021%2F03%2F18%2Fhacker-uses-zoom-invites-to-steal-credentials-through-sendgrid%2F&rl=&if=false&ts=1729929919840&sw=1600&sh=1200&v=2.9.174&r=stable&ec=0&o=12318&fbp=fb.1.1729929919834.921912169480775925&ler=empty&cdl=API_unavailable&it=1729929919550&coo=false&rqm=FGET

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7429992428554661575"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 26 Oct 2024 08:05:20 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: LPeUgS6BBNGKi/4Ja0Qp9Mp/GQxXSk/6TeiMdniD14mYTwBrlixcJL0nwVcP/NXjCAXSKqTlRejCLmbF8OwspQ==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7429992428554661575", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=27, rtx=0, c=16, mss=1368, tbw=3238, tp=-1, tpl=-1, uplat=172, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

POST
H3 200 collect
www.google.com/ccm/ 0
0 187ms
56ms Ping
text/html 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.imsnetworking.com%2F2021%2F03%2F18%2Fhacker-uses-zoom-invites-to-steal-credentials-through-sendgrid%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1994565691.1729929920&auid=2050172342.1729929920&npa=1&gtm=45He4ao0v854421013za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101533421~101823848&tft=1729929919923&tfd=4320&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2WKNM4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 244 KB
87 KB 70ms
65ms Script
application/javascript 142.250.186.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-10776875129&l=dataLayer&cx=c

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e803b74e534617fa91d2c6efb24e4d2a408e922816a56b2786249cb3afe2805e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Sat, 26 Oct 2024 08:05:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 08:05:19 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 26 Oct 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 89492
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame E08C 0
0 164ms
52ms Document
text/html 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fwww.imsnetworking.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2WKNM4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Sat, 26 Oct 2024 08:05:20 GMT
expires: Sun, 26 Oct 2025 08:05:20 GMT
last-modified: Mon, 21 Oct 2024 16:58:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 137016515.js Show response
bat.bing.com/p/action/ 369 B
426 B 56ms
55ms Script
application/javascript 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/137016515.js

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1436939ed29c528098b948903ff835b1f1066a45afc277c43053a25964d1761c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A35C022740AC4B959FEC6B8F3FC8F137 Ref B: CPH30EDGE0911 Ref C: 2024-10-26T08:05:19Z
x-cache: CONFIG_NOCACHE
date: Sat, 26 Oct 2024 08:05:19 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 294 KB
101 KB 74ms
73ms Script
application/javascript 142.250.186.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3KYSKTT34K&l=dataLayer&cx=c

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

8b3ae2340783895cdd1554d53054db40ec428ac4b7a7ce5a1e4f403f13566488

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 26 Oct 2024 08:05:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 08:05:20 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 103221
x-xss-protection: 0
server: Google Tag Manager

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
439 B 56ms
54ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1558732085&t=pageview&_s=1&dl=https%3A%2F%2Fwww.imsnetworking.com%2F2021%2F03%2F18%2Fhacker-uses-zoom-invites-to-steal-credentials-through-sendgrid%2F&ul=de-de&de=UTF-8&dt=Hacker%20Uses%20Zoom%20Invites%20To%20Steal%20Credentials%20Through%20Sendgrid%20%7C%20Information%20Management%20Systems&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=2026206022&gjid=1422011105&cid=797682654.1729929920&tid=UA-212034076-1&_gid=158564221.1729929920&_r=1&_slc=1&gtm=45He4ao0n81NQGRG64v854409174za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101533422~101823848&npa=1&z=798971771

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eac00e7df85b03ffd51cff296c5a4a5fb25bec641d7c9c07ef766720df8ba8bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 08:05:20 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://www.imsnetworking.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 15
server: Golfe2

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
71 B 59ms
57ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1558732085&t=pageview&_s=1&dl=https%3A%2F%2Fwww.imsnetworking.com%2F2021%2F03%2F18%2Fhacker-uses-zoom-invites-to-steal-credentials-through-sendgrid%2F&ul=de-de&de=UTF-8&dt=Hacker%20Uses%20Zoom%20Invites%20To%20Steal%20Credentials%20Through%20Sendgrid%20%7C%20Information%20Management%20Systems&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=2068005948&gjid=1939717151&cid=797682654.1729929920&tid=UA-88748003-1&_gid=158564221.1729929920&_r=1&gtm=457e4ao0za200zb854409174&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101533421~101823848&jsscut=1&npa=1&z=236084018

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 08:05:20 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://www.imsnetworking.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 1
server: Golfe2

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/6QJ2DQZO7JEURFI7XLQWCQ/XADRIFJBUNAYXHCVJAXAQI/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
756 B

38ms
38ms

Script
application/javascript

2600:9000:2644:dc00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Requested by: Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/
Protocol: HTTP/1.1
Server: 2600:9000:2644:dc00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

Access-Control-Max-Age: 600
X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Age: 20574
Access-Control-Allow-Methods: GET
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: 94QA5srJQMtCvu1vRF6bmAybwSBvY6xvVvcQ6B5E-obhF39Sqjt-TQ==
Date: Sat, 26 Oct 2024 02:22:27 GMT
Content-Type: application/javascript
Vary: Accept-Encoding
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Access-Control-Allow-Headers: *
Connection: keep-alive
Access-Control-Allow-Credentials: false
Via: 1.1 cae5c5323232533718f592c973f01432.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 0
X-Amz-Cf-Pop: FRA60-P6
Server: AmazonS3
X-Amz-Server-Side-Encryption: AES256

Redirect headers

Access-Control-Max-Age: 600
Age: 60182
Access-Control-Allow-Methods: GET
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: koF-wbyf7lk3wVewONjpbPPDVg0CaBS39c6MryiO8T5j_IZHfR__Fw==
Date: Fri, 25 Oct 2024 15:22:17 GMT
Content-Type: application/xml
Access-Control-Allow-Headers: *
Location: https://s.adroll.com/j/pre/index.js
Connection: keep-alive
Access-Control-Allow-Credentials: false
Via: 1.1 e3f7f612cf7d05edb500a43ad2f70e96.cloudfront.net (CloudFront)
Access-Control-Allow-Origin: *
Content-Length: 0
X-Amz-Cf-Pop: FRA60-P6
Server: AmazonS3

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/6QJ2DQZO7JEURFI7XLQWCQ/XADRIFJBUNAYXHCVJAXAQI/ 0
805 B 695ms
643ms Script
text/javascript 2600:9000:2644:dc00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/6QJ2DQZO7JEURFI7XLQWCQ/XADRIFJBUNAYXHCVJAXAQI/index.js
Requested by: Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:dc00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

Access-Control-Max-Age: 600
X-Amz-Version-Id: pQ7Hp5dXot9ZKkf1oOv0fjQdtpbLOSEX
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Access-Control-Allow-Methods: GET
X-Cache: RefreshHit from cloudfront
X-Amz-Cf-Id: FSS-pxUvMSOVl6rHQHclCiFZ96jlFyLFcBaLq7JN6LTpEbQ6wDiRXw==
Date: Sat, 26 Oct 2024 08:05:21 GMT
Content-Type: text/javascript; charset=utf-8
Vary: Accept-Encoding
Last-Modified: Fri, 25 Oct 2024 12:19:52 GMT
Access-Control-Allow-Headers: *
Cache-Control: max-age=3600, must-revalidate
Connection: keep-alive
Access-Control-Allow-Credentials: false
Via: 1.1 e3f7f612cf7d05edb500a43ad2f70e96.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 0
X-Amz-Cf-Pop: FRA60-P6
Server: AmazonS3
X-Amz-Server-Side-Encryption: AES256

GET Seal.aspx
www.rapidscansecure.com/siteseal/ 0
0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 282 KB
97 KB 75ms
74ms Script
application/javascript 142.250.186.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q9V92NCL8D&l=dataLayer&cx=c

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

503d0eff11a83c22173d14b01e89c72adf679427d85fec4a3e81b7ac44fe32dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 26 Oct 2024 08:05:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 08:05:20 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 99679
x-xss-protection: 0
server: Google Tag Manager

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
69 B 62ms
59ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1558732085&t=pageview&_s=1&dl=https%3A%2F%2Fwww.imsnetworking.com%2F2021%2F03%2F18%2Fhacker-uses-zoom-invites-to-steal-credentials-through-sendgrid%2F&ul=de-de&de=UTF-8&dt=Hacker%20Uses%20Zoom%20Invites%20To%20Steal%20Credentials%20Through%20Sendgrid%20%7C%20Information%20Management%20Systems&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAUABAAAAACAAI~&jid=104582465&gjid=208751890&cid=797682654.1729929920&tid=UA-19661322-1&_gid=158564221.1729929920&_r=1&gtm=457e4ao0za200zb854409174&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101533421~101823848&jsscut=1&npa=1&z=755816842

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 08:05:20 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://www.imsnetworking.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 1
server: Golfe2

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 287 KB
99 KB 78ms
72ms Script
application/javascript 142.250.186.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3DSXDED196&cx=c&_slc=1

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

5122be2f4bc8e2714883184be26a64043a03ab0a0b6a5c67d22bd3b7809e8ef5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 26 Oct 2024 08:05:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 08:05:20 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 101763
x-xss-protection: 0
server: Google Tag Manager

POST
H2 204 0
bat.bing.net/actionp/ 0
345 B 341ms
60ms Ping
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.net/actionp/0?ti=137016515&tm=gtm002&Ver=2&mid=438d44ab-aa18-47d0-bcf4-9e5befb34dec&bo=1&evt=consent&src=enforced&cdb=AQAI&asc=D
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E55885100B184CB090D5B438A30C5645 Ref B: CPH30EDGE0318 Ref C: 2024-10-26T08:05:20Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Sat, 26 Oct 2024 08:05:19 GMT

GET
H2 200 e887c3298b.css
use.fontawesome.com/ 1 KB
856 B 192ms
182ms Stylesheet
text/css 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/e887c3298b.css
Requested by: Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71cb08a9716e383a4266806835ffc7c4fde287bc2767953513a844e08968d6d7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

cache-control: max-age=1800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: REVALIDATED
etag: W/"2784d181619980fe253eb23fed229172"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rNeJ9DDmUm3JoeW621d1DeTx11YljgHgQr0kmPRz5M6oUQBETLDxjZUsVAtAh27vrvYe84pHrXDwpgPvl%2BBD3arS3GIw2koeJ3TpbrSj%2FrzDsYY2gyRBrZbf1E0yZxQHgbx5DygEx0NsAxi4fN8JGuPf"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d88f0d11e2b9311-CPH
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=23827&sent=13&recv=14&lost=0&retrans=0&sent_bytes=8299&recv_bytes=2411&delivery_rate=275754&cwnd=254&unsent_bytes=0&cid=3573adb0ccc8d804&ts=989&x=0"
date: Sat, 26 Oct 2024 08:05:20 GMT
content-type: text/css
last-modified: Fri, 22 Sep 2023 01:37:08 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 share_button.php
www.facebook.com/v2.6/plugins/ Frame 2E0E 0
0 144ms
86ms Document
text/html 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.6/plugins/share_button.php?app_id=144240632325488&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df512e074a09d8bfa4%26domain%3Dwww.imsnetworking.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.imsnetworking.com%252Ffeb71465e48248303%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.imsnetworking.com%2F2021%2F03%2F18%2Fhacker-uses-zoom-invites-to-steal-credentials-through-sendgrid%2F&layout=button_count&locale=en_US&mobile_iframe=true&sdk=joey

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=bc2f3b079644ec8f73cada11c84707b8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: zstd
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
date: Sat, 26 Oct 2024 08:05:20 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v15.0
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7429992431789526890"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7429992431789526890", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=27, rtx=0, c=10, mss=1368, tbw=2886, tp=-1, tpl=-1, uplat=51, ullat=0
x-fb-debug: QhgvzIlxHyIxIX9FXAx/nJZXW1QcYabLZkkeB6+bkdum416ggq+9b/WrkValzD958sEw32YZTnAEwshXqEmGyQ==
x-xss-protection: 0

GET
H2 200 widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame A7C5 0
0 125ms
33ms Document
text/html 199.232.188.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.imsnetworking.com
Requested by: Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=315360000
content-encoding: gzip
content-length: 105429
content-type: text/html; charset=utf-8
date: Sat, 26 Oct 2024 08:05:20 GMT
etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
last-modified: Mon, 11 Dec 2023 17:19:49 GMT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn: FT
vary: Accept-Encoding
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-served-by: cache-iad-kiad7000164-IAD, cache-muc13979-MUC

GET
H2 200 external_forms.js Show response
js.calltrk.com/companies/831249547/ 23 KB
8 KB 160ms
128ms Script
text/javascript 18.245.46.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.calltrk.com/companies/831249547/external_forms.js?t=1729929920276&

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.46.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-46-63.fra56.r.cloudfront.net

Software

Resource Hash

11ffc5a46ac8f7b93cf4da2afdab96293cba7c2997344a99a5c845a8d39988d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

x-request-id: 0b6ad21c-2f9f-4229-9737-2b11b826b1a1
content-encoding: gzip
etag: W/"11ffc5a46ac8f7b93cf4da2afdab9629"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-cache: Miss from cloudfront
x-amz-cf-id: W6KtOf6Nl43-o0bsQsvZ4pxGUROlXLOkNS8d9vvEJNQDeiLAClAMrg==
date: Sat, 26 Oct 2024 08:05:20 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-runtime: 0.001682
x-frame-options: SAMEORIGIN
cache-control: max-age=0, private, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
via: 1.1 4f3281e2362f23bf5efc65311d3defb0.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P9

POST
H2 200 swap_session.json Show response
js.calltrk.com/group/0/1363dce43cb008676d63/12/ 289 B
969 B 372ms
227ms XHR
application/json 18.245.46.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.calltrk.com/group/0/1363dce43cb008676d63/12/swap_session.json

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.46.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-46-37.fra56.r.cloudfront.net

Software

Resource Hash

700b65bc831eb1d03cd6115f4597ef09f085296f73649eb49e9156e586cde91e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json
Content-Type: text/plain

Response headers

access-control-max-age: 7200
x-request-id: bbce4528-740f-4290-907e-899c2c3a52d7
access-control-expose-headers
etag: W/"700b65bc831eb1d03cd6115f4597ef09"
x-permitted-cross-domain-policies: none
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
x-content-type-options: nosniff
x-cache: Miss from cloudfront
x-amz-cf-id: _zZ9a4KWuK8ytJkKOVGrn5rcAhEgu4iw0YyuxkLLa4EX2EEA4YmtLA==
date: Sat, 26 Oct 2024 08:05:20 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding, Origin
x-runtime: 0.096180
x-frame-options: SAMEORIGIN
cache-control: max-age=0, private, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
via: 1.1 e4a4a1d8cbc68200b55d6f49ec5eb07a.cloudfront.net (CloudFront)
access-control-allow-origin: *
content-length: 289
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P9

GET
H2 200 6QJ2DQZO7JEURFI7XLQWCQ Show response
d.adroll.com/consent/check/ 530 B
623 B 190ms
48ms Script
application/javascript 2a05:d018:cc3:fe04:a20b:3458:b6c7:91a5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/6QJ2DQZO7JEURFI7XLQWCQ?flg=1&pv=52760607853.726006&arrfrr=https%3A%2F%2Fwww.imsnetworking.com%2F2021%2F03%2F18%2Fhacker-uses-zoom-invites-to-steal-credentials-through-sendgrid%2F&_s=13b89277f2268b7032be9ccd4e03e5c9&_b=2
Requested by: Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe04:a20b:3458:b6c7:91a5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: ccce29e21cb92b67297aefc88d30d9286ed152c394e9a428d43ce2c1c62c7879

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

content-length: 530
date: Sat, 26 Oct 2024 08:05:20 GMT
content-type: application/javascript
server: nginx/1.22.1

GET
H2 204 0
bat.bing.net/action/ 0
120 B 237ms
124ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.net/action/0?ti=137016515&tm=gtm002&Ver=2&mid=438d44ab-aa18-47d0-bcf4-9e5befb34dec&bo=2&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Hacker%20Uses%20Zoom%20Invites%20To%20Steal%20Credentials%20Through%20Sendgrid%20%7C%20Information%20Management%20Systems&p=https%3A%2F%2Fwww.imsnetworking.com%2F2021%2F03%2F18%2Fhacker-uses-zoom-invites-to-steal-credentials-through-sendgrid%2F&r=&lt=4689&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=21865
Requested by: Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FCF634E979A5478A936D73B830AA8B79 Ref B: CPH30EDGE0318 Ref C: 2024-10-26T08:05:20Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Sat, 26 Oct 2024 08:05:19 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 52ms
36ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-3KYSKTT34K&gtm=45je4ao0v9135644940za200&_p=1729929919306&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533421~101823848&cid=797682654.1729929920&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1729929920&sct=1&seg=0&dl=https%3A%2F%2Fwww.imsnetworking.com%2F2021%2F03%2F18%2Fhacker-uses-zoom-invites-to-steal-credentials-through-sendgrid%2F&dt=Hacker%20Uses%20Zoom%20Invites%20To%20Steal%20Credentials%20Through%20Sendgrid%20%7C%20Information%20Management%20Systems&en=page_view&_fv=1&_ss=1&tfd=4810
Requested by: Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.imsnetworking.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 08:05:20 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
550 B 116ms
35ms Ping
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3KYSKTT34K&cid=797682654.1729929920&gtm=45je4ao0v9135644940za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=101533421~101823848
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3KYSKTT34K&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.imsnetworking.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 08:05:20 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 145ms
73ms Image
image/gif 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3KYSKTT34K&cid=797682654.1729929920&gtm=45je4ao0v9135644940za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=101533421~101823848&tag_exp=101533421~101823848&z=206028432

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sat, 26 Oct 2024 08:05:20 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ 30 KB
7 KB 40ms
40ms Stylesheet
text/css 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/e887c3298b.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://use.fontawesome.com/e887c3298b.css

Response headers

cache-control: max-age=31556926
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
etag: W/"36082410df2ef7f83932219089dc1443"
age: 294467
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wckfm3HVrvCMn8iciZDTpWsTwEVWcLE6U07uCGd4zbXZXu%2BABVkdg5GPirGiOLjmoqmjO0RB%2FVnm3vLWQsmDp9QoiC9yz28Ohb3Tm9YALs%2FvMwqnfVpykeynnQpgpyA4AN7UWkPH2ojOYUcgNQyx6oRJ"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d88f0d2b8459311-CPH
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=23854&sent=17&recv=16&lost=0&retrans=0&sent_bytes=9221&recv_bytes=2523&delivery_rate=275754&cwnd=254&unsent_bytes=0&cid=3573adb0ccc8d804&ts=1092&x=0"
date: Sat, 26 Oct 2024 08:05:20 GMT
content-type: text/css
last-modified: Fri, 22 Sep 2023 01:44:05 GMT
vary: Accept-Encoding
server: cloudflare

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 37ms
36ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Q9V92NCL8D&gtm=45je4ao0v9122491505za200&_p=1729929919306&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533422~101823848&cid=797682654.1729929920&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1729929920&sct=1&seg=0&dl=https%3A%2F%2Fwww.imsnetworking.com%2F2021%2F03%2F18%2Fhacker-uses-zoom-invites-to-steal-credentials-through-sendgrid%2F&dt=Hacker%20Uses%20Zoom%20Invites%20To%20Steal%20Credentials%20Through%20Sendgrid%20%7C%20Information%20Management%20Systems&en=page_view&_fv=1&_ss=1&tfd=4871
Requested by: Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.imsnetworking.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 08:05:20 GMT
content-type: text/plain
server: Golfe2

POST
H3 204 collect
region1.google-analytics.com/g/ 0
0 35ms
35ms Fetch
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3DSXDED196&gtm=45je4ao0v9134167061za200&_p=1729929919306&gcd=13l3l3l2l3l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533421~101823848&ul=de-de&sr=1600x1200&cid=797682654.1729929920&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.imsnetworking.com%2F2021%2F03%2F18%2Fhacker-uses-zoom-invites-to-steal-credentials-through-sendgrid%2F&dt=Hacker%20Uses%20Zoom%20Invites%20To%20Steal%20Credentials%20Through%20Sendgrid%20%7C%20Information%20Management%20Systems&sid=1729929920&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=4949
Requested by: Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.imsnetworking.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 26 Oct 2024 08:05:20 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.7.0/fonts/ 75 KB
76 KB 271ms
221ms Font
application/font-woff2 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/e887c3298b.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.imsnetworking.com
Referer: https://use.fontawesome.com/e887c3298b.css

Response headers

cf-cache-status: MISS
etag: "af7ae505a9eed503f8b8e6982036873e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wr7rK2rXE%2Ft2IwGgaRa%2FBZTBd3xBBB6nr9K4K1D6AnnLoGZUdU6PsDirP1WnFHieBgsHAebO86OXVNrB%2B3AjNcXzOkT2%2BdJi2C7es96kl47zTNu%2BD85bqKwsPiJdNBMdz9lRI5qzevnVQd0isq9Konmt"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=23376&sent=7&recv=12&lost=0&retrans=0&sent_bytes=4016&recv_bytes=2345&delivery_rate=173257&cwnd=254&unsent_bytes=0&cid=60f382b504a4b73c&ts=219&x=0"
date: Sat, 26 Oct 2024 08:05:20 GMT
content-type: application/font-woff2
last-modified: Fri, 22 Sep 2023 01:44:05 GMT
vary: Origin, Accept-Encoding
cache-control: max-age=31556926
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d88f0d3f907abe7-CPH
accept-ranges: bytes
access-control-allow-origin: *
content-length: 77160
server: cloudflare

GET
H2 200 websiteTriggerIframe
ck368.infusionsoft.app/app/webTracking/ Frame 27A3 0
0 251ms
191ms Document
text/html 2606:4700::6812:1feb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ck368.infusionsoft.app/app/webTracking/websiteTriggerIframe

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1feb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 8d88f0d6da53ca33-HAM
content-encoding: gzip
content-language: de-DE
content-type: text/html;charset=UTF-8
date: Sat, 26 Oct 2024 08:05:21 GMT
expires: Sat, 26 Oct 2024 08:05:21 GMT
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 nr-spa-1.269.0.min.js Show response
js-agent.newrelic.com/ 113 KB
33 KB 174ms
30ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1.269.0.min.js

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

612d5a6b58f15d1f9fba7fcc227b432fe9e5575998208fa13010c4b94c410c35

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.imsnetworking.com
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

strict-transport-security: max-age=300
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
content-encoding: br
etag: "a5da0d8701df2c5c42900dd4d2ea33c9"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 33446
date: Sat, 26 Oct 2024 08:05:21 GMT
last-modified: Wed, 16 Oct 2024 16:42:42 GMT
content-type: application/javascript
x-served-by: cache-fra-eddf8230067-FRA
x-cache-hits: 601220
vary: Accept-Encoding

GET
H2 200 res.js Show response
cmap.amp.vg/st/update/1729929920935/exdwjju2nf2/3nacal71m9md/new/undefined/ 413 B
996 B 347ms
329ms Script
text/javascript 63.174.23.41
EXPEDIENT

General

Check archive.org

Show headers Download Go to

Full URL

https://cmap.amp.vg/st/update/1729929920935/exdwjju2nf2/3nacal71m9md/new/undefined/res.js?q=1729929930000&rurl=noreferrer

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

63.174.23.41 Pittsburgh, United States, ASN17054 (EXPEDIENT, US),

Reverse DNS

Software

nginx /

Resource Hash

c070c0ac38d8adbfc1ba0757c4eda7b4c1e8b6a88e5abc0d20651993c262dc71

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
pragma: no-cache
x-content-type-options: nosniff
expires: -1
requestid: _671ca2c047dae367d0e555d2
content-length: 413
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Sat, 26 Oct 2024 08:05:21 GMT
content-type: text/javascript; charset=utf-8
server: nginx

GET
H2 200 button.856debeac157d9669cf51e73a08fbc93.js Show response
platform.twitter.com/js/ 8 KB
3 KB 36ms
35ms Script
application/javascript 199.232.188.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.856debeac157d9669cf51e73a08fbc93.js
Requested by: Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

content-encoding: gzip
etag: "fdf02dd038ed38dbf3c240d56262af0c+gzip"
access-control-allow-methods: GET
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
date: Sat, 26 Oct 2024 08:05:21 GMT
last-modified: Mon, 11 Dec 2023 17:19:47 GMT
vary: Accept-Encoding
x-served-by: cache-iad-kcgs7200086-IAD, cache-muc13966-MUC
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=315360000
tw-cdn: FT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2620
x-amz-server-side-encryption: AES256

GET
H2 200 tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
platform.twitter.com/widgets/ Frame 921C 0
0 33ms
33ms Document
text/html 199.232.188.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=315360000
content-encoding: gzip
content-length: 12332
content-type: text/html; charset=utf-8
date: Sat, 26 Oct 2024 08:05:21 GMT
etag: "e29e65db7bf0a096587728e1faacfd9c+gzip"
last-modified: Mon, 11 Dec 2023 17:19:48 GMT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn: FT
vary: Accept-Encoding
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-served-by: cache-iad-kjyo7100127-IAD, cache-muc13979-MUC

GET
H2 200 embeds
syndication.twitter.com/i/jot/ 43 B
292 B 232ms
131ms Image
image/gif 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.imsnetworking.com%2F2021%2F03%2F18%2Fhacker-uses-zoom-invites-to-steal-credentials-through-sendgrid%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_creator_screen_name%22%3A%22imsnetworking%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1729929921118%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%222615f7e52b7e0%3A1702314776716%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=dcbd7eb56195b226041d1defbdf84770b0b9a85a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

content-type: image/gif
strict-transport-security: max-age=631138519
x-transaction-id: f605677f706eb0c9
cache-control: must-revalidate, max-age=600
x-connection-hash: 0b0f208b854363453e1c67c524bc61081e75e25fa19538d26f35cc3aed617a9a
x-response-time: 102
content-length: 43
date: Sat, 26 Oct 2024 08:05:20 GMT
last-modified: Sat, 26 Oct 2024 08:05:21 GMT
perf: 7402827104
vary: Origin
server: tsa_o

POST
H/1.1 200 d57af6a05e Show response
bam.nr-data.net/1/ 179 B
638 B 641ms
459ms XHR
text/plain 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/d57af6a05e?a=569209864&v=1.269.0&to=YQAGN0FYDEZTAkVcWFhKJQBHUA1bHRJYW1BaAA%3D%3D&rst=5539&ck=0&s=c4a0812eaa3c61cb&ref=https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/&ptid=c0278a54c18f1cbc&af=err,spa,xhr,stn,ins&ap=1157&be=2550&fe=2783&dc=2140&at=TUcFQQlCH0g%3D&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1729929915603,%22n%22:0,%22f%22:1132,%22dn%22:1147,%22dne%22:1766,%22c%22:1766,%22s%22:1957,%22ce%22:2154,%22rq%22:2154,%22rp%22:2551,%22rpe%22:2742,%22di%22:4553,%22ds%22:4564,%22de%22:4690,%22dc%22:5321,%22l%22:5325,%22le%22:5333%7D,%22navigation%22:%7B%7D%7D&fp=3774&fcp=3774
Requested by: Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e500f5ae3d7e710857b65c003b6a966f83c5e9e86eb7214827e91a7f37bdb6d2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

access-control-expose-headers: Date
timing-allow-origin: https://www.imsnetworking.com
Connection: keep-alive
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
cross-origin-resource-policy: cross-origin
access-control-allow-origin: https://www.imsnetworking.com
Content-Length: 179
date: Sat, 26 Oct 2024 08:05:21 GMT
content-type: text/plain
x-served-by: cache-fra-eddf8230158-FRA

GET
H2 200 timg.png
cmap.amp.vg/st/pulse/1729929921289/exdwjju2nf2/3nacal71m9md/b5kbkig70t18w/52a4b2f7-0c28-4169-9653-0e279e9c8398/ 3 KB
3 KB 136ms
136ms Image
image/png 63.174.23.41
EXPEDIENT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cmap.amp.vg/st/pulse/1729929921289/exdwjju2nf2/3nacal71m9md/b5kbkig70t18w/52a4b2f7-0c28-4169-9653-0e279e9c8398/timg.png?timespan=1729929921289

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

63.174.23.41 Pittsburgh, United States, ASN17054 (EXPEDIENT, US),

Reverse DNS

Software

nginx /

Resource Hash

0508c84f7b772ab1459b883725c02ad02c2ffd79775d7e12939fbb748429341a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: private
x-content-type-options: nosniff
requestid: _671ca2c147dae26ff8654718
content-length: 2763
date: Sat, 26 Oct 2024 08:05:21 GMT
content-type: image/png
server: nginx

POST
H2 200 swap_session.json Show response
js.calltrk.com/group/0/1363dce43cb008676d63/12/ 289 B
969 B 250ms
249ms XHR
application/json 18.245.46.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.calltrk.com/group/0/1363dce43cb008676d63/12/swap_session.json

Requested by

Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.46.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-46-37.fra56.r.cloudfront.net

Software

Resource Hash

700b65bc831eb1d03cd6115f4597ef09f085296f73649eb49e9156e586cde91e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json
Content-Type: text/plain

Response headers

access-control-max-age: 7200
x-request-id: b02df1b0-d219-479d-9d91-16c7667abc56
access-control-expose-headers
etag: W/"700b65bc831eb1d03cd6115f4597ef09"
x-permitted-cross-domain-policies: none
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
x-content-type-options: nosniff
x-cache: Miss from cloudfront
x-amz-cf-id: Ch2WzfuhliZPY77JEazIRhFGSIM3NEByesBCrWbXrvg9umO6jPruPg==
date: Sat, 26 Oct 2024 08:05:21 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding, Origin
x-runtime: 0.033743
x-frame-options: SAMEORIGIN
cache-control: max-age=0, private, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
via: 1.1 e4a4a1d8cbc68200b55d6f49ec5eb07a.cloudfront.net (CloudFront)
access-control-allow-origin: *
content-length: 289
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P9

GET
H2

200

spacer.gif
ck368.infusionsoft.app/slices/
Redirect Chain

https://ck368.infusionsoft.app/app/webTracking/contact/1729929919367?contactId=0&screenResolution=1600x1200&plugins=&javaEnabled=false&domain=www.imsnetworking.com&location=https://www.imsnetworkin...
https://ck368.infusionsoft.app/slices/spacer.gif

43 B
444 B

66ms
66ms

Image
image/gif

2606:4700::6812:1feb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ck368.infusionsoft.app/slices/spacer.gif

Protocol

Server

2606:4700::6812:1feb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://localhost:10239 http://local.infusiontest.com:10239 https://local.infusiontest.com:10239 https://app.intg.infusiontest.com https://app.stge.infusiontest.com https://app.infusionsoft.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"43-1729732260027"
x-content-type-options: nosniff
expires: Sat, 25 Oct 2025 09:36:48 GMT
date: Sat, 26 Oct 2024 08:05:21 GMT
content-type: image/gif;charset=UTF-8
last-modified: Thu, 24 Oct 2024 01:11:00 GMT
vary: accept-encoding
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' http://localhost:10239 http://local.infusiontest.com:10239 https://local.infusiontest.com:10239 https://app.intg.infusiontest.com https://app.stge.infusiontest.com https://app.infusionsoft.com
cache-control: public, max-age=31455087
via: 1.1 google
cf-ray: 8d88f0d9df657266-HAM
x-xss-protection: 1; mode=block
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, no-cache, no-store
location: /slices/spacer.gif
content-encoding: gzip
cf-cache-status: DYNAMIC
pragma: no-cache, no-cache
x-content-type-options: nosniff
via: 1.1 google
cf-ray: 8d88f0d8ae4a7266-HAM
expires: Sat, 26 Oct 2024 08:05:21 GMT, -1
date: Sat, 26 Oct 2024 08:05:21 GMT
x-xss-protection: 1; mode=block
vary: accept-encoding
server: cloudflare

GET
H/1.1 200
OK favicon.png
www.imsnetworking.com/files/2017/05/ 1 KB
2 KB 201ms
200ms Other
image/png 54.71.226.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imsnetworking.com/files/2017/05/favicon.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.71.226.19 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-71-226-19.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

e5243f170aa3d8943a8c765fe1358908240f274e74bbcfd12f7ff1f8f433748a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

Strict-Transport-Security: max-age=15780000;
Cache-Control: max-age=604800
ETag: "625410b3-497"
Connection: keep-alive
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Expires: Sat, 02 Nov 2024 08:05:21 GMT
Accept-Ranges: bytes
Content-Length: 1175
Date: Sat, 26 Oct 2024 08:05:21 GMT
Content-Type: image/png
Last-Modified: Mon, 11 Apr 2022 11:27:47 GMT
Server: nginx

POST
H/1.1 200 d57af6a05e Show response
bam.nr-data.net/events/1/ 24 B
348 B 251ms
249ms XHR
image/gif 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/d57af6a05e?a=569209864&v=1.269.0&to=YQAGN0FYDEZTAkVcWFhKJQBHUA1bHRJYW1BaAA%3D%3D&rst=6194&ck=0&s=c4a0812eaa3c61cb&ref=https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/&ptid=c0278a54c18f1cbc
Requested by: Host: www.imsnetworking.com
URL: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/

Response headers

Connection: keep-alive
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-origin: https://www.imsnetworking.com
Content-Length: 24
date: Sat, 26 Oct 2024 08:05:21 GMT
content-type: image/gif
x-served-by: cache-fra-eddf8230059-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.rapidscansecure.com
URL: https://www.rapidscansecure.com/siteseal/Seal.aspx?code=115,532095F694BEF0135D7C549A10B8CACA11320B90

Verdicts & Comments Add Verdict or Comment

131 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.infusionsoft.com/	1970-01-21 00:32:11	Name: __cf_bm Value: .pMMjwrE1UstyYuy9WavlkSn_HwH5EMNrs52whu0SRs-1729929919-1.0.1.1-kH4Db6d3qy6tNKse6jpbzmI3FxsYtT48YCMiVizYSiJSxK6CWYuDbjYQz1tcWiR5nb5Dfk1qI5Hz3lk7xtL69w
.imsnetworking.com/	1970-01-21 10:08:09	Name: _ga_ZYLC7TJ3DT Value: GS1.1.1729929919.1.0.1729929919.0.0.0
.imsnetworking.com/	1970-01-21 02:41:45	Name: _fbp Value: fb.1.1729929919834.921912169480775925
.imsnetworking.com/	1970-01-21 02:41:45	Name: _gcl_au Value: 1.1.2050172342.1729929920
.linkedin.com/	1970-01-21 09:17:45	Name: bcookie Value: "v=2&da88f518-a1b1-40a7-8f05-7cdb12f3e6aa"
.linkedin.com/	1970-01-21 04:51:21	Name: li_gc Value: MTswOzE3Mjk5Mjk5MTk7MjswMjEFX2Kc6Vuzt4C/vOY6XvGyi3x14E+Ydat1hqCZFCvgXg==
.linkedin.com/	1970-01-21 00:33:36	Name: lidc Value: "b=OGST05:s=O:r=O:a=O:p=O:g=3210:u=1:x=1:i=1729929919:t=1730016319:v=2:sig=AQHhPkZ59a3kyWw-2oaqjKcLGIADJ4gP"
.imsnetworking.com/	1970-01-21 00:33:36	Name: _gid Value: GA1.2.158564221.1729929920
.imsnetworking.com/	1970-01-21 00:32:09	Name: _gat_UA-212034076-1 Value: 1
.imsnetworking.com/	1970-01-21 00:32:09	Name: _gat_gtag_UA_88748003_1 Value: 1
.imsnetworking.com/	1970-01-21 00:32:09	Name: _gat_gtag_UA_19661322_1 Value: 1
.imsnetworking.com/	1970-01-21 04:51:21	Name: calltrk_referrer Value: direct
.imsnetworking.com/	1970-01-21 04:51:21	Name: calltrk_landing Value: https%3A//www.imsnetworking.com/2021/03/18/hacker-uses-zoom-invites-to-steal-credentials-through-sendgrid/
msp.amp.vg/	1970-01-21 10:08:09	Name: X-CSRF-Token Value: 8970df58-60d1-4217-8f78-4bfcfbde914f
msp.amp.vg/	1970-01-21 10:08:09	Name: amp__site_key__ Value: exdwjju2nf2
msp.amp.vg/	1970-01-21 10:08:09	Name: amp__page_key__ Value: 3nacal71m9md
msp.amp.vg/	1970-01-21 10:08:09	Name: amp__contact_cookie_name__ Value: amp__dhgbo3wly1sox_contact_key__
.imsnetworking.com/	1970-01-21 04:51:21	Name: calltrk_session_id Value: 94e63bbd-9797-49be-a9e8-90552534c814
.imsnetworking.com/	1970-01-21 10:08:09	Name: _ga_3KYSKTT34K Value: GS1.1.1729929920.1.0.1729929920.60.0.0
.imsnetworking.com/	1970-01-21 10:08:09	Name: _ga Value: GA1.1.797682654.1729929920
.imsnetworking.com/	1970-01-21 10:08:09	Name: _ga_Q9V92NCL8D Value: GS1.1.1729929920.1.0.1729929920.0.0.0
.imsnetworking.com/	1970-01-21 10:08:09	Name: _ga_3DSXDED196 Value: GS1.2.1729929920.1.0.1729929920.0.0.0
.imsnetworking.com/	1970-01-21 04:51:21	Name: calltrk_fcid Value: 47405d5b-d213-4f13-a9ef-e74ee883a550
cmap.amp.vg/	1970-01-21 10:08:09	Name: X-CSRF-Token Value: fdf508c8-6867-4a20-9ba6-e81b3522b459
cmap.amp.vg/	1970-01-21 10:08:09	Name: amp__dhgbo3wly1sox_contact_key__ Value: b5kbkig70t18w
cmap.amp.vg/	1970-01-21 10:08:09	Name: amp__Company_ctv1gl7b0tx39 Value: b5kbkig70t18w
www.imsnetworking.com/	1970-01-21 10:08:09	Name: amp__dhgbo3wly1sox_contact_key__ Value: b5kbkig70t18w
www.imsnetworking.com/	1970-01-21 10:08:09	Name: amp__engagement__ Value: {"firstname":"","lastname":"","email":"","company":"","industry":"Other"}
ck368.infusionsoft.app/	1970-01-21 09:17:45	Name: InfusionsoftTrackingCookie Value: cc4033577779ba714ed7db56494287dd
.infusionsoft.app/	1970-01-21 09:17:45	Name: cf_clearance Value: NufmAKBQkULqsqOa9gMAQGeMPjj36bIWxGqlWy2Uw6w-1729929921-1.2.1.1-GOmCnsxGLYy1SNgGzIX1KM45IXk6XKEoUc5Df8ZV_tm8.Ol6x2yliK2Wic1tVrN_QwLXuEkYkpq.1mC1ZKcRKiWTDXgxH18AyBckv91Wfo_n9ixvsAV8hu3ivgi4JcY3t7U2nlCWDJ8YX9GJJ0uXxCKAGeXeQZODtlle641BOc0ucbZlx_2bQF4lxkxJKeZJvrp7TPQHH6BK6mE1.z8id7EuBL.BLZXLY7GvOD3qY_sySiPBaAi1RIax40ILI8z_wVsWQaf11qtgOdVQwlNNl4FsdCkPuTMRcO8K0ADcOP2eNsX6ueL0qa76EGi7w8abeF.M4n3WcImJdK6UeOhrLu55TFzGomZH.mlEuwNDNBtooQzuvlFhAqNeRhLhaGlH_s7qp3A9QkGgCi85QbSYiA
.infusionsoft.app/	1970-01-21 00:32:11	Name: __cf_bm Value: co.18M.lTmTd6YhOGS5O0_zJ_DeMFbNTtvqJe55qtCk-1729929921-1.0.1.1-hR6eyLjDuJrTMp0JdGP43WCvYOsww9f2SGDyaBjLvLbcGvon3iMay2WzX5iiypmKz8yvC.cb0_g1oxgyro5CFTkTx91FnmYWp1KfYqzhUZ4

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15780000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
bat.bing.com
bat.bing.net
cdn.calltrk.com
cdn.jsdelivr.net
ck368.infusionsoft.app
ck368.infusionsoft.com
cmap.amp.vg
connect.facebook.net
d.adroll.com
fonts.googleapis.com
fonts.gstatic.com
hello.staticstuff.net
imsnetworking.com
js-agent.newrelic.com
js.calltrk.com
msp.amp.vg
platform.linkedin.com
platform.twitter.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
region1.google-analytics.com
s.adroll.com
secure.venture365office.com
snap.licdn.com
stats.g.doubleclick.net
syndication.twitter.com
use.fontawesome.com
win.staticstuff.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.imsnetworking.com
www.rapidscansecure.com
www.rapidscansecure.com
104.16.158.101
104.244.42.200
13.107.42.14
142.250.184.195
142.250.184.196
142.250.186.136
157.240.0.6
162.247.243.29
172.217.16.195
18.245.46.37
18.245.46.63
199.232.188.157
2001:4860:4802:34::36
216.239.32.36
2600:9000:2644:dc00:6:9280:1080:93a1
2602:816:5001::39
2606:2800:233:66b5:799a:7cd3:f74d:7071
2606:4700:3036::6815:1b98
2606:4700::6812:1feb
2606:4700::6812:68f
2620:1ec:21::14
2620:1ec:33::10
2620:1ec:c11::237
2a00:1450:4001:809::200e
2a00:1450:4001:81d::200a
2a00:1450:4001:827::2008
2a00:1450:400c:c04::9a
2a02:26f0:3500:10::210:a99
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42:400::485
2a05:d018:cc3:fe04:a20b:3458:b6c7:91a5
51.11.20.152
52.35.104.127
54.71.226.19
63.174.23.41
63.208.65.83
0508c84f7b772ab1459b883725c02ad02c2ffd79775d7e12939fbb748429341a
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0d6c2aa0a446364169fba9251e31da41e2f618a09e3cceae2fccd617508e372f
0ec98adf593ebcc01bec60b1f494dacd47522abfef9038a714101d83f45e165d
11ffc5a46ac8f7b93cf4da2afdab96293cba7c2997344a99a5c845a8d39988d2
13b220db3ef81b04d3ad03d2eae4fb2b619f0208c9cb7dbfd1b4adb631ed67ea
1436939ed29c528098b948903ff835b1f1066a45afc277c43053a25964d1761c
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
20bb6b5389e2c13fa434309b8a26119fcb3479164a6ad81526e3531e6b649988
2ab099d0ce09f7933933f365e5081cde896b96678af2eac7a76ad990ce8eb6b4
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2e68ab924fd8bfe8b0746485af728c9f43c33814a885368eb5b68d754638a4de
3b0cdd28d767825fd71a7790f701b9d682269c36ff01eba658c67732cc6c972b
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3cc84eeb18d9be6c7e078b5a95095f4e2221d35e0f582ab35bb74d162085605c
426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4cf9a79fe9a4db827bf94185ef8ad95c548c5bc344e23cdc39b2e408fa33dc18
503d0eff11a83c22173d14b01e89c72adf679427d85fec4a3e81b7ac44fe32dd
5122be2f4bc8e2714883184be26a64043a03ab0a0b6a5c67d22bd3b7809e8ef5
562f6598ca02a600e1a7665c2aa507d5476c784474c353e88ba5e89d5a4e9b72
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
612d5a6b58f15d1f9fba7fcc227b432fe9e5575998208fa13010c4b94c410c35
61f0f5f937046770ff5acf5402da2c5a9b345034bbd3b876fca43aec32160a82
6a44c49c8b0d97772c8e848fbdf15c0b12ed91b786658a64a4db5b15dbadbc0f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6fd484cb3d4db92ba40c9460718c8cfa09cc5abe32336050b555e85079f1cf74
700b65bc831eb1d03cd6115f4597ef09f085296f73649eb49e9156e586cde91e
71cb08a9716e383a4266806835ffc7c4fde287bc2767953513a844e08968d6d7
734e46cec74a67b68f3d256f6bc0c3a3dcaabba8f0ff217bdbc710e4b737201e
73dcbd65337f4a9a6476286a9e87571dc0a722590ac572dfcd65b840fc44879a
7df436910aa5e12b04796a04642184a1f8bdc05957ea58e20d3e4412f8e35b35
84de47ed6481524074cd5e375bb773f01b59fa6452539b3b60cdb916914ca0e1
87d049fc6d16da1f81063235c0e3d31a4656800cbbdca8277d6ae56614a52aba
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
8b3ae2340783895cdd1554d53054db40ec428ac4b7a7ce5a1e4f403f13566488
8bb671d88cac4c489add973db6acdd19795b3df45af5ecbf92f885399bb4a10e
948f0c154ad97428bc1d1dee456f2e20ec4e0e302b0d3189e08a4573cb63cdb3
98d76a76d55b80b555015e0d19b6d22ab41d723da3adf0d4704b9f741af1081e
9af835a3bb7f20f3b8ab6f3dbd96097e847a0bf8d0f1812f1922b2db41b3c889
9f3c86cafd8bf6e7ca531f4c9a8c3be555e2ee6308f3b0e50c5e8f1738ed7ffd
a2ae18f1e3d9b77fd5350d1b66c0b0b46eb2b99719f3f95552ceacd25b08a83c
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
ac63009b1e5b9deaa3712d8cf4eb8c1431c6c060bd5ea7981ed9cb8bcb70044a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b9de472f9fd47efafae0dadee071b37dfdc71a283b788ad8d834f459ccb69130
c070c0ac38d8adbfc1ba0757c4eda7b4c1e8b6a88e5abc0d20651993c262dc71
c350f63ddc4fb7f141008dcf891c8753396898a4a3a05d54f49f1473c7136b6c
c6171a31f768e6ef2e2c6c3114355d1ddb836459fd647d1a2950260c5b5d1669
c9e37afa8ce0c8144a2d49cdb263a51a4939f35b6f29b89f329f3ccff1e8a959
ccce29e21cb92b67297aefc88d30d9286ed152c394e9a428d43ce2c1c62c7879
cd323e9a86b8011e1acc6cdc731f54393f01a80c5d6cbf7f7b36ffe476d5f5f7
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
d2eb5c52a0caedf03be2b3a6d28b42771f7025508ca81cde1fe96720440c80ce
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df8e2b1050def67f4048c5e4fcba51c4f552dfd4f5e0d7d13492680e5101d905
e0235bf8aee8cfe4358d894a03e13ab13fcc25ba1ea3715ed8082676afcb1178
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e500f5ae3d7e710857b65c003b6a966f83c5e9e86eb7214827e91a7f37bdb6d2
e5243f170aa3d8943a8c765fe1358908240f274e74bbcfd12f7ff1f8f433748a
e803b74e534617fa91d2c6efb24e4d2a408e922816a56b2786249cb3afe2805e
eab9cbb1928a9de3ed2b7164ea7215b1ee0c9d7584d04aac97fe5b6798140c48
eac00e7df85b03ffd51cff296c5a4a5fb25bec641d7c9c07ef766720df8ba8bf
eb33957d19c048ddbb7060092ff1f347bb8f009ed962a57261206a1693b909c6
eb96b0bab1e6df1935d50477519f04c35a08690f61d43ecff594af13a635fb95
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0b92945f599cd606acb1d5bf60b30d1f6a6b4cee0ff6cb8ea0a29e6903a8cae
f1411d3d13b55e58e583e168f036ae3b20888c997ac0ee94bf1b910d83f6e4b1
f389e97751d2b9eda028a46072fbc1339db3b950e366af5808e5dc9e857d4669
f3fe7bd589ce08b9e49607a6b31d784b5e1114aff17858a43593f0dc3fb71697
f92dcb98f1e0f493568ee7ec28088227b9a34084b762514d670ee53d0ff6c0ac
fbafd37b04603f38be311dca28a3e5ff54b8117a0bf6b56ba37674367c863dd7
fd8b672ddc7dac829aa91db394f7af715dd838cac14648944d920be8c275831f
ff2f44a884c2cd98f89ce12596d909188ce7aa8e9f34e04cc93befdac01a8adc

www.imsnetworking.com Open in urlscan Pro 54.71.226.19 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

97 Requests

96 %HTTPS

50 %IPv6

27 Domains

37 Subdomains

36 IPs

6 Countries

2015 kBTransfer

5770 kBSize

31 Cookies

9 Outgoing links

Page URL History

Redirected requests

97 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.imsnetworking.com Open in urlscan Pro
54.71.226.19 Public Scan

Screenshot
Live screenshot

Full Image

97
Requests

96 %
HTTPS

50 %
IPv6

27
Domains

37
Subdomains

36
IPs

6
Countries

2015 kB
Transfer

5770 kB
Size

31
Cookies

97 HTTP transactions
0 data transactions