cofense2022stg.wpengine.com Open in urlscan Pro
34.74.117.101 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all...
Submission: On May 08 via api (May 8th 2023, 2:13:19 am UTC) from TR — Scanned from DE

Summary HTTP 232 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 33 IPs in 4 countries across 28 domains to perform 232 HTTP transactions. The main IP is 34.74.117.101, located in North Charleston, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is cofense2022stg.wpengine.com.
TLS certificate: Issued by RapidSSL Global TLS RSA4096 SHA256 20... on August 1st 2022. Valid for: a year.

This is the only time cofense2022stg.wpengine.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
92	34.74.117.101 34.74.117.101	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1105	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:1495	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
13	23.36.162.205 23.36.162.205	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:148d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.73.0.225 52.73.0.225	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6810:a852	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.197.137.224 23.197.137.224	16625 (AKAMAI-AS) (AKAMAI-AS)
1	65.9.95.96 65.9.95.96	16509 (AMAZON-02) (AMAZON-02)
71	65.9.95.66 65.9.95.66	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:d9f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:1ec:4f:1... 2620:1ec:4f:1::60	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:212... 2600:9000:2127:2a00:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.20.195.32 52.20.195.32	14618 (AMAZON-AES) (AMAZON-AES)
1	185.89.211.132 185.89.211.132	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a02:26f0:350... 2a02:26f0:3500:14::1724:a259	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	34.111.208.231 34.111.208.231	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
2	3.121.193.168 3.121.193.168	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
4	4.227.249.197 4.227.249.197	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
13	34.193.113.164 34.193.113.164	14618 (AMAZON-AES) (AMAZON-AES)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a04:4e42:8d:... 2a04:4e42:8d::720	54113 (FASTLY) (FASTLY)
232	33

92 34.74.117.101 (North Charleston, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 101.117.74.34.bc.googleusercontent.com

cofense2022stg.wpengine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1105 (United States)

ASN13335 (CLOUDFLARENET, US)

js.qualified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 23.36.162.205 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-205.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:148d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.73.0.225 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-0-225.compute-1.amazonaws.com

lltrck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a852 (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.197.137.224 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-137-224.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-96.prg50.r.cloudfront.net

static.oktopost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

71 65.9.95.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-66.prg50.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:d9f (United States)

ASN13335 (CLOUDFLARENET, US)

trk.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:4f:1::60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:2a00:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.20.195.32 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-195-32.compute-1.amazonaws.com

okt.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.211.132 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:14::1724:a259 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.208.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.208.111.34.bc.googleusercontent.com

ibc-flow.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

404-jhu-612.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.121.193.168 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-193-168.eu-central-1.compute.amazonaws.com

epsilon.6sense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 4.227.249.197 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

u.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 34.193.113.164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-113-164.compute-1.amazonaws.com

bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
event.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
targeting.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
flow.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:8d::720 (United States)

ASN54113 (FASTLY, US)

driftt.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
92	wpengine.com cofense2022stg.wpengine.com	1 MB
71	driftt.com js.driftt.com — Cisco Umbrella Rank: 5211	860 KB
15	6sc.co j.6sc.co — Cisco Umbrella Rank: 5624 c.6sc.co — Cisco Umbrella Rank: 8648 ipv6.6sc.co — Cisco Umbrella Rank: 5968 b.6sc.co — Cisco Umbrella Rank: 4113	16 KB
13	drift.com bootstrap.api.drift.com — Cisco Umbrella Rank: 6124 metrics.api.drift.com — Cisco Umbrella Rank: 5997 event.api.drift.com — Cisco Umbrella Rank: 6659 targeting.api.drift.com — Cisco Umbrella Rank: 6355 flow.api.drift.com — Cisco Umbrella Rank: 11469	12 KB
8	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 995 u.clarity.ms — Cisco Umbrella Rank: 7923 c.clarity.ms — Cisco Umbrella Rank: 1496	23 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 347 www.linkedin.com — Cisco Umbrella Rank: 594 px4.ads.linkedin.com — Cisco Umbrella Rank: 6148	4 KB
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4365 www.google.com — Cisco Umbrella Rank: 2	724 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	21 KB
3	techtarget.com trk.techtarget.com — Cisco Umbrella Rank: 14492 ibc-flow.techtarget.com — Cisco Umbrella Rank: 18915	2 KB
2	6sense.com epsilon.6sense.com — Cisco Umbrella Rank: 10368	580 B
2	google.de www.google.de — Cisco Umbrella Rank: 6386	515 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 74	413 B
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3069	6 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	185 KB
1	imgix.net driftt.imgix.net — Cisco Umbrella Rank: 14726	24 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 233	740 B
1	mktoresp.com 404-jhu-612.mktoresp.com	318 B
1	adnxs.com secure.adnxs.com — Cisco Umbrella Rank: 406	827 B
1	okt.to okt.to — Cisco Umbrella Rank: 27033	100 B
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 830	369 B
1	oktopost.com static.oktopost.com — Cisco Umbrella Rank: 31283	4 KB
1	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 4288	2 KB
1	lltrck.com lltrck.com — Cisco Umbrella Rank: 27649
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 736	5 KB
1	gstatic.com fonts.gstatic.com	38 KB
1	typekit.net p.typekit.net — Cisco Umbrella Rank: 559	195 B
1	qualified.com js.qualified.com — Cisco Umbrella Rank: 23277	90 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	1 KB
232	28

	Domain	Requested by
92	cofense2022stg.wpengine.com	cofense2022stg.wpengine.com
71	js.driftt.com	cofense2022stg.wpengine.com js.driftt.com
10	b.6sc.co	cofense2022stg.wpengine.com
4	targeting.api.drift.com	js.driftt.com
4	u.clarity.ms	www.clarity.ms
3	metrics.api.drift.com	js.driftt.com
3	www.google-analytics.com	www.googletagmanager.com cofense2022stg.wpengine.com
2	flow.api.drift.com	js.driftt.com
2	event.api.drift.com	js.driftt.com
2	c.clarity.ms	1 redirects
2	bootstrap.api.drift.com	js.driftt.com
2	epsilon.6sense.com	j.6sc.co
2	ibc-flow.techtarget.com	trk.techtarget.com
2	ipv6.6sc.co	j.6sc.co
2	c.6sc.co	j.6sc.co
2	px.ads.linkedin.com	2 redirects
2	www.google.de	cofense2022stg.wpengine.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.analytics.google.com	www.googletagmanager.com
2	www.clarity.ms	cofense2022stg.wpengine.com www.clarity.ms
2	munchkin.marketo.net	cofense2022stg.wpengine.com munchkin.marketo.net
2	www.googletagmanager.com	cofense2022stg.wpengine.com www.googletagmanager.com
1	driftt.imgix.net
1	c.bing.com	1 redirects
1	www.google.com	cofense2022stg.wpengine.com
1	404-jhu-612.mktoresp.com	munchkin.marketo.net
1	secure.adnxs.com	j.6sc.co
1	okt.to	static.oktopost.com
1	px4.ads.linkedin.com	cofense2022stg.wpengine.com
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	trk.techtarget.com	cofense2022stg.wpengine.com
1	static.oktopost.com	cofense2022stg.wpengine.com
1	ws.zoominfo.com	cofense2022stg.wpengine.com
1	lltrck.com	cofense2022stg.wpengine.com
1	snap.licdn.com	www.googletagmanager.com
1	j.6sc.co	cofense2022stg.wpengine.com
1	fonts.gstatic.com	fonts.googleapis.com
1	p.typekit.net	cofense2022stg.wpengine.com
1	js.qualified.com	cofense2022stg.wpengine.com
1	fonts.googleapis.com	cofense2022stg.wpengine.com
232	41

This site contains links to these domains. Also see Links.

Domain
cofense.zendesk.com
go.cofense.com
cofense.com
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com
wpml.org

Subject Issuer	Validity	Valid
*.wpengine.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-08-01` - `2023-09-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-11` - `2024-04-10`	a year	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
6sc.co R3	`2023-03-11` - `2023-06-09`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
lltrck.com Go Daddy Secure Certificate Authority - G2	`2022-07-25` - `2023-08-26`	a year	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2023-04-04` - `2024-04-03`	a year	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-06` - `2024-02-05`	a year	crt.sh
*.oktopost.com Amazon RSA 2048 M01	`2023-02-28` - `2023-10-27`	8 months	crt.sh
drift.com Amazon RSA 2048 M02	`2023-03-01` - `2023-09-21`	7 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-12-01` - `2023-12-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-02-24` - `2023-08-06`	5 months	crt.sh
okt.to R3	`2023-03-24` - `2023-06-22`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
ibc-flow.techtarget.com GTS CA 1D4	`2023-04-03` - `2023-07-03`	3 months	crt.sh
*.mktoresp.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-05` - `2023-11-05`	a year	crt.sh
*.6sense.com Amazon RSA 2048 M01	`2023-05-01` - `2024-05-29`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
*.imgix.com GlobalSign Atlas R3 DV TLS CA 2023 Q1	`2023-03-05` - `2024-04-05`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Frame ID: FAAD43A862950FB7398DEFCB9233404E
Requests: 150 HTTP requests in this frame

Frame: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=62f12277-33e1-44a5-b79b-d58254c97334&sessionStarted=1683511991.205&campaignRefreshToken=b1dc1488-d16a-4776-8a30-9ae53b883c0f&hideController=false&pageLoadStartTime=1683511989477&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
Frame ID: 8AD0B1F516DE9BB6628A8F29AD51C5BB
Requests: 42 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683511989477
Frame ID: 3CF0C976B0C38CE0E2E85834152A8D96
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

(1) New Messages!

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

232
Requests

99 %
HTTPS

56 %
IPv6

28
Domains

41
Subdomains

33
IPs

4
Countries

2557 kB
Transfer

6378 kB
Size

36
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://cofense.zendesk.com/auth/v2/login/signin
Title: Customer Resource Center

Search URL Search Domain Scan URL

URL: https://go.cofense.com/live-demo/
Title: Get a Demo

Search URL Search Domain Scan URL

URL: https://cofense.com/product-services/phishing-intelligence/
Title: Cofense Intelligence

Search URL Search Domain Scan URL

URL: https://cofense.com/lp/q1-cofense-phishing-intelligence-report/
Title: here is our complete Q1 2023 Threat Intelligence Review

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Cofense/
Title: Facebook-f

Search URL Search Domain Scan URL

URL: https://twitter.com/cofense
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/11500065/
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCbvJmFk-Pwf85UbGI9-EGxw
Title: Youtube

Search URL Search Domain Scan URL

URL: https://wpml.org/
Title: wpml.org

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 113

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=300721&time=1683511990650&url=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F&tm=gtmv2 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D300721%26time%3D1683511990650%26url%3Dhttps%253A%252F%252Fcofense2022stg.wpengine.com%252Fblog%252Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%252F%26tm%3Dgtmv2%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=300721&time=1683511990650&url=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F&tm=gtmv2&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=300721&time=1683511990650&url=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F&tm=gtmv2&liSync=true&e_ipv6=AQI4g8s8lmWXMQAAAYf5IlyHmwwzFZq3v4jkyqZi5sNGODzJGvBsNwvUUXYw08QgVWP54K7Y

Request Chain 201

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=C02D009704D8495EA69FF0AE39080886&RedC=c.clarity.ms&MXFR=3BF8B9B2A548698709D4AAB9A148678E HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C02D009704D8495EA69FF0AE39080886&MUID=1A68D427D0D765A20BCDC72CD17B640F

232 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/ 138 KB
25 KB 689ms
272ms Document
text/html 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx / WP Engine
Resource Hash: 4d36e6008a541b46f23448eb97baff09aba6954548c1030a1bc217091ff760e9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=600, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 08 May 2023 02:13:09 GMT
link: <https://cofense2022stg.wpengine.com/wp-json/>; rel="https://api.w.org/" <https://cofense2022stg.wpengine.com/wp-json/wp/v2/posts/100526>; rel="alternate"; type="application/json" <https://cofense2022stg.wpengine.com/?p=100526>; rel=shortlink
server: nginx
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 3
x-cache-group: normal
x-cacheable: SHORT
x-pingback: https://cofense2022stg.wpengine.com/xmlrpc.php
x-powered-by: WP Engine

GET
H2 200 css
fonts.googleapis.com/ 21 KB
1 KB 142ms
50ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Inter%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a021e5ef7022a556c759cca4e248f10383d65a1cd4df600dae57ea37ca481073

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 08 May 2023 01:07:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 08 May 2023 02:13:09 GMT

GET
H2 200 style.min.css
cofense2022stg.wpengine.com/wp-includes/css/dist/block-library/ 93 KB
13 KB 146ms
135ms Stylesheet
text/css 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Tue, 20 Dec 2022 21:51:03 GMT
server: nginx
etag: W/"63a22e47-172a9"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 classic-themes.min.css
cofense2022stg.wpengine.com/wp-includes/css/ 217 B
365 B 146ms
135ms Stylesheet
text/css 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Tue, 20 Dec 2022 21:51:02 GMT
server: nginx
etag: W/"63a22e46-d9"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 styles.css
cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/sitepress-multilingual-cms/dist/css/blocks/ 57 KB
7 KB 153ms
140ms Stylesheet
text/css 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/sitepress-multilingual-cms/dist/css/blocks/styles.css?ver=1683297045
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2cc15bc3d3dda4e699624aae9727570dd1cb7cfa4535a074a453e1437e279d21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 14:30:45 GMT
server: nginx
etag: W/"64551315-e379"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 style.min.css
cofense2022stg.wpengine.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/ 908 B
509 B 154ms
142ms Stylesheet
text/css 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/style.min.css?ver=1
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 22a79f1fbcc70373c7021bae2164d9232d1e9dd3c6a163df9f9f54070e5f6b50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Tue, 28 Mar 2023 13:48:28 GMT
server: nginx
etag: W/"6422f02c-38c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 style.min.css
cofense2022stg.wpengine.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/menu-item/ 258 B
360 B 155ms
142ms Stylesheet
text/css 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/menu-item/style.min.css?ver=1
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4b9257e3e9c959214ddfab833a69a021ae6557403efe76afcbee259621175274

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Tue, 28 Mar 2023 13:48:28 GMT
server: nginx
etag: W/"6422f02c-102"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 style.css
cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/themes/cofense/ 8 KB
3 KB 155ms
143ms Stylesheet
text/css 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/themes/cofense/style.css?ver=1683297046
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: c3dfc3f03106f85ab56ceaadf44433f35cca4209d64922d50a1c650c90aa60ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 14:30:46 GMT
server: nginx
etag: W/"64551316-1fc3"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 404 custom.css
cofense2022stg.wpengine.com/wp-content/themes/cofense/css/ 0
0 156ms
144ms Stylesheet
text/html 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/themes/cofense/css/custom.css?ver=6.1.1
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/html

GET
H2 404 testing.css
cofense2022stg.wpengine.com/wp-content/themes/cofense/css/ 0
0 157ms
144ms Stylesheet
text/html 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/themes/cofense/css/testing.css?ver=6.1.1
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/html

GET
H2 200 elementor-icons.min.css
cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/eicons/css/ 19 KB
4 KB 278ms
266ms Stylesheet
text/css 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=1683297046
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: d08fa1906998435f62fea09b51c792ed9b1d93a9636efe4fa8981599c7de9419

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 14:30:46 GMT
server: nginx
etag: W/"64551316-4d2f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 frontend-lite.min.css
cofense2022stg.wpengine.com/wp-content/plugins/elementor/assets/css/ 79 KB
11 KB 152ms
139ms Stylesheet
text/css 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.12.2
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2544474f9ccba4ce5f26230fea52abf96e3129f3a897daa9fd22a4d356658ad3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Tue, 02 May 2023 14:17:40 GMT
server: nginx
etag: W/"64511b84-13d75"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 swiper.min.css
cofense2022stg.wpengine.com/wp-content/plugins/elementor/assets/lib/swiper/css/ 13 KB
3 KB 317ms
305ms Stylesheet
text/css 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/plugins/elementor/assets/lib/swiper/css/swiper.min.css?ver=5.3.6
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: d622534d53d3ac1095af275f0b30274fcd835785577df2dde6d9398e6f7a2c8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Tue, 02 May 2023 14:17:40 GMT
server: nginx
etag: W/"64511b84-324c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 post-15.css
cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/ 6 KB
1 KB 308ms
295ms Stylesheet
text/css 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-15.css?ver=1683305090
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 19b9088866f569df384674d08e7f4614b91d86d5849cb45e63257e6cb873102b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 16:44:21 GMT
server: nginx
etag: W/"64553265-19c5"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 frontend-lite.min.css
cofense2022stg.wpengine.com/wp-content/plugins/elementor-pro/assets/css/ 9 KB
2 KB 442ms
430ms Stylesheet
text/css 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.12.3
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: adfdeb4d7e4a5f5de6839a079fd8816135a5bcb6c6acb9e546ef4a66c62c18d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 14:30:02 GMT
server: nginx
etag: W/"645512ea-235f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 post-100526.css
cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/ 134 B
309 B 443ms
431ms Stylesheet
text/css 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-100526.css?ver=1683305059
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: ca4b8bc30efe3bc477a4699a51c7ca0ba2cf24f24f02d3b861453a1aac7d0fb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 14:38:58 GMT
server: nginx
etag: W/"64551502-86"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 post-93807.css
cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/ 3 KB
834 B 443ms
431ms Stylesheet
text/css 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-93807.css?ver=1683305061
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: b3c983227e71c4f8da7d9af830cde723a94fd1a3a712e666c1f389dfac405bb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 16:44:21 GMT
server: nginx
etag: W/"64553265-b4b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 post-1266.css
cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/ 19 KB
2 KB 443ms
431ms Stylesheet
text/css 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-1266.css?ver=1683305090
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 727a730eda79071d5f02ba91d752c3feed10e0cd63a9c042f298390c24f85236

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 16:44:21 GMT
server: nginx
etag: W/"64553265-4ba3"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 post-1271.css
cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/ 16 KB
2 KB 444ms
432ms Stylesheet
text/css 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-1271.css?ver=1683305090
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0cbf6e774cef56a187b12fea61250b10a013df245ca8ed9c47bf3f18f8a7696b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 16:44:21 GMT
server: nginx
etag: W/"64553265-3e58"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 post-1386.css
cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/ 12 KB
2 KB 444ms
432ms Stylesheet
text/css 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-1386.css?ver=1683305061
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: fcf67e37a8fd1acfa0c65a13eeecc07efeb4efc0447177ee2f3e95bfd794ca3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 16:44:21 GMT
server: nginx
etag: W/"64553265-2e02"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 widget-styles.css
cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/css/ 439 KB
51 KB 317ms
306ms Stylesheet
text/css 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css?ver=1683297046
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: aebf3a5076b724c0097b17849789e5b72ab7a54d91fae262585b0266c2670b23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 14:30:46 GMT
server: nginx
etag: W/"64551316-6db32"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 responsive.css
cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/css/ 30 KB
3 KB 309ms
298ms Stylesheet
text/css 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css?ver=1683297046
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 73b2fdcf25aa909c7b0f072cf791066350ab834ca1d0d01ef096bb5583318213

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 14:30:46 GMT
server: nginx
etag: W/"64551316-764b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 ecs-style.css
cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/ele-custom-skin/assets/css/ 6 KB
1 KB 309ms
298ms Stylesheet
text/css 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/ele-custom-skin/assets/css/ecs-style.css?ver=1683297046
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8cbc49b1385bf29debe95333f04795a6e3a2cf218d88b415b29872d06491fd1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 14:30:46 GMT
server: nginx
etag: W/"64551316-19b2"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 post-1444.css
cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/ 2 KB
666 B 310ms
298ms Stylesheet
text/css 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-1444.css?ver=1678361574
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 09db71dcf500dadf710b4fde01c4af2839d9055c18de62b3de0b7ba590e880ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 16:46:50 GMT
server: nginx
etag: W/"645532fa-88c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 post-1462.css
cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/ 2 KB
877 B 310ms
299ms Stylesheet
text/css 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-1462.css?ver=1671033592
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: b89b6165327872066d09bf529b6f131b238a193e71a8ab9108b2ea40ae92d3f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 16:44:23 GMT
server: nginx
etag: W/"64553267-88b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 post-86702.css
cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/ 902 B
493 B 310ms
299ms Stylesheet
text/css 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-86702.css?ver=1666612343
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6eafef48033bf87526b129f8f292a7ea8b943988241b3abefe94d3a95668ac8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 16:46:50 GMT
server: nginx
etag: W/"645532fa-386"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 post-86773.css
cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/ 2 KB
678 B 311ms
300ms Stylesheet
text/css 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-86773.css?ver=1666885690
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: bacd426460574c0fc84822fd3846441f1040b4374c8350d67271049bd29fc6d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 16:46:50 GMT
server: nginx
etag: W/"645532fa-7ae"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 post-94275.css
cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/ 1 KB
498 B 311ms
300ms Stylesheet
text/css 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-94275.css?ver=1666870708
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0ec717c896d0ca54e4536263e84f11f43a944ba2e04d2f5f1264f0acdc7beada

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 16:46:48 GMT
server: nginx
etag: W/"645532f8-45d"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 post-96442.css
cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/ 2 KB
684 B 315ms
304ms Stylesheet
text/css 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-96442.css?ver=1680173529
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: bb5b6c52c072488848fbe51554382a6bc0be26a315e7558aa5ad61df4433b2dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 16:46:49 GMT
server: nginx
etag: W/"645532f9-7ac"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 post-96443.css
cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/ 2 KB
685 B 316ms
305ms Stylesheet
text/css 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-96443.css?ver=1671639746
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6fe59d88646876bb8dfb4a1a021b2dc2662b36bf175625eb3ecb89a3ae956937

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 16:46:50 GMT
server: nginx
etag: W/"645532fa-7ac"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 post-96445.css
cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/ 2 KB
706 B 317ms
306ms Stylesheet
text/css 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-96445.css?ver=1675169689
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 44c68a4716777a09c291d971f91468c7e72dd2beadecd931aaea641758f4d726

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 16:46:51 GMT
server: nginx
etag: W/"645532fb-89c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 fontawesome.min.css
cofense2022stg.wpengine.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 57 KB
13 KB 324ms
313ms Stylesheet
text/css 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Tue, 02 May 2023 14:17:40 GMT
server: nginx
etag: W/"64511b84-e238"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 solid.min.css
cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 1 KB
575 B 322ms
311ms Stylesheet
text/css 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=1683297046
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: dc7e118b7e07217031d017282955569cb66891f527050135caadb2dd5779824f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 14:30:46 GMT
server: nginx
etag: W/"64551316-43a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 brands.min.css
cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 1 KB
574 B 322ms
312ms Stylesheet
text/css 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=1683297046
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: b8449a28a151415d580be1dfd69056906199f1dd6ceb2c1b5edf61950ada9d13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 14:30:46 GMT
server: nginx
etag: W/"64551316-440"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.min.js Show response
cofense2022stg.wpengine.com/wp-includes/js/jquery/ 88 KB
32 KB 324ms
314ms Script
application/javascript 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Tue, 20 Dec 2022 21:51:02 GMT
server: nginx
etag: W/"63a22e46-15e54"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery-migrate.min.js Show response
cofense2022stg.wpengine.com/wp-includes/js/jquery/ 11 KB
4 KB 447ms
437ms Script
application/javascript 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Tue, 20 Dec 2022 21:51:02 GMT
server: nginx
etag: W/"63a22e46-2bd8"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 language-cookie.js Show response
cofense2022stg.wpengine.com/wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/ 226 B
358 B 447ms
437ms Script
application/javascript 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/language-cookie.js?ver=4.6.3
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 71966cb221a057ee9313fb232e40c7a0a70d2e472909c3947f4878c8e195ad53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Tue, 28 Mar 2023 13:48:28 GMT
server: nginx
etag: W/"6422f02c-e2"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 ecs_ajax_pagination.js Show response
cofense2022stg.wpengine.com/wp-content/plugins/ele-custom-skin/assets/js/ 4 KB
2 KB 447ms
437ms Script
application/javascript 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/plugins/ele-custom-skin/assets/js/ecs_ajax_pagination.js?ver=3.1.7
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 95af163892829a3ef249441b70b2c8281b845edea4b24680d3326486861d6082

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Tue, 20 Dec 2022 21:52:47 GMT
server: nginx
etag: W/"63a22eaf-ecb"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 ecs.js Show response
cofense2022stg.wpengine.com/wp-content/plugins/ele-custom-skin/assets/js/ 284 B
410 B 447ms
437ms Script
application/javascript 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/plugins/ele-custom-skin/assets/js/ecs.js?ver=3.1.7
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 566d4c5dfefc9c4d867e6bef080917a4273b4228731a8700e81f1763eae3d861

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Tue, 20 Dec 2022 21:52:47 GMT
server: nginx
etag: W/"63a22eaf-11c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 zlo5wor.css
cofense2022stg.wpengine.com/wp-content/cache/min/1/ 816 B
548 B 323ms
313ms Stylesheet
text/css 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/cache/min/1/zlo5wor.css?ver=1683297046
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3c1a5c4b5574a4104a92b2e700e6f0fc5b001c4297ebc5a1e76d67b1fbeb1c2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 14:30:46 GMT
server: nginx
etag: W/"64551316-330"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 qualified.js Show response
js.qualified.com/ 309 KB
90 KB 558ms
456ms Script
text/javascript 2606:4700::6812:1105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.qualified.com/qualified.js?token=H3wWDXLUxD4irieG

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cb2c8587eb4c7aa56eb0c5460dc8a28eb1f7aef070aa808b487735ac73e70e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:10 GMT
content-encoding: gzip
via: 1.1 spaces-router (e46a9e002bdb)
strict-transport-security: max-age=63072000; includeSubDomains
cf-cache-status: MISS
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 93c4f515-9718-e438-61ac-07cc58acd162
pragma: no-cache
x-runtime: 0.014995
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"2cb2c8587eb4c7aa56eb0c5460dc8a28"
x-download-options: noopen
vary: Accept,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 7c3e2e92afa29be8-FRA
expires: Mon, 08 May 2023 06:13:10 GMT

GET
H2 200 widget-nav-menu.min.css
cofense2022stg.wpengine.com/wp-content/plugins/elementor-pro/assets/css/ 26 KB
4 KB 447ms
437ms Stylesheet
text/css 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/plugins/elementor-pro/assets/css/widget-nav-menu.min.css
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e6f4a2cd743aa32711cc7b746b6dddac6a6d55783e3a8b2e9eb335b29d12eb1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 14:30:02 GMT
server: nginx
etag: W/"645512ea-67e4"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 widget-icon-list.min.css
cofense2022stg.wpengine.com/wp-content/plugins/elementor/assets/css/ 10 KB
1 KB 447ms
437ms Stylesheet
text/css 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: d3ec56e30464585e5c2b664b8dd77525dd3bc5b3079be7d6dede18cd3f90da33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Tue, 02 May 2023 14:17:40 GMT
server: nginx
etag: W/"64511b84-26c1"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 widget-theme-elements.min.css
cofense2022stg.wpengine.com/wp-content/plugins/elementor-pro/assets/css/ 10 KB
2 KB 447ms
438ms Stylesheet
text/css 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/plugins/elementor-pro/assets/css/widget-theme-elements.min.css
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 11223ca6b6926320cb972d7abe5e50b4806da8294cfaa140fd12273a13d9a29a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 14:30:02 GMT
server: nginx
etag: W/"645512ea-26a4"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 widget-share-buttons.min.css
cofense2022stg.wpengine.com/wp-content/plugins/elementor-pro/assets/css/ 30 KB
2 KB 316ms
306ms Stylesheet
text/css 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/plugins/elementor-pro/assets/css/widget-share-buttons.min.css
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: d608780a3ddd9322d07b2b12af1d880434a9042b1f54fc6ec8eb3cb6977f81ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 14:30:02 GMT
server: nginx
etag: W/"645512ea-777b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 widget-posts.min.css
cofense2022stg.wpengine.com/wp-content/plugins/elementor-pro/assets/css/ 14 KB
3 KB 447ms
438ms Stylesheet
text/css 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/plugins/elementor-pro/assets/css/widget-posts.min.css
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 144bfb88dbdab1a0c04cdf0f570c127ed52c9319b7cd5c1e7acf692a0950f5dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 14:30:02 GMT
server: nginx
etag: W/"645512ea-374b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 post-9276.css
cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/ 5 KB
1008 B 317ms
307ms Stylesheet
text/css 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-9276.css?ver=1683305062
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1a7d5d0c9c86dc2db1249eee49e178e16885d04b41f20cab6e5ad4e5a51f89af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 16:44:22 GMT
server: nginx
etag: W/"64553266-12e5"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 post-9277.css
cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/ 5 KB
897 B 317ms
308ms Stylesheet
text/css 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-9277.css?ver=1683305062
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4b6282f417900055c604419822eb0ff788d325f23c9eca94146e3086177e8f0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 16:44:22 GMT
server: nginx
etag: W/"64553266-15ce"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 post-9907.css
cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/ 3 KB
680 B 318ms
308ms Stylesheet
text/css 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-9907.css?ver=1683305062
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: f3e04a15bb017b906d4834cb5da6e3ea409b5da37a0cd9cec4b62a496f8560a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 16:44:22 GMT
server: nginx
etag: W/"64553266-a0d"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 post-94175.css
cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/ 3 KB
688 B 316ms
307ms Stylesheet
text/css 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-94175.css?ver=1683305062
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e5cc98a7681a840c7940cf675360a0def2ffacf2ea52b046ce5354a9ee873dd8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 16:44:22 GMT
server: nginx
etag: W/"64553266-a1e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 post-94173.css
cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/ 3 KB
679 B 317ms
308ms Stylesheet
text/css 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-94173.css?ver=1683305062
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: eaf3fbeb37e264707dd55409d3e8729dbbf6fdc39536e3961c59ec0a4ebad5f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 16:44:22 GMT
server: nginx
etag: W/"64553266-a1e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 regular.min.css
cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 1 KB
571 B 319ms
310ms Stylesheet
text/css 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=1683297046
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4f42fa1fe21c3cdf7ccfa09bfb44d1325bd3713e1ddb82e661e2c28002eef957

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 14:30:46 GMT
server: nginx
etag: W/"64551316-442"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 post-96724.css
cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/ 6 KB
1 KB 321ms
312ms Stylesheet
text/css 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-96724.css?ver=1683305062
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: edb409aebe8f4b88021a0c7c6b60abc2cfa4463f794b2429708cf3294681d0fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 16:44:22 GMT
server: nginx
etag: W/"64553266-18d4"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 animations.min.css
cofense2022stg.wpengine.com/wp-content/plugins/elementor/assets/lib/animations/ 18 KB
3 KB 441ms
432ms Stylesheet
text/css 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.12.2
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Tue, 02 May 2023 14:17:40 GMT
server: nginx
etag: W/"64511b84-4824"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 lazysizes.min.js Show response
cofense2022stg.wpengine.com/wp-content/plugins/ewww-image-optimizer/includes/ 14 KB
6 KB 442ms
433ms Script
application/javascript 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/plugins/ewww-image-optimizer/includes/lazysizes.min.js?ver=693
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: c05a1108c176130e9dff2f6a5ebdb60be1c3e17b5a8f83de35b29f44fb109434

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Tue, 20 Dec 2022 21:52:45 GMT
server: nginx
etag: W/"63a22ead-3860"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 navigation.js Show response
cofense2022stg.wpengine.com/wp-content/themes/cofense/js/ 3 KB
1 KB 442ms
433ms Script
application/javascript 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/themes/cofense/js/navigation.js?ver=1.0.0
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8ee0654259fda0bbfeab4305b895e740659613080d90352bd36c1452fd426ef6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Tue, 20 Dec 2022 21:52:41 GMT
server: nginx
etag: W/"63a22ea9-ba4"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 frontend-script.js Show response
cofense2022stg.wpengine.com/wp-content/plugins/elementskit-lite/libs/framework/assets/js/ 40 B
253 B 442ms
434ms Script
application/javascript 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js?ver=2.8.8
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: b8166c5475df6a64ab2456e95f64564164ed697d258e8bfed8cebca40efd6fa5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 14:30:12 GMT
server: nginx
etag: W/"645512f4-28"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 widget-scripts.js Show response
cofense2022stg.wpengine.com/wp-content/plugins/elementskit-lite/widgets/init/assets/js/ 134 KB
37 KB 444ms
435ms Script
application/javascript 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js?ver=2.8.8
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: cdaa4c91b5bc3dd4ce8e1345b453844dd414602022a182ce2853d87bd4b9a9d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 14:30:12 GMT
server: nginx
etag: W/"645512f4-2193f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 heartbeat.js Show response
cofense2022stg.wpengine.com/wp-content/plugins/wp-rocket/assets/js/ 0
198 B 444ms
436ms Script
application/javascript 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/plugins/wp-rocket/assets/js/heartbeat.js?ver=3.13.1
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
last-modified: Tue, 02 May 2023 14:18:51 GMT
server: nginx
etag: "64511bcb-0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 0

GET
H2 200 jquery.smartmenus.min.js Show response
cofense2022stg.wpengine.com/wp-content/plugins/elementor-pro/assets/lib/smartmenus/ 25 KB
8 KB 444ms
436ms Script
application/javascript 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 533e264cc615ee4601da8d2c1dee4a8987319e53d4d7162272f067fbbf250020

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 14:30:02 GMT
server: nginx
etag: W/"645512ea-6272"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 imagesloaded.min.js Show response
cofense2022stg.wpengine.com/wp-includes/js/ 5 KB
2 KB 444ms
436ms Script
application/javascript 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Tue, 20 Dec 2022 21:51:02 GMT
server: nginx
etag: W/"63a22e46-15fd"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 webpack-pro.runtime.min.js Show response
cofense2022stg.wpengine.com/wp-content/plugins/elementor-pro/assets/js/ 5 KB
3 KB 444ms
436ms Script
application/javascript 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.12.3
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e6ed06388b8a934651b5005f2ece104a979f56b5fa6203ef4a2d8ab0a60c07dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 14:30:02 GMT
server: nginx
etag: W/"645512ea-156d"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 webpack.runtime.min.js Show response
cofense2022stg.wpengine.com/wp-content/plugins/elementor/assets/js/ 5 KB
2 KB 304ms
296ms Script
application/javascript 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.12.2
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: c7e9892e66464b9c939f81878a76b28761697e4a9b9252ce7c43fedcb95c94e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Tue, 02 May 2023 14:17:40 GMT
server: nginx
etag: W/"64511b84-135e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 frontend-modules.min.js Show response
cofense2022stg.wpengine.com/wp-content/plugins/elementor/assets/js/ 41 KB
13 KB 304ms
296ms Script
application/javascript 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.12.2
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 987b2e5ba1d940ccf76e74235a3339ce993b29a81c7a67599157c3a5640be710

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Tue, 02 May 2023 14:17:40 GMT
server: nginx
etag: W/"64511b84-a530"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 regenerator-runtime.min.js Show response
cofense2022stg.wpengine.com/wp-includes/js/dist/vendor/ 6 KB
3 KB 321ms
313ms Script
application/javascript 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Tue, 20 Dec 2022 21:51:02 GMT
server: nginx
etag: W/"63a22e46-194b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 wp-polyfill.min.js Show response
cofense2022stg.wpengine.com/wp-includes/js/dist/vendor/ 17 KB
7 KB 322ms
314ms Script
application/javascript 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Tue, 20 Dec 2022 21:51:02 GMT
server: nginx
etag: W/"63a22e46-459f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 hooks.min.js Show response
cofense2022stg.wpengine.com/wp-includes/js/dist/ 5 KB
2 KB 322ms
314ms Script
application/javascript 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Tue, 20 Dec 2022 21:51:02 GMT
server: nginx
etag: W/"63a22e46-132e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 i18n.min.js Show response
cofense2022stg.wpengine.com/wp-includes/js/dist/ 10 KB
4 KB 404ms
397ms Script
application/javascript 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 01c3955df67a9b9d1367957e2c187729eae46b72e92c2b52bdb217b14a8fc874

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Tue, 20 Dec 2022 21:51:02 GMT
server: nginx
etag: W/"63a22e46-27f6"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 frontend.min.js Show response
cofense2022stg.wpengine.com/wp-content/plugins/elementor-pro/assets/js/ 24 KB
7 KB 429ms
422ms Script
application/javascript 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.12.3
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9c31a014c17b72f36eadba67add0dd225a238265895ba5729870f9ad469f0a95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 14:30:02 GMT
server: nginx
etag: W/"645512ea-5f3c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 waypoints.min.js Show response
cofense2022stg.wpengine.com/wp-content/plugins/elementor/assets/lib/waypoints/ 12 KB
3 KB 434ms
427ms Script
application/javascript 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Tue, 02 May 2023 14:17:40 GMT
server: nginx
etag: W/"64511b84-2fa6"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 core.min.js Show response
cofense2022stg.wpengine.com/wp-includes/js/jquery/ui/ 21 KB
7 KB 435ms
428ms Script
application/javascript 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Tue, 20 Dec 2022 21:51:02 GMT
server: nginx
etag: W/"63a22e46-53c0"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 frontend.min.js Show response
cofense2022stg.wpengine.com/wp-content/plugins/elementor/assets/js/ 40 KB
13 KB 316ms
309ms Script
application/javascript 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.12.2
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1fa18b1ec5d3e9b4c089118323819e51e6674e4756fbcd1de4e86ef58a3dba31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Tue, 02 May 2023 14:17:40 GMT
server: nginx
etag: W/"64511b84-9e8f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 elements-handlers.min.js Show response
cofense2022stg.wpengine.com/wp-content/plugins/elementor-pro/assets/js/ 29 KB
7 KB 435ms
428ms Script
application/javascript 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.12.3
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 63aaa27a904bf63aa8c6e177abd2f389756b6ca2df27f9159c4564dcdb49bc6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 14:30:02 GMT
server: nginx
etag: W/"645512ea-73c3"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 animate-circle.js Show response
cofense2022stg.wpengine.com/wp-content/plugins/elementskit-lite/widgets/init/assets/js/ 810 B
669 B 435ms
429ms Script
application/javascript 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/plugins/elementskit-lite/widgets/init/assets/js/animate-circle.js?ver=2.8.8
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8667a50fdab17dd946e43e37c6fd1623583b9440bdca887e44cc726e48feedaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 14:30:12 GMT
server: nginx
etag: W/"645512f4-32a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 elementor.js Show response
cofense2022stg.wpengine.com/wp-content/plugins/elementskit-lite/widgets/init/assets/js/ 18 KB
6 KB 317ms
310ms Script
application/javascript 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/plugins/elementskit-lite/widgets/init/assets/js/elementor.js?ver=2.8.8
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 51445b2ccc8f515394b4750bd52fbc74089c3e894ec552a64fbc85c71a766f49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 14:30:12 GMT
server: nginx
etag: W/"645512f4-4932"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.sticky.min.js Show response
cofense2022stg.wpengine.com/wp-content/plugins/elementor-pro/assets/lib/sticky/ 4 KB
2 KB 436ms
430ms Script
application/javascript 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.12.3
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 34bbd1c367ffc7d80fcff86c7e5f8777e70f4911bb324e8ecfc7dd3604a96e68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:09 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 14:30:02 GMT
server: nginx
etag: W/"645512ea-e89"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 lazyload.min.js Show response
cofense2022stg.wpengine.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/ 9 KB
3 KB 137ms
137ms Script
application/javascript 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:10 GMT
content-encoding: br
last-modified: Tue, 02 May 2023 14:18:51 GMT
server: nginx
etag: W/"64511bcb-22bc"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 p.css
p.typekit.net/ 5 B
195 B 186ms
41ms Stylesheet
text/css 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=zlo5wor&ht=tk&f=26014&a=103167865&app=typekit&e=css
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/wp-content/cache/min/1/zlo5wor.css?ver=1683297046
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

unused62: 8096267
date: Mon, 08 May 2023 02:13:10 GMT
last-modified: Sat, 16 Oct 2021 08:18:43 GMT
server: nginx
etag: "616a8ae3-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 302 KB
98 KB 151ms
58ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5RQ37KH

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1de5811d3ded5c7f325dc71e83a8c4a85325e74d393daa6651aa9dae54072cca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 99861
x-xss-protection: 0
last-modified: Mon, 08 May 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 08 May 2023 02:13:10 GMT

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13ba7d85cedf2d5b14f9091119f9067689bdc33edde1d37a654787d416fbca34

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e517a35c5f569958a934efcb143bdbb42f9f3b8cdd11442aed95bf45716007f2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 NETWORKHEADERBG-1.png
cofense2022stg.wpengine.com/wp-content/uploads/2022/06/ 61 KB
61 KB 136ms
136ms Image
image/png 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cofense2022stg.wpengine.com/wp-content/uploads/2022/06/NETWORKHEADERBG-1.png
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-1386.css?ver=1683305061
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0a878495e0cd07bbe654d5ca09dd53707b0349b326c229393df27696e92e255c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-1386.css?ver=1683305061
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:10 GMT
last-modified: Fri, 17 Mar 2023 14:50:48 GMT
server: nginx
etag: "64147e48-f3bf"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 62399

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 37 KB
38 KB 128ms
39ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cofense2022stg.wpengine.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 09:38:02 GMT
x-content-type-options: nosniff
age: 146108
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37924
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 09:38:02 GMT

GET
H2 404 Inter-Medium.ttf
cofense2022stg.wpengine.com/wp-content/uploads/2022/05/ 0
0 137ms
136ms Font
text/html 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/uploads/2022/05/Inter-Medium.ttf
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-15.css?ver=1683305090
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

Referer: https://cofense2022stg.wpengine.com/wp-content/uploads/elementor/css/post-15.css?ver=1683305090
Origin: https://cofense2022stg.wpengine.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:10 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/html

GET
H2 200 fa-solid-900.woff2
cofense2022stg.wpengine.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 76 KB
77 KB 138ms
137ms Font
font/woff2 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=1683297046
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Request headers

Referer: https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=1683297046
Origin: https://cofense2022stg.wpengine.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:10 GMT
last-modified: Tue, 02 May 2023 14:17:40 GMT
server: nginx
etag: "64511b84-13174"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 78196

GET
H2 200 fa-brands-400.woff2
cofense2022stg.wpengine.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 75 KB
75 KB 139ms
138ms Font
font/woff2 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=1683297046
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af

Request headers

Referer: https://cofense2022stg.wpengine.com/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=1683297046
Origin: https://cofense2022stg.wpengine.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:10 GMT
last-modified: Tue, 02 May 2023 14:17:40 GMT
server: nginx
etag: "64511b84-12bdc"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 76764

GET
H2 200 dialog.min.js Show response
cofense2022stg.wpengine.com/wp-content/plugins/elementor/assets/lib/dialog/ 10 KB
4 KB 146ms
146ms Script
application/javascript 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.12.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e9ba3d0c5d5408e00becd36ad394fa9ad9c0616741ebdd6dddc8e837db3605ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:10 GMT
content-encoding: br
last-modified: Tue, 02 May 2023 14:17:40 GMT
server: nginx
etag: W/"64511b84-29fd"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 nav-menu.bb5cce0a50480cdf695d.bundle.min.js Show response
cofense2022stg.wpengine.com/wp-content/plugins/elementor-pro/assets/js/ 4 KB
2 KB 153ms
152ms Script
application/javascript 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/plugins/elementor-pro/assets/js/nav-menu.bb5cce0a50480cdf695d.bundle.min.js
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.12.3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 87b8dee0764adb4697a20648f0b9498453c2656ea2edb0347ebb64ada76fe1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:10 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 14:30:02 GMT
server: nginx
etag: W/"645512ea-fcd"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 text-editor.2c35aafbe5bf0e127950.bundle.min.js Show response
cofense2022stg.wpengine.com/wp-content/plugins/elementor/assets/js/ 1 KB
912 B 155ms
154ms Script
application/javascript 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.12.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 19bdcc42d8493c4c89fff6e24832b553a87e170b38d2564c823efb5dd931748a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:10 GMT
content-encoding: br
last-modified: Tue, 02 May 2023 14:17:40 GMT
server: nginx
etag: W/"64511b84-550"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 share-buttons.0bdd88c45462dfb2b073.bundle.min.js Show response
cofense2022stg.wpengine.com/wp-content/plugins/elementor-pro/assets/js/ 1 KB
841 B 138ms
138ms Script
application/javascript 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/plugins/elementor-pro/assets/js/share-buttons.0bdd88c45462dfb2b073.bundle.min.js
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.12.3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: b12ecc62ec6d0d12eb19d51ec80e63d04d3c32478672e074808f8d3beedd7a37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:10 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 14:30:02 GMT
server: nginx
etag: W/"645512ea-4bd"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 load-more.c9f6aac03af905f4e206.bundle.min.js Show response
cofense2022stg.wpengine.com/wp-content/plugins/elementor-pro/assets/js/ 5 KB
2 KB 137ms
136ms Script
application/javascript 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/plugins/elementor-pro/assets/js/load-more.c9f6aac03af905f4e206.bundle.min.js
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.12.3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: f74dc3dd99ec373eed444cfbf2d5bb3be4fdc2dd5c9ead1de29d930dea1e1a84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:10 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 14:30:02 GMT
server: nginx
etag: W/"645512ea-15eb"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 posts.e33113a212454e383747.bundle.min.js Show response
cofense2022stg.wpengine.com/wp-content/plugins/elementor-pro/assets/js/ 3 KB
1 KB 177ms
177ms Script
application/javascript 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/plugins/elementor-pro/assets/js/posts.e33113a212454e383747.bundle.min.js
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.12.3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: c72c66fc056166d2ffffc5b2471c15c50e74cea1e69070fa323ac81b73998844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:10 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 14:30:02 GMT
server: nginx
etag: W/"645512ea-cfd"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 cofense.png
cofense2022stg.wpengine.com/wp-content/uploads/2022/06/ 4 KB
4 KB 143ms
141ms Image
image/png 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cofense2022stg.wpengine.com/wp-content/uploads/2022/06/cofense.png
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5bca3153792e728edf2e4d182e5140b8877cb477241f1e17dad040ac3ef3672f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:10 GMT
last-modified: Fri, 17 Mar 2023 16:01:14 GMT
server: nginx
etag: "64148eca-fc4"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 4036

GET
H2 200 cofense-forrester-landscape-report-768x402.png
cofense2022stg.wpengine.com/wp-content/uploads/2023/02/ 222 KB
222 KB 144ms
141ms Image
image/png 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cofense2022stg.wpengine.com/wp-content/uploads/2023/02/cofense-forrester-landscape-report-768x402.png
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: bc963ec675a47c9549e8fa57d49a196bfa1faea63135a4cee881f68ccde88037

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:10 GMT
last-modified: Mon, 13 Feb 2023 15:44:41 GMT
server: nginx
etag: "63ea5ae9-37738"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 227128

GET
H2 200 Blog-Post-Earthquake-1200x628-1-768x402.jpg
cofense2022stg.wpengine.com/wp-content/uploads/2023/02/ 38 KB
38 KB 144ms
142ms Image
image/jpeg 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cofense2022stg.wpengine.com/wp-content/uploads/2023/02/Blog-Post-Earthquake-1200x628-1-768x402.jpg
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: ef95e055a869e0da0233ad796b7090126244c80e15cf0a4b8d29f7a44d70065a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:10 GMT
last-modified: Mon, 13 Feb 2023 21:37:23 GMT
server: nginx
etag: "63eaad93-9832"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 38962

GET
H2 200 what-to-do-if-youre-in-a-romance-scam-768x402.jpg
cofense2022stg.wpengine.com/wp-content/uploads/2023/02/ 33 KB
33 KB 142ms
140ms Image
image/jpeg 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cofense2022stg.wpengine.com/wp-content/uploads/2023/02/what-to-do-if-youre-in-a-romance-scam-768x402.jpg
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4f7c9d18aa800107e6970d53012df044bb42e14795c2cb7555ca5317c7e63589

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:10 GMT
last-modified: Tue, 14 Feb 2023 21:35:22 GMT
server: nginx
etag: "63ebfe9a-825d"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 33373

GET
H2 200 6si.min.js Show response
j.6sc.co/ 33 KB
11 KB 176ms
40ms Script
application/javascript 23.36.162.205
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.205 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-205.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

12ce92cc3c4eb9d74f48e9a10eb919bdf30bbdc5ccf9843c6543fec302dec54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 02:13:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 04 Apr 2023 21:13:35 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "642c92ff-8319"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 10492
expires: Mon, 08 May 2023 02:13:10 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 134ms
39ms Script
application/x-javascript 2a02:26f0:3500:16::215:148d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5RQ37KH

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=10986
accept-ranges: bytes
content-length: 4777

GET
H2 403 lt-v3.js
lltrck.com/scripts/ 0
0 365ms
117ms Script
text/html 52.73.0.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://lltrck.com/scripts/lt-v3.js?llid=19612
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.0.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-0-225.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

GET
H2 200 2Uq3HoQoVZEHgHXXf288 Show response
ws.zoominfo.com/pixel/ 3 KB
2 KB 289ms
195ms Script
text/javascript 2606:4700::6810:a852
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/2Uq3HoQoVZEHgHXXf288

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a852 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

9cd2be9bf48aaa097c2067d7fcbedeeae90655729b4808fca55fefc62a4c1ae1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7c3e2e955b9d1c60-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 140ms
40ms Script
application/x-javascript 23.197.137.224
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.137.224 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-137-224.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Mon, 08 May 2023 02:13:10 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H2 200 oktrk.js Show response
static.oktopost.com/ 9 KB
4 KB 166ms
41ms Script
application/javascript 65.9.95.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.oktopost.com/oktrk.js
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-96.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 09016600a13dd4825b72516765a8da53d1ab896f7582c4619d014e8ee147ea84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sun, 07 May 2023 03:14:03 GMT
content-encoding: gzip
via: 1.1 0c8bf5614b4bcc3e76982cb7ff9a7662.cloudfront.net (CloudFront)
last-modified: Mon, 27 Jan 2020 09:47:41 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 82747
etag: W/"57315c24d6fec75c4d46a8cc3fa6e0d5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: ReBH4JYtMTr-t1rEzjZTA8w09tyP3DY4SSXoYCVt7VrAb-073l-Mew==

GET
H2 200 28krvx2uf9n3.js Show response
js.driftt.com/include/1683512100000/ 220 KB
62 KB 408ms
281ms Script
application/javascript 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1683512100000/28krvx2uf9n3.js

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6b9d2b8c3dcf839410a0cf4595656edc46236f9307d14e49d678af1c4b03451e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:10 GMT
x-amz-version-id: XhVOTgbwtLKwW8VMnxf7wLVeviiPlEu0
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 28
last-modified: Thu, 04 May 2023 16:09:13 GMT
server: istio-envoy
etag: W/"e43dddcd44296b71ebf0eade76585afd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 55SRUfHKNmE3b1KoBd_9USnP7kvTS8ZGH6G-23yRHKwgynHHEkJ3sQ==

GET
H2 200 tracking.js Show response
trk.techtarget.com/ 3 KB
2 KB 176ms
60ms Script
text/javascript 2606:4700::6812:d9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trk.techtarget.com/tracking.js
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d9f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:10 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 15:01:39 GMT
server: cloudflare
age: 553
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1200
cf-ray: 7c3e2e958e15691b-FRA
expires: Mon, 08 May 2023 02:13:57 GMT

GET
H2 200 ed9ggbnvvo Show response
www.clarity.ms/tag/ 1 KB
2 KB 254ms
133ms Script
application/x-javascript 2620:1ec:4f:1::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/ed9ggbnvvo?ref=gtm2
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4f:1::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: fa2097c7597ba1ea9ce7d12d82dbe307071a3d0bc409ee3d999fe29d6e3d0c7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-type: application/x-javascript
date: Mon, 08 May 2023 02:13:10 GMT
cache-control: no-cache, no-store
expires: -1
x-azure-ref: 0tlpYZAAAAACCIHCwOTdZSqbrH8n3L5FXRlJBMzFFREdFMDQwNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 265 KB
87 KB 67ms
66ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3G76T4W3LR&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5RQ37KH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f6fee3a799e728409177857ac391bd003bb803d7489e01c521a53258749f97cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88758
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 08 May 2023 02:13:10 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 130ms
40ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5RQ37KH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 08 May 2023 01:05:00 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 4090
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Mon, 08 May 2023 03:05:00 GMT

GET
H2 200 share-link.min.js Show response
cofense2022stg.wpengine.com/wp-content/plugins/elementor/assets/lib/share-link/ 3 KB
1 KB 164ms
163ms Script
application/javascript 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cofense2022stg.wpengine.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.12.2
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.12.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 138154c0deed3326477b9b4909175101070a5a3a95342291b53d8cc9879a5f47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:10 GMT
content-encoding: br
last-modified: Tue, 02 May 2023 14:17:40 GMT
server: nginx
etag: W/"64511b84-a3c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 cofense-forrester-landscape-report-1024x536.png
cofense2022stg.wpengine.com/wp-content/uploads/2023/02/ 340 KB
340 KB 143ms
142ms Image
image/png 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cofense2022stg.wpengine.com/wp-content/uploads/2023/02/cofense-forrester-landscape-report-1024x536.png
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 49ccde5bd28dd1b912e31322fa9376d751bbc588dd3b98eed4c1c3e470a8fd88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:10 GMT
last-modified: Mon, 13 Feb 2023 15:44:37 GMT
server: nginx
etag: "63ea5ae5-54e08"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 347656

GET
H2 200 Blog-Post-Earthquake-1200x628-1-1024x536.jpg
cofense2022stg.wpengine.com/wp-content/uploads/2023/02/ 56 KB
57 KB 139ms
139ms Image
image/jpeg 34.74.117.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cofense2022stg.wpengine.com/wp-content/uploads/2023/02/Blog-Post-Earthquake-1200x628-1-1024x536.jpg
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.74.117.101 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 101.117.74.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: b8597acdd0f11a49c1fd1a1b170b494325848476d83c86a2b6832628b3de9916

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:10 GMT
last-modified: Mon, 13 Feb 2023 21:37:21 GMT
server: nginx
etag: "63eaad91-e146"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 57670

POST
H2 204 collect
region1.analytics.google.com/g/ 0
262 B 137ms
48ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-3G76T4W3LR&gtm=45je3530&_p=539072950&_gaz=1&cid=1811158415.1683511991&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1683511990&sct=1&seg=0&dl=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F&dt=Malicious%20email%20campaigns%20abusing%20Telegram%20bots%20rise%20tremendously%20in%20Q1%202023%2C%20surpassing%20all%20of%202022%20by%20310%25&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3G76T4W3LR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 02:13:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cofense2022stg.wpengine.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
262 B 149ms
49ms Ping
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3G76T4W3LR&cid=1811158415.1683511991&gtm=45je3530&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3G76T4W3LR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 02:13:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cofense2022stg.wpengine.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 141ms
50ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3G76T4W3LR&cid=1811158415.1683511991&gtm=45je3530&aip=1&z=1364931125

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 02:13:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/300721/domain/cofense2022stg.wpengine.com/ 36 B
369 B 325ms
203ms XHR
application/json 2600:9000:2127:2a00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/300721/domain/cofense2022stg.wpengine.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:2a00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://cofense2022stg.wpengine.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:10 GMT
content-encoding: gzip
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: d3thlM63KA4LOYsUg7W0KsJFaEy-r_1_3S4UvVzxIMj1bGdrR4AkHw==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=300721&time=1683511990650&url=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D300721%26time%3D1683511990650%26url%3Dhttps%253A%252F%252Fcofense2022stg.wpengine...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=300721&time=1683511990650&url=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=300721&time=1683511990650&url=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendousl...

0
268 B

337ms
208ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=300721&time=1683511990650&url=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F&tm=gtmv2&liSync=true&e_ipv6=AQI4g8s8lmWXMQAAAYf5IlyHmwwzFZq3v4jkyqZi5sNGODzJGvBsNwvUUXYw08QgVWP54K7Y
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:11 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 8AFEEC50995E4B66AC8677D6CE661FD3 Ref B: DUS30EDGE0717 Ref C: 2023-05-08T02:13:11Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX7JS4+gjy6Cb7NlmwBVQ==

Redirect headers

date: Mon, 08 May 2023 02:13:10 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 6F1B634E10C3485E9322B4DC82A894D4 Ref B: DUS30EDGE0407 Ref C: 2023-05-08T02:13:11Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=300721&time=1683511990650&url=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F&tm=gtmv2&liSync=true&e_ipv6=AQI4g8s8lmWXMQAAAYf5IlyHmwwzFZq3v4jkyqZi5sNGODzJGvBsNwvUUXYw08QgVWP54K7Y
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX7JS45WMHP9DsEIbJ26Q==

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ 11 KB
5 KB 47ms
45ms Script
application/x-javascript 23.197.137.224
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.137.224 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-137-224.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Mon, 08 May 2023 02:13:10 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Wed, 16 Aug 2023 02:13:10 GMT

GET
H2 200 ping Show response
okt.to/ 0
100 B 416ms
166ms Script
text/javascript 52.20.195.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://okt.to/ping?uri=%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F&aid=001shx33p56dsdg&ts=1683511990679

Requested by

Host: static.oktopost.com
URL: https://static.oktopost.com/oktrk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.20.195.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-20-195-32.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:11 GMT
strict-transport-security: max-age=31536000;
content-type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK getuidj Show response
secure.adnxs.com/ 11 B
827 B 151ms
47ms XHR
application/json 185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 May 2023 02:13:10 GMT
AN-X-Request-Uuid: d5124af2-9df1-442d-b1ea-cbd7092a27fc
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://cofense2022stg.wpengine.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
210 B 53ms
42ms XHR
text/html 23.36.162.205
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.205 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-205.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:10 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://cofense2022stg.wpengine.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 20 B
319 B 178ms
40ms XHR
text/html 2a02:26f0:3500:14::1724:a259
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:14::1724:a259 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3992ccb3af03535e9a36522b5bdab5c153ee264de529da6bb1eea9fcfa654abc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 02:13:10 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://cofense2022stg.wpengine.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2a01:4a0:1338:92::11
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467642_388276249_224827185_14_754_39_0";dur=1
content-length: 20
expires: Mon, 08 May 2023 02:13:10 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
210 B 51ms
43ms XHR
text/html 23.36.162.205
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.205 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-205.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:10 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://cofense2022stg.wpengine.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 20 B
319 B 177ms
41ms XHR
text/html 2a02:26f0:3500:14::1724:a259
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:14::1724:a259 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3992ccb3af03535e9a36522b5bdab5c153ee264de529da6bb1eea9fcfa654abc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 02:13:10 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://cofense2022stg.wpengine.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2a01:4a0:1338:92::11
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467642_388276249_224827186_21_569_39_0";dur=1
content-length: 20
expires: Mon, 08 May 2023 02:13:10 GMT

GET
H2 200 gif.gif Show response
ibc-flow.techtarget.com/a/ 43 B
465 B 175ms
175ms XHR
image/gif 34.111.208.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=17654763&r=1683511990691&ref=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F&version=2.4
Requested by: Host: trk.techtarget.com
URL: https://trk.techtarget.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.208.111.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

ibc_rate_tier: 17654763
Referer: https://cofense2022stg.wpengine.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:11 GMT
via: 1.1 google
x-guploader-uploadid: ADPycdtVKajdR3WnfEuz-0HbfwDo30AxI0YRDVkmL-YKGqRFlIvR_FiosEhRX1uhAfO77iAShlZID5HZHdihV51pTgEV7Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
last-modified: Thu, 08 Dec 2022 21:19:29 GMT
server: nginx/1.20.2
etag: "fc94fb0c3ed8a8f909dbc7630a0987ff"
vary: Origin
x-goog-generation: 1670534369365034
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=7uenZA==, md5=/JT7DD7YqPkJ28djCgmH/w==
cache-control: public, max-age=3600
access-control-allow-methods: GET, POST, OPTIONS
x-goog-stored-content-length: 43
accept-ranges: bytes
access-control-allow-headers: ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
expires: Mon, 08 May 2023 03:13:11 GMT

OPTIONS
H2 200 gif.gif
ibc-flow.techtarget.com/a/ Frame 0
0 236ms
143ms Preflight
text/html 34.111.208.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=17654763&r=1683511990691&ref=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F&version=2.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.208.111.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: ibc_rate_tier
Access-Control-Request-Method: GET
Origin: https://cofense2022stg.wpengine.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-headers: ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 08 May 2023 02:13:10 GMT
expires: Mon, 08 May 2023 02:13:10 GMT
server: nginx/1.20.2
vary: Origin
via: 1.1 google
x-guploader-uploadid: ADPycdsvrFHFuPOj43_s6aMh-Xt4Ju8evApuIFcgjXXIRip04G_rydCURuznuCrO50X1wuYbhgOoSR0TGWJ5UmQH7nPQSQ

POST
H/1.1 200
OK visitWebPage
404-jhu-612.mktoresp.com/webevents/ 2 B
318 B 1012ms
123ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://404-jhu-612.mktoresp.com/webevents/visitWebPage?_mchNc=1683511990730&_mchCn=&_mchId=404-JHU-612&_mchTk=_mch-wpengine.com-1683511990730-48348&_mchHo=cofense2022stg.wpengine.com&_mchPo=&_mchRu=%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Mon, 08 May 2023 02:13:11 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 3d7c440d-4c1b-4739-8750-426816c9d55f

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.7/ 56 KB
19 KB 44ms
42ms Script
application/javascript 2620:1ec:4f:1::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.7/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/ed9ggbnvvo?ref=gtm2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4f:1::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d13b38445a994d5cca2bc90c0155435b3e0146d1d0dc7f3b667ef90c8df65329

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:10 GMT
content-encoding: br
last-modified: Sun, 07 May 2023 19:45:37 GMT
x-azure-ref-originshield: 0jCxYZAAAAADrPZxTOTNlRYXA5eTZJ7htRlJBMjMxMDUwNDE4MDQ1ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag: "0x8DB4F33A14A8A60"
x-azure-ref: 0tlpYZAAAAAB2iVk1ughPS5u3oMs9MbGoRlJBMzFFREdFMDQwNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: TCP_HIT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 736a8200-801e-0067-3936-813e27000000
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
accept-ranges: bytes

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 96ms
50ms XHR
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-114787942-1&cid=1811158415.1683511991&jid=430080717&gjid=948157562&_gid=270694846.1683511991&_u=YCDAgUABAAAAAEAAI~&z=2121417662

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cofense2022stg.wpengine.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 08 May 2023 02:13:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cofense2022stg.wpengine.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 40ms
40ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&aip=1&a=539072950&t=pageview&_s=1&dl=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F&ul=en-us&de=UTF-8&dt=Malicious%20email%20campaigns%20abusing%20Telegram%20bots%20rise%20tremendously%20in%20Q1%202023%2C%20surpassing%20all%20of%202022%20by%20310%25&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgUABAAAAAAAAI~&jid=430080717&gjid=948157562&cid=1811158415.1683511991&tid=UA-114787942-1&_gid=270694846.1683511991&gtm=45He3530n815RQ37KH&z=1573669148

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 May 2023 22:06:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 14808
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
494 B 249ms
239ms Image
image/gif 23.36.162.205
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=b253130e4accad98012a3abe3f4b4c7a&svisitor=null&visitor=a7d33a4a-5f46-41ba-82ca-b0a7742bb384&session=a5d1c267-ffdc-4abc-8034-4b51728d2087&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Mon%2C%2008%20May%202023%2002%3A13%3A10%20GMT%22%2C%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2008%20May%202023%2002%3A13%3A10%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22b253130e4accad98012a3abe3f4b4c7a%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2008%20May%202023%2002%3A13%3A10%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableRetargeting%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2008%20May%202023%2002%3A13%3A10%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2008%20May%202023%2002%3A13%3A10%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2008%20May%202023%2002%3A13%3A10%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22b253130e4accad98012a3abe3f4b4c7a%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2008%20May%202023%2002%3A13%3A10%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2008%20May%202023%2002%3A13%3A10%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%22a9e769d7d96a596f969b9dc5023033e21a69bf40%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2008%20May%202023%2002%3A13%3A10%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22%5Btrue%2Cnull%2C3%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2008%20May%202023%2002%3A13%3A10%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22Q1%20of%202023%20was%20filled%20with%20many%20updates%20and%20changes%20to%20the%20major%20malware%20families%20used%20in%20phishing%20scams%2C%20as%20well%20as%20several%20notable%20deviations%20in%20tactics%2C%20techniques%2C%20and%20procedures%20(TTPs).%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Malicious%20email%20campaigns%20abusing%20Telegram%20bots%20rise%20tremendously%20in%20Q1%202023%2C%20surpassing%20all%20of%202022%20by%20310%25%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F&pageViewId=5b3ec331-448c-4806-8708-966fffc7ed17&an_uid=0

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.205 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-205.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:11 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
494 B 253ms
246ms Image
image/gif 23.36.162.205
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=b253130e4accad98012a3abe3f4b4c7a&svisitor=null&visitor=a7d33a4a-5f46-41ba-82ca-b0a7742bb384&session=a5d1c267-ffdc-4abc-8034-4b51728d2087&event=ipv6&q=%7B%22address%22%3A%222a01%3A4a0%3A1338%3A92%3A%3A11%22%7D&isIframe=false&m=%7B%22description%22%3A%22Q1%20of%202023%20was%20filled%20with%20many%20updates%20and%20changes%20to%20the%20major%20malware%20families%20used%20in%20phishing%20scams%2C%20as%20well%20as%20several%20notable%20deviations%20in%20tactics%2C%20techniques%2C%20and%20procedures%20(TTPs).%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Malicious%20email%20campaigns%20abusing%20Telegram%20bots%20rise%20tremendously%20in%20Q1%202023%2C%20surpassing%20all%20of%202022%20by%20310%25%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F&pageViewId=5b3ec331-448c-4806-8708-966fffc7ed17&an_uid=0

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.205 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-205.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:11 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 details Show response
epsilon.6sense.com/v3/company/ 726 B
580 B 128ms
43ms XHR
application/json 3.121.193.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.193.168 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-193-168.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 0fe30a881b9d89d4dc8bf8100a8e5550ce4a09232f1cb4c109f105307f77b93b

Request headers

Referer: https://cofense2022stg.wpengine.com/
accept-language: de-DE,de;q=0.9
Authorization: Token a9e769d7d96a596f969b9dc5023033e21a69bf40
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:11 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://cofense2022stg.wpengine.com
access-control-allow-credentials: true
content-length: 387

OPTIONS
H2 200 details
epsilon.6sense.com/v3/company/ Frame 0
0 240ms
139ms Preflight 3.121.193.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.193.168 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-193-168.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://cofense2022stg.wpengine.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://cofense2022stg.wpengine.com
access-control-max-age: 1800
date: Mon, 08 May 2023 02:13:11 GMT
server: nginx

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 233ms
142ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-114787942-1&cid=1811158415.1683511991&jid=430080717&_u=YCDAgUABAAAAAEAAI~&z=1839161686

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 02:13:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 54ms
53ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-114787942-1&cid=1811158415.1683511991&jid=430080717&_u=YCDAgUABAAAAAEAAI~&z=1839161686

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 02:13:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
u.clarity.ms/ 0
307 B 527ms
249ms XHR
text/plain 4.227.249.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.7/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.227.249.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://cofense2022stg.wpengine.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://cofense2022stg.wpengine.com
Date: Mon, 08 May 2023 02:13:11 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
BLOB 200
OK 8c5c00dc-e2c9-4eee-a48f-88cbad9ab2c3
https://cofense2022stg.wpengine.com/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://cofense2022stg.wpengine.com/8c5c00dc-e2c9-4eee-a48f-88cbad9ab2c3
Requested by: Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Length: 43
Content-Type: image/gif

GET
H2 200 core Show response
js.driftt.com/ Frame 8AD0 2 KB
1 KB 376ms
376ms Document
text/html 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=62f12277-33e1-44a5-b79b-d58254c97334&sessionStarted=1683511991.205&campaignRefreshToken=b1dc1488-d16a-4776-8a30-9ae53b883c0f&hideController=false&pageLoadStartTime=1683511989477&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1683512100000/28krvx2uf9n3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

5c66f4108473184234cf51f10908502db1c5df427894267225f3de5921c61c47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cofense2022stg.wpengine.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 08 May 2023 02:13:11 GMT
etag: W/"9b7b96110fb134a09fa0ff05b8c26b2b"
last-modified: Thu, 04 May 2023 16:08:34 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-id: Lc3LHaDLTURhtjZB-5Cvq0HnlUi4LC6zz44bimo2TxJ_eltRIgoDZg==
x-amz-cf-pop: PRG50-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: BZLpoKRqcDZPGz8NNQ8bmB5uDfjgQiMA
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 23

GET
H2 200 chat Show response
js.driftt.com/core/ Frame 3CF0 2 KB
1 KB 376ms
375ms Document
text/html 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683511989477

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1683512100000/28krvx2uf9n3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

5c66f4108473184234cf51f10908502db1c5df427894267225f3de5921c61c47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cofense2022stg.wpengine.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 08 May 2023 02:13:11 GMT
etag: W/"9b7b96110fb134a09fa0ff05b8c26b2b"
last-modified: Thu, 04 May 2023 16:08:34 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-id: jpRHUy-FpLr_DeCozgoRKa8Nx9FptjCVkFRICdAAw7FtSUvPHIt8oA==
x-amz-cf-pop: PRG50-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: BZLpoKRqcDZPGz8NNQ8bmB5uDfjgQiMA
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 17

GET
H2 200 runtime~main.dc7863b5.js Show response
js.driftt.com/core/assets/js/ Frame 8AD0 6 KB
3 KB 41ms
41ms Script
application/javascript 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=62f12277-33e1-44a5-b79b-d58254c97334&sessionStarted=1683511991.205&campaignRefreshToken=b1dc1488-d16a-4776-8a30-9ae53b883c0f&hideController=false&pageLoadStartTime=1683511989477&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7853bdaed34edce2ba110418f4677ddb6f3e60a9fb633ddb53cedde9be850651

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=62f12277-33e1-44a5-b79b-d58254c97334&sessionStarted=1683511991.205&campaignRefreshToken=b1dc1488-d16a-4776-8a30-9ae53b883c0f&hideController=false&pageLoadStartTime=1683511989477&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 16:08:33 GMT
x-amz-version-id: Y358XD4z_VswIFiGNjNgxzdTtbO.00js
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 295478
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 23
last-modified: Thu, 04 May 2023 15:31:54 GMT
server: istio-envoy
etag: W/"6bbd5483fae0e13bddaebd9b2e36be61"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ijTBFNuVbGU5CtIKbivmXObl_Oh-Q8pCMrY25Tm9ixwrp4WuvzKfmg==

GET
H2 200 10.f16292bd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8AD0 35 KB
13 KB 46ms
45ms Script
application/javascript 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.f16292bd.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

958a03c833d9116f7ab9a5ee503f7b0360b9291b268bfb77128a8f0e19238613

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=62f12277-33e1-44a5-b79b-d58254c97334&sessionStarted=1683511991.205&campaignRefreshToken=b1dc1488-d16a-4776-8a30-9ae53b883c0f&hideController=false&pageLoadStartTime=1683511989477&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 21:09:20 GMT
x-amz-version-id: G_6NClC87z4YKUQ5LgwT1mGmKMQH18YO
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 5720631
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 22
last-modified: Thu, 02 Mar 2023 19:44:19 GMT
server: istio-envoy
etag: W/"cdb5f42b656ab6b237aa50c24c0d8474"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: T3hJqaJO0G2bk_f9o8sNt6EHx7K38mSRygjlAdV4x7-XfxuhIRH9_w==

GET
H2 200 main~493df0b3.02edd878.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8AD0 7 KB
3 KB 48ms
47ms Script
application/javascript 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.02edd878.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

95245f488fc923a05392ac8ca5985ac00d44b0603ba7b987d103475181268d88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=62f12277-33e1-44a5-b79b-d58254c97334&sessionStarted=1683511991.205&campaignRefreshToken=b1dc1488-d16a-4776-8a30-9ae53b883c0f&hideController=false&pageLoadStartTime=1683511989477&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 15:25:04 GMT
x-amz-version-id: ZGXRjkwntAZAyyVro2gsMILG77cnzYy4
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 4963687
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 26
last-modified: Thu, 09 Mar 2023 19:38:36 GMT
server: istio-envoy
etag: W/"552f770e8c42c3e418dbe498f587a82e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: h-Da33QHrZQffYbDZTho7PYs0ThqCapkP5ZwJ80wwQWGyPr52UpaRQ==

GET
H2 200 runtime~main.dc7863b5.js Show response
js.driftt.com/core/assets/js/ Frame 3CF0 6 KB
3 KB 43ms
42ms Script
application/javascript 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683511989477

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7853bdaed34edce2ba110418f4677ddb6f3e60a9fb633ddb53cedde9be850651

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683511989477
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 16:08:33 GMT
x-amz-version-id: Y358XD4z_VswIFiGNjNgxzdTtbO.00js
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 295478
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 23
last-modified: Thu, 04 May 2023 15:31:54 GMT
server: istio-envoy
etag: W/"6bbd5483fae0e13bddaebd9b2e36be61"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _JOeUqpT613PnZS8b4uVX5I3a1yxQttiJdAl5LdIUtgT2_XdOkVlHw==

GET
H2 200 10.f16292bd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3CF0 35 KB
13 KB 48ms
47ms Script
application/javascript 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.f16292bd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683511989477

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

958a03c833d9116f7ab9a5ee503f7b0360b9291b268bfb77128a8f0e19238613

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683511989477
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 21:09:20 GMT
x-amz-version-id: G_6NClC87z4YKUQ5LgwT1mGmKMQH18YO
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 5720631
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 22
last-modified: Thu, 02 Mar 2023 19:44:19 GMT
server: istio-envoy
etag: W/"cdb5f42b656ab6b237aa50c24c0d8474"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: hGHBIEK4CiStOqx6uhW4x4wknWlExPjFPQnotP8a_rGSxHz0Z0sMbg==

GET
H2 200 main~493df0b3.02edd878.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3CF0 7 KB
3 KB 50ms
49ms Script
application/javascript 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.02edd878.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683511989477

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

95245f488fc923a05392ac8ca5985ac00d44b0603ba7b987d103475181268d88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683511989477
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 15:25:04 GMT
x-amz-version-id: ZGXRjkwntAZAyyVro2gsMILG77cnzYy4
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 4963687
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 26
last-modified: Thu, 09 Mar 2023 19:38:36 GMT
server: istio-envoy
etag: W/"552f770e8c42c3e418dbe498f587a82e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: QB6PGEnh1ozYhglElfbE6nQJu4Lk3_gbxN_J5EpKFpbEcXYet6Xc8w==

GET
H2 200 52.b1edaf4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8AD0 23 KB
8 KB 45ms
43ms Script
application/javascript 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7cb58278c8f54a62c0afa6da0c67b3a45aad637a0bf614e9c0dd42b73cee266b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=62f12277-33e1-44a5-b79b-d58254c97334&sessionStarted=1683511991.205&campaignRefreshToken=b1dc1488-d16a-4776-8a30-9ae53b883c0f&hideController=false&pageLoadStartTime=1683511989477&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: TtzAkuiFg5ajpar.KJembGW97mIyyYtK
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 8671695
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Fri, 27 Jan 2023 17:00:21 GMT
server: istio-envoy
etag: W/"cd29b9bc973e48a7fcd0ee7153bdf03b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: CWc1d0mC1s7cq0TS0XRPlbny1lthmQcSuv3-pcTu0YnHfP_SdOpX9w==

GET
H2 200 36.b49bf23f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8AD0 36 KB
10 KB 48ms
45ms Script
application/javascript 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/36.b49bf23f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c2b7a45d31339f18ed57fd095feca4da1b3fbab75a5afbc053957f6e8e1613a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=62f12277-33e1-44a5-b79b-d58254c97334&sessionStarted=1683511991.205&campaignRefreshToken=b1dc1488-d16a-4776-8a30-9ae53b883c0f&hideController=false&pageLoadStartTime=1683511989477&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: SWSsVLzyOcOhQhmvR.pbvKyQeo7W0A10
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 8671694
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 20
last-modified: Fri, 27 Jan 2023 17:00:21 GMT
server: istio-envoy
etag: W/"4ae92c53ef226eb2a201fc855ccb7835"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4z1ZYa07gk7982NMNnmmrtlyVxA1UfjQI74pFpwUgDsIbrqqL1OV_w==

GET
H2 200 25.22647a55.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8AD0 32 KB
11 KB 55ms
52ms Script
application/javascript 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.22647a55.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

ec547a2f9fde5ce8e398da2810828ba3c30c641ce2761f5bf915225efb35f919

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=62f12277-33e1-44a5-b79b-d58254c97334&sessionStarted=1683511991.205&campaignRefreshToken=b1dc1488-d16a-4776-8a30-9ae53b883c0f&hideController=false&pageLoadStartTime=1683511989477&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 01:43:17 GMT
x-amz-version-id: 2vw0CtA.PHc4jRwS3xjJk01hiPMLFQVM
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 4840194
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Thu, 09 Mar 2023 19:38:34 GMT
server: istio-envoy
etag: W/"2ce6c446f71a395ff41647c9ba4b9c19"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: HCyKUWBzoJcbgtGxyJTpWPKvT9cj3hH__4D2Mbb__LFctIer7zBBzg==

GET
H2 200 20.2ffef383.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8AD0 17 KB
6 KB 56ms
53ms Script
application/javascript 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.2ffef383.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

f46108976666130f89c43a82ee045f7a3afb264494060ef6b3d9eb6589e49d16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=62f12277-33e1-44a5-b79b-d58254c97334&sessionStarted=1683511991.205&campaignRefreshToken=b1dc1488-d16a-4776-8a30-9ae53b883c0f&hideController=false&pageLoadStartTime=1683511989477&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:57 GMT
x-amz-version-id: Sl_LzJMe7m6MkWEK9Fxqk3gRf.6SeAYu
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 8671694
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 26
last-modified: Fri, 27 Jan 2023 17:00:20 GMT
server: istio-envoy
etag: W/"ec6e94b6cea3a27506634867a8009ded"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: JNfY5J1UA_Mz4QxMM2q4kKkc34Yc-Ime8CELb26d2bR1S7w8b530zg==

GET
H2 200 42.67956b13.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8AD0 25 KB
8 KB 59ms
57ms Script
application/javascript 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/42.67956b13.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

9d88866c6295ffc0cadaa1ccb951367e196737a413482176d5787b70aae04ef0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=62f12277-33e1-44a5-b79b-d58254c97334&sessionStarted=1683511991.205&campaignRefreshToken=b1dc1488-d16a-4776-8a30-9ae53b883c0f&hideController=false&pageLoadStartTime=1683511989477&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 09:03:35 GMT
x-amz-version-id: kStUNJx9OfrLCb3RfCcun7rbKUSHEW0V
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 5159376
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 63
last-modified: Wed, 08 Mar 2023 16:58:41 GMT
server: istio-envoy
etag: W/"d53cdfd4559700cfe085380882a8e897"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: E2mesJz5DCrloq_yK5iSHD0YjKoZFnzx4kNO2cJydrB6FEzPSXn53A==

GET
H2 200 21.b3438b1b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8AD0 74 KB
23 KB 66ms
63ms Script
application/javascript 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.b3438b1b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

3169ab3142fbf3ecf7eee1b5682a4556ed8a3d4ba940befa71c31b5a43991d92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=62f12277-33e1-44a5-b79b-d58254c97334&sessionStarted=1683511991.205&campaignRefreshToken=b1dc1488-d16a-4776-8a30-9ae53b883c0f&hideController=false&pageLoadStartTime=1683511989477&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 15:25:04 GMT
x-amz-version-id: yJgjq3Y.NdlvvlSrrkDFOHibDcUMWHhA
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 4963686
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 72
last-modified: Thu, 09 Mar 2023 19:38:34 GMT
server: istio-envoy
etag: W/"10e1bfa61646f14df045c581bc9410fd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: HPXsmxzWDvPjUrEKRfyfyINAJSPGv0SxbrI2r4vx0zATaJfy4_Okhg==

GET
H2 200 27.3951aad8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8AD0 66 KB
20 KB 97ms
95ms Script
application/javascript 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/27.3951aad8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e8e658c81a7ff92a6e0f9049ee3a8fc42082e8303abb6ed44c73361259cbdbae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=62f12277-33e1-44a5-b79b-d58254c97334&sessionStarted=1683511991.205&campaignRefreshToken=b1dc1488-d16a-4776-8a30-9ae53b883c0f&hideController=false&pageLoadStartTime=1683511989477&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 03:47:36 GMT
x-amz-version-id: g7ZHbBl4KoWAk4lQHatm3evbecfcfnIo
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 5091935
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 56
last-modified: Thu, 09 Mar 2023 19:38:34 GMT
server: istio-envoy
etag: W/"5b2b6d0508fe18c3efb6bcd6249fd4e1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: MeImIbKOFMY6OV6v-MNSYQJmErULLqSM_Veq6CqIPAu6jQWcWcvgxQ==

GET
H2 200 15.699b0dc7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8AD0 91 KB
28 KB 86ms
83ms Script
application/javascript 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.699b0dc7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

047d14c117d25e9e0a1a2ba3f4aa23a602d417fc7402294e484d20b19140ecf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=62f12277-33e1-44a5-b79b-d58254c97334&sessionStarted=1683511991.205&campaignRefreshToken=b1dc1488-d16a-4776-8a30-9ae53b883c0f&hideController=false&pageLoadStartTime=1683511989477&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 07:30:00 GMT
x-amz-version-id: n9GruAaETS.dTDHSMFxdmtIA_seQfzYP
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 5251391
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 84
last-modified: Tue, 07 Mar 2023 18:47:38 GMT
server: istio-envoy
etag: W/"43d1442a9d30453da9eaeb12b9daafff"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: fOcpZSGFH8ZDEVjgwzYhOX_zcQ0dGmSAxi_g2nuiZQtETuPHHzBtlQ==

GET
H2 200 12.d33926cb.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8AD0 23 KB
7 KB 103ms
101ms Script
application/javascript 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/12.d33926cb.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

28816769ece0ee343025ff388216c645e175c92cce4db6bd812a321b1ad345c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=62f12277-33e1-44a5-b79b-d58254c97334&sessionStarted=1683511991.205&campaignRefreshToken=b1dc1488-d16a-4776-8a30-9ae53b883c0f&hideController=false&pageLoadStartTime=1683511989477&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 09:37:26 GMT
x-amz-version-id: LixMHf6NcuoemyCPMkOefmX4oMvPmP6.
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 5330145
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 43
last-modified: Mon, 06 Mar 2023 18:17:47 GMT
server: istio-envoy
etag: W/"bdcb035523ec144399213aa65a8430ff"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 2ipVuGCseCiOnMq5S_8AyO1HOjVFMiMP6_LNkm4lMpTcH6Zqu4LeHw==

GET
H2 200 19.8e79a39a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8AD0 62 KB
20 KB 111ms
110ms Script
application/javascript 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.8e79a39a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b7c5d1d3e03d31b9b450c0aac2972f3aef995be2a69ec5ecfa6200c4a321ef40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=62f12277-33e1-44a5-b79b-d58254c97334&sessionStarted=1683511991.205&campaignRefreshToken=b1dc1488-d16a-4776-8a30-9ae53b883c0f&hideController=false&pageLoadStartTime=1683511989477&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 10:52:57 GMT
x-amz-version-id: _7WO9g4j_sr0NEsyRo988G.ZrDiKBEza
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 4548014
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 30
last-modified: Mon, 13 Mar 2023 18:41:50 GMT
server: istio-envoy
etag: W/"c478a5bb4d7885e2b9250c6beeb4fd6d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: bNyCJHCf3AQDk-c_FZQ6dOJlhk3tvh4uMBZ6Bz_EUTcUn1HZfI9_uw==

GET
H2 200 50.de3b5864.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8AD0 105 KB
34 KB 115ms
113ms Script
application/javascript 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/50.de3b5864.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c8c302716cf94980a0d77e614d9fb6c430f166b5ef7c42b7c382771955e52ba6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=62f12277-33e1-44a5-b79b-d58254c97334&sessionStarted=1683511991.205&campaignRefreshToken=b1dc1488-d16a-4776-8a30-9ae53b883c0f&hideController=false&pageLoadStartTime=1683511989477&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: 1DnDsXjV5U2x4yjXf3GCnDIDPlyIffBu
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 8671695
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Fri, 27 Jan 2023 17:00:21 GMT
server: istio-envoy
etag: W/"114785899ceb423273fcc17aaad202e9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: umCP7bQ8uy8hHC9IrlkyP-pHjCHUto4e-xEDST8Tm3eAgVoh18nU5Q==

GET
H2 200 41.a1867ad4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8AD0 12 KB
4 KB 122ms
121ms Script
application/javascript 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/41.a1867ad4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d641c13a78017e11f15b152b78082bcd0cf474766f13ba649bfa6378d956c492

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=62f12277-33e1-44a5-b79b-d58254c97334&sessionStarted=1683511991.205&campaignRefreshToken=b1dc1488-d16a-4776-8a30-9ae53b883c0f&hideController=false&pageLoadStartTime=1683511989477&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 15:25:04 GMT
x-amz-version-id: bZ.OwCdGBDIKcnb7tqZ1Z1w7ZRrooMgn
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 4963686
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 37
last-modified: Thu, 09 Mar 2023 19:38:34 GMT
server: istio-envoy
etag: W/"299dd262bf32831c99dc78a9c5b5ca43"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5uP__qrLqH-kGqhkTsW51UEJJP8P2fduUAq_049nB3-4WHkM3frVfw==

GET
H2 200 30.57dfb56c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8AD0 13 KB
6 KB 123ms
121ms Script
application/javascript 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/30.57dfb56c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c96b2cd5b57e02ce65ab0a787a6c8ea69efbf424064e15500691847cd879e8ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=62f12277-33e1-44a5-b79b-d58254c97334&sessionStarted=1683511991.205&campaignRefreshToken=b1dc1488-d16a-4776-8a30-9ae53b883c0f&hideController=false&pageLoadStartTime=1683511989477&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: PRu.RNHym52TA_hlIcQB1Vv5VUA1vVKS
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 8671695
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Fri, 27 Jan 2023 17:00:21 GMT
server: istio-envoy
etag: W/"b8addee34a5cd2241740a2e3094039b3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 8QoZPWFUIfRAXvUAg47hOu0pnh5eQmpnuNfJ-GchBQJFmidt1M_5xg==

GET
H2 200 22.4cb40074.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8AD0 17 KB
7 KB 125ms
123ms Script
application/javascript 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.4cb40074.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

cdeb836f7f77cd2174fa0bb4aa3825963aa64faf657a24f988b82f1c4d28ce69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=62f12277-33e1-44a5-b79b-d58254c97334&sessionStarted=1683511991.205&campaignRefreshToken=b1dc1488-d16a-4776-8a30-9ae53b883c0f&hideController=false&pageLoadStartTime=1683511989477&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 15:25:26 GMT
x-amz-version-id: ykeUDE2sWwwza8uCQZo8fLwm_hGj240R
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 7037265
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 39
last-modified: Wed, 15 Feb 2023 15:10:12 GMT
server: istio-envoy
etag: W/"6cf24f8ea74f43662c776ce6af09d469"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: qdD2-z6-7tiB-XtQe8e1rLFLB96BJwC6k2kOJ57LYkkaxHykupKcPA==

GET
H2 200 9.b5c2854f.chunk.css
js.driftt.com/core/assets/css/ Frame 8AD0 31 KB
4 KB 179ms
178ms Stylesheet
text/css 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/9.b5c2854f.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

178c7e0dd0c602d457b8d91dd18b916c3f4220794fccb6067cac187f0c753795

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=62f12277-33e1-44a5-b79b-d58254c97334&sessionStarted=1683511991.205&campaignRefreshToken=b1dc1488-d16a-4776-8a30-9ae53b883c0f&hideController=false&pageLoadStartTime=1683511989477&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 13:04:48 GMT
x-amz-version-id: LhcyJeU2kFf26i1b16YWESXZ4pGeN9QF
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 3071303
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 40
last-modified: Wed, 29 Mar 2023 16:46:52 GMT
server: istio-envoy
etag: W/"9ef689f5d4cb5dab3b0e463418857c2f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 6Cm3C84sNL6LPFrqKKWaGxxO3xNwEig57cE2-yZi_ya6k9E7U2JlEg==

GET
H2 200 9.c3fb736e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8AD0 80 KB
25 KB 131ms
130ms Script
application/javascript 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.c3fb736e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

97835f51936631312648ce4198cd92c85beae9e09e3cdaff439c57ffccc5c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=62f12277-33e1-44a5-b79b-d58254c97334&sessionStarted=1683511991.205&campaignRefreshToken=b1dc1488-d16a-4776-8a30-9ae53b883c0f&hideController=false&pageLoadStartTime=1683511989477&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 07:47:32 GMT
x-amz-version-id: PRNCYnP3VYlcSQNkgU13mLYYfIN9p_Gw
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 1189539
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 95
last-modified: Mon, 17 Apr 2023 18:50:43 GMT
server: istio-envoy
etag: W/"b4ca5f0ecc404e3c35769971c076a425"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 726jkYbAnUhWdde5oh70GUbxd8jFt44ePlbtBbd6G6HL0sP9XlLSAQ==

GET
H2 200 17.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 8AD0 24 B
695 B 179ms
178ms Stylesheet
text/css 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/17.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=62f12277-33e1-44a5-b79b-d58254c97334&sessionStarted=1683511991.205&campaignRefreshToken=b1dc1488-d16a-4776-8a30-9ae53b883c0f&hideController=false&pageLoadStartTime=1683511989477&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 11:24:35 GMT
x-amz-version-id: 7PFLgyZz7a9JC7krApY9ZtGs_Mf2Wc2U
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: PRG50-C1
age: 4805316
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 11
content-length: 24
last-modified: Thu, 09 Mar 2023 19:38:32 GMT
server: istio-envoy
etag: "0c5dad92482d9a7c7c253510f5082465"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: aR80d0PKigcncWUfwNu_KzRQQV2rKRQYyBQ3_L2ITVgNwiEj17rLzQ==

GET
H2 200 17.81f008ad.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8AD0 91 KB
23 KB 132ms
131ms Script
application/javascript 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.81f008ad.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

ae3f6024712196dff7272f57c522e4048826b484f7336a97cc3e7f6f00d2d443

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=62f12277-33e1-44a5-b79b-d58254c97334&sessionStarted=1683511991.205&campaignRefreshToken=b1dc1488-d16a-4776-8a30-9ae53b883c0f&hideController=false&pageLoadStartTime=1683511989477&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 16:01:28 GMT
x-amz-version-id: pq2QZWEko7dMDbeq5q9U3.Qr6wYVodOo
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 1678303
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 33
last-modified: Mon, 17 Apr 2023 18:50:41 GMT
server: istio-envoy
etag: W/"2c5463d20bb9c942f4cb26607893067b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9_zvZyTquEggfnoPYyTIlBLiHjWxtXAqXiZOkZsXek3Y6z786GhOSw==

GET
H2 200 26.4be476ef.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8AD0 50 KB
14 KB 137ms
136ms Script
application/javascript 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.4be476ef.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

bbe46659150103403480eb003d999726b1cacb8df393a9a81bb73e55bed5b17e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=62f12277-33e1-44a5-b79b-d58254c97334&sessionStarted=1683511991.205&campaignRefreshToken=b1dc1488-d16a-4776-8a30-9ae53b883c0f&hideController=false&pageLoadStartTime=1683511989477&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 16:08:33 GMT
x-amz-version-id: zGngivDECkzJyqKu4JkeDo0ZKX5abs5H
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 295478
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Thu, 04 May 2023 15:31:52 GMT
server: istio-envoy
etag: W/"b532b2cc9ccdfeffb309a45d779d6f2b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7T8ouEYH1tPEjO45jeOxfaDVpxhvCAiDLteZHPc99brFJv-SP_63ow==

GET
H2 200 18.c662b6fd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8AD0 40 KB
13 KB 138ms
137ms Script
application/javascript 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.c662b6fd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

1b9bafdc56eb8a2d034dad879700061003ff8c8b2bb2a44a7439a9e0a0a5024a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=62f12277-33e1-44a5-b79b-d58254c97334&sessionStarted=1683511991.205&campaignRefreshToken=b1dc1488-d16a-4776-8a30-9ae53b883c0f&hideController=false&pageLoadStartTime=1683511989477&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 16:08:33 GMT
x-amz-version-id: wXZF1j22DPbbrBDsTlR5qtb2pwzJW62a
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 295478
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 25
last-modified: Thu, 04 May 2023 15:31:52 GMT
server: istio-envoy
etag: W/"e31a79dfb9f27638d3f1aaab102ff6fe"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 66G5IWFABbgArPUleKOQL5ma3nvjkNKCn53a3If3087_X_vXLFMzJQ==

GET
H2 200 52.b1edaf4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3CF0 23 KB
8 KB 133ms
130ms Script
application/javascript 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7cb58278c8f54a62c0afa6da0c67b3a45aad637a0bf614e9c0dd42b73cee266b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683511989477
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: TtzAkuiFg5ajpar.KJembGW97mIyyYtK
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 8671695
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Fri, 27 Jan 2023 17:00:21 GMT
server: istio-envoy
etag: W/"cd29b9bc973e48a7fcd0ee7153bdf03b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: nEwZjbMZxFAvdeFOa5ME5J9C07kZtqG6Td56lCBgaQ2tiauY-JMpnw==

GET
H2 200 36.b49bf23f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3CF0 36 KB
10 KB 134ms
131ms Script
application/javascript 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/36.b49bf23f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c2b7a45d31339f18ed57fd095feca4da1b3fbab75a5afbc053957f6e8e1613a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683511989477
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: SWSsVLzyOcOhQhmvR.pbvKyQeo7W0A10
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 8671694
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 20
last-modified: Fri, 27 Jan 2023 17:00:21 GMT
server: istio-envoy
etag: W/"4ae92c53ef226eb2a201fc855ccb7835"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: hSNShuo1JzBDm6qdDWUswnfQjUhwXj02UavZeDvGbBcJjI235ruohQ==

GET
H2 200 25.22647a55.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3CF0 32 KB
11 KB 136ms
133ms Script
application/javascript 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.22647a55.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

ec547a2f9fde5ce8e398da2810828ba3c30c641ce2761f5bf915225efb35f919

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683511989477
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 01:43:17 GMT
x-amz-version-id: 2vw0CtA.PHc4jRwS3xjJk01hiPMLFQVM
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 4840194
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Thu, 09 Mar 2023 19:38:34 GMT
server: istio-envoy
etag: W/"2ce6c446f71a395ff41647c9ba4b9c19"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: YKfY2zSKfiAhDGStLN8Slr3CZloZIZ1lkSzzj-TguiMtMFXiSNcMDg==

GET
H2 200 20.2ffef383.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3CF0 17 KB
6 KB 138ms
135ms Script
application/javascript 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.2ffef383.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

f46108976666130f89c43a82ee045f7a3afb264494060ef6b3d9eb6589e49d16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683511989477
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:57 GMT
x-amz-version-id: Sl_LzJMe7m6MkWEK9Fxqk3gRf.6SeAYu
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 8671694
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 26
last-modified: Fri, 27 Jan 2023 17:00:20 GMT
server: istio-envoy
etag: W/"ec6e94b6cea3a27506634867a8009ded"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: B9OtQZrk4VDVPf4LIQQoNgHeCyMZmJupglGbqKLtq6InkAYkTgjxmA==

GET
H2 200 42.67956b13.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3CF0 25 KB
8 KB 143ms
141ms Script
application/javascript 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/42.67956b13.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

9d88866c6295ffc0cadaa1ccb951367e196737a413482176d5787b70aae04ef0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683511989477
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 09:03:35 GMT
x-amz-version-id: kStUNJx9OfrLCb3RfCcun7rbKUSHEW0V
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 5159376
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 63
last-modified: Wed, 08 Mar 2023 16:58:41 GMT
server: istio-envoy
etag: W/"d53cdfd4559700cfe085380882a8e897"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: oRTqtIfHdQsdDN9LQv77NAfGzdg-zSpZ_qzEPnLvxMUZVCXensS1Pg==

GET
H2 200 21.b3438b1b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3CF0 74 KB
23 KB 144ms
141ms Script
application/javascript 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.b3438b1b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

3169ab3142fbf3ecf7eee1b5682a4556ed8a3d4ba940befa71c31b5a43991d92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683511989477
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 15:25:04 GMT
x-amz-version-id: yJgjq3Y.NdlvvlSrrkDFOHibDcUMWHhA
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 4963686
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 72
last-modified: Thu, 09 Mar 2023 19:38:34 GMT
server: istio-envoy
etag: W/"10e1bfa61646f14df045c581bc9410fd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 2uRqX9XUOXHr6UaOW4rrSEBvRAvuHUxwuZp105HkXmwWuY9xu8mkRw==

GET
H2 200 27.3951aad8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3CF0 66 KB
20 KB 146ms
143ms Script
application/javascript 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/27.3951aad8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e8e658c81a7ff92a6e0f9049ee3a8fc42082e8303abb6ed44c73361259cbdbae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683511989477
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 03:47:36 GMT
x-amz-version-id: g7ZHbBl4KoWAk4lQHatm3evbecfcfnIo
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 5091935
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 56
last-modified: Thu, 09 Mar 2023 19:38:34 GMT
server: istio-envoy
etag: W/"5b2b6d0508fe18c3efb6bcd6249fd4e1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: PVN8n3EiTOP2FlGyNZHvdtA4tWv28LYHTG5jnqfG-J5D8FQZ9ppfZA==

GET
H2 200 15.699b0dc7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3CF0 91 KB
28 KB 150ms
148ms Script
application/javascript 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.699b0dc7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

047d14c117d25e9e0a1a2ba3f4aa23a602d417fc7402294e484d20b19140ecf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683511989477
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 07:30:00 GMT
x-amz-version-id: n9GruAaETS.dTDHSMFxdmtIA_seQfzYP
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 5251391
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 84
last-modified: Tue, 07 Mar 2023 18:47:38 GMT
server: istio-envoy
etag: W/"43d1442a9d30453da9eaeb12b9daafff"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: F1CsZBOAFGTjH8Sz6xPltYk31NPgGSLHVZeaZzgMH_65Jel5sJZfyg==

GET
H2 200 12.d33926cb.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3CF0 23 KB
7 KB 154ms
151ms Script
application/javascript 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/12.d33926cb.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

28816769ece0ee343025ff388216c645e175c92cce4db6bd812a321b1ad345c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683511989477
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 09:37:26 GMT
x-amz-version-id: LixMHf6NcuoemyCPMkOefmX4oMvPmP6.
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 5330145
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 43
last-modified: Mon, 06 Mar 2023 18:17:47 GMT
server: istio-envoy
etag: W/"bdcb035523ec144399213aa65a8430ff"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: PxUwPAP4e0kOrp6xuv8YYYyiSIoGc4zmMhFMOGV8QovkBFBDGRcnvg==

GET
H2 200 19.8e79a39a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3CF0 62 KB
20 KB 159ms
157ms Script
application/javascript 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.8e79a39a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b7c5d1d3e03d31b9b450c0aac2972f3aef995be2a69ec5ecfa6200c4a321ef40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683511989477
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 10:52:57 GMT
x-amz-version-id: _7WO9g4j_sr0NEsyRo988G.ZrDiKBEza
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 4548014
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 30
last-modified: Mon, 13 Mar 2023 18:41:50 GMT
server: istio-envoy
etag: W/"c478a5bb4d7885e2b9250c6beeb4fd6d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 3AoMJhPDP89hUtGYzMquFr8Qo1fPyUyiqM-1TXRN-DjE2tieN0_Gsw==

GET
H2 200 50.de3b5864.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3CF0 105 KB
34 KB 160ms
158ms Script
application/javascript 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/50.de3b5864.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c8c302716cf94980a0d77e614d9fb6c430f166b5ef7c42b7c382771955e52ba6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683511989477
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: 1DnDsXjV5U2x4yjXf3GCnDIDPlyIffBu
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 8671695
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Fri, 27 Jan 2023 17:00:21 GMT
server: istio-envoy
etag: W/"114785899ceb423273fcc17aaad202e9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: f2jlhDTxXq1yev5uNWhZcBoTnohONvghS8Ud3T-e17O_akUZRPkhWg==

GET
H2 200 41.a1867ad4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3CF0 12 KB
4 KB 161ms
159ms Script
application/javascript 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/41.a1867ad4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d641c13a78017e11f15b152b78082bcd0cf474766f13ba649bfa6378d956c492

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683511989477
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 15:25:04 GMT
x-amz-version-id: bZ.OwCdGBDIKcnb7tqZ1Z1w7ZRrooMgn
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 4963686
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 37
last-modified: Thu, 09 Mar 2023 19:38:34 GMT
server: istio-envoy
etag: W/"299dd262bf32831c99dc78a9c5b5ca43"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 6UZNOsc-Mas9J_jpBxCV7vYFWgB97O5nVXrW8hd1iQ2iTzZeaXETHg==

GET
H2 200 30.57dfb56c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3CF0 13 KB
6 KB 161ms
159ms Script
application/javascript 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/30.57dfb56c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c96b2cd5b57e02ce65ab0a787a6c8ea69efbf424064e15500691847cd879e8ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683511989477
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: PRu.RNHym52TA_hlIcQB1Vv5VUA1vVKS
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 8671695
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Fri, 27 Jan 2023 17:00:21 GMT
server: istio-envoy
etag: W/"b8addee34a5cd2241740a2e3094039b3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: rlaweeQO5M8JtdMipdGZfX6_BdhfaGMAXQnLjM1RgLaADz86i1v4dA==

GET
H2 200 22.4cb40074.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3CF0 17 KB
7 KB 161ms
160ms Script
application/javascript 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.4cb40074.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

cdeb836f7f77cd2174fa0bb4aa3825963aa64faf657a24f988b82f1c4d28ce69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683511989477
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 15:25:26 GMT
x-amz-version-id: ykeUDE2sWwwza8uCQZo8fLwm_hGj240R
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 7037265
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 39
last-modified: Wed, 15 Feb 2023 15:10:12 GMT
server: istio-envoy
etag: W/"6cf24f8ea74f43662c776ce6af09d469"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 2hNOALy5aTOUbHnPCfMBhf_5ipHTfH35UjLzsCH3DsK_WBSw_XslJA==

GET
H2 200 9.b5c2854f.chunk.css
js.driftt.com/core/assets/css/ Frame 3CF0 31 KB
4 KB 161ms
160ms Stylesheet
text/css 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/9.b5c2854f.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

178c7e0dd0c602d457b8d91dd18b916c3f4220794fccb6067cac187f0c753795

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683511989477
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 13:04:48 GMT
x-amz-version-id: LhcyJeU2kFf26i1b16YWESXZ4pGeN9QF
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 3071303
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 40
last-modified: Wed, 29 Mar 2023 16:46:52 GMT
server: istio-envoy
etag: W/"9ef689f5d4cb5dab3b0e463418857c2f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: pJdRZu3cEEj-OSaU9bxVAT9H49ydZz6lmIkJobot7Khv4kTkN3zRJg==

GET
H2 200 9.c3fb736e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3CF0 80 KB
25 KB 163ms
162ms Script
application/javascript 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.c3fb736e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

97835f51936631312648ce4198cd92c85beae9e09e3cdaff439c57ffccc5c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683511989477
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 07:47:32 GMT
x-amz-version-id: PRNCYnP3VYlcSQNkgU13mLYYfIN9p_Gw
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 1189539
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 95
last-modified: Mon, 17 Apr 2023 18:50:43 GMT
server: istio-envoy
etag: W/"b4ca5f0ecc404e3c35769971c076a425"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: M7kHdgz7nzakrS8Bb99vWuiPAhsE3vsnRgbuL0QflVHLP70gkAPd_Q==

GET
H2 200 17.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 3CF0 24 B
695 B 161ms
161ms Stylesheet
text/css 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/17.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683511989477
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 11:24:35 GMT
x-amz-version-id: 7PFLgyZz7a9JC7krApY9ZtGs_Mf2Wc2U
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: PRG50-C1
age: 4805316
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 11
content-length: 24
last-modified: Thu, 09 Mar 2023 19:38:32 GMT
server: istio-envoy
etag: "0c5dad92482d9a7c7c253510f5082465"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: iT3b5aGk1EgKc8F6jJPj81r5kWz6LHzkKeoDVrSdQCvwx4RghptXQg==

GET
H2 200 17.81f008ad.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3CF0 91 KB
23 KB 165ms
164ms Script
application/javascript 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.81f008ad.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

ae3f6024712196dff7272f57c522e4048826b484f7336a97cc3e7f6f00d2d443

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683511989477
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 16:01:28 GMT
x-amz-version-id: pq2QZWEko7dMDbeq5q9U3.Qr6wYVodOo
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 1678303
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 33
last-modified: Mon, 17 Apr 2023 18:50:41 GMT
server: istio-envoy
etag: W/"2c5463d20bb9c942f4cb26607893067b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: XzDLfnlhl3P6B-R9Psyvs_KhWPr5Cnw5bsXJ2Re41Kv0EXprof25EA==

GET
H2 200 26.4be476ef.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3CF0 50 KB
14 KB 167ms
167ms Script
application/javascript 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.4be476ef.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

bbe46659150103403480eb003d999726b1cacb8df393a9a81bb73e55bed5b17e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683511989477
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 16:08:33 GMT
x-amz-version-id: zGngivDECkzJyqKu4JkeDo0ZKX5abs5H
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 295478
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Thu, 04 May 2023 15:31:52 GMT
server: istio-envoy
etag: W/"b532b2cc9ccdfeffb309a45d779d6f2b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tjgKZCanlLHXNewkztnm6_xEzjuLhdl4IJWvbd2gUZF1Vy_uGzpRuA==

GET
H2 200 18.c662b6fd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3CF0 40 KB
13 KB 168ms
167ms Script
application/javascript 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.c662b6fd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

1b9bafdc56eb8a2d034dad879700061003ff8c8b2bb2a44a7439a9e0a0a5024a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683511989477
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 16:08:33 GMT
x-amz-version-id: wXZF1j22DPbbrBDsTlR5qtb2pwzJW62a
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 295478
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 25
last-modified: Thu, 04 May 2023 15:31:52 GMT
server: istio-envoy
etag: W/"e31a79dfb9f27638d3f1aaab102ff6fe"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: WcswyZCkR6SkssJuWKNDqMU95TdbM5L1OQDaIM8Mfc4YtMI6X2RGVA==

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
494 B 234ms
234ms Image
image/gif 23.36.162.205
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: cofense2022stg.wpengine.com
URL: https://cofense2022stg.wpengine.com/blog/malicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.205 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-205.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:11 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8AD0 9 KB
3 KB 49ms
48ms Script
application/javascript 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=62f12277-33e1-44a5-b79b-d58254c97334&sessionStarted=1683511991.205&campaignRefreshToken=b1dc1488-d16a-4776-8a30-9ae53b883c0f&hideController=false&pageLoadStartTime=1683511989477&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 05:13:02 GMT
x-amz-version-id: .8p7tHE2GxwgsORcKGGO_9nFMPZWnSsu
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 4654809
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 76
last-modified: Mon, 13 Mar 2023 18:41:49 GMT
server: istio-envoy
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: dq78RhMHrxGfnrPt-5Wvk9Tkvoz49G9l1an1mqFs1ujk7X6UfWZ8dg==

GET
H2 200 28.01a0fe87.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8AD0 35 KB
10 KB 45ms
45ms Script
application/javascript 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.01a0fe87.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

fffcc021124d70080ddd0c52562645c46e03ff39c924ced85c1bfd62cb8b8767

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=62f12277-33e1-44a5-b79b-d58254c97334&sessionStarted=1683511991.205&campaignRefreshToken=b1dc1488-d16a-4776-8a30-9ae53b883c0f&hideController=false&pageLoadStartTime=1683511989477&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:57 GMT
x-amz-version-id: oCx9yWccW.dlty4hHqWiey7h_DwTeEBh
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 8671694
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 22
last-modified: Fri, 27 Jan 2023 17:00:21 GMT
server: istio-envoy
etag: W/"0ad089f0617a0fa8014a23c2afa90ddd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 35BGNjvDCM71_a-Klg7_E-wmRPiyfzeaRqSAT9ver_jt5CLjauxXhA==

GET
H2 200 29.9bf46b67.chunk.css
js.driftt.com/core/assets/css/ Frame 8AD0 8 KB
2 KB 42ms
42ms Stylesheet
text/css 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/29.9bf46b67.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

4eda4b5575532ad6a713d3d9bbcde581c519d9b8d0202363925ddc80049eed6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=62f12277-33e1-44a5-b79b-d58254c97334&sessionStarted=1683511991.205&campaignRefreshToken=b1dc1488-d16a-4776-8a30-9ae53b883c0f&hideController=false&pageLoadStartTime=1683511989477&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:57 GMT
x-amz-version-id: qzro7282BXz7SnLdWr3hLeI1pZAqJ2A1
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 8671694
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Fri, 27 Jan 2023 17:00:18 GMT
server: istio-envoy
etag: W/"4f21faf2ba450e5fcdf7eda90813e185"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: c-avhMwkinNBPVNKPCM0IX98IceFIcvS3N4LgJjcxft4XUZwAqA_9A==

GET
H2 200 29.98c2b316.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8AD0 14 KB
6 KB 43ms
43ms Script
application/javascript 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/29.98c2b316.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c6b2815294e64eb3d9e30955673ae3b60a486ae5b7dfcc7e48c0e2a4fe7301de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=62f12277-33e1-44a5-b79b-d58254c97334&sessionStarted=1683511991.205&campaignRefreshToken=b1dc1488-d16a-4776-8a30-9ae53b883c0f&hideController=false&pageLoadStartTime=1683511989477&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 18:08:56 GMT
x-amz-version-id: aizM0H1Fdw3zzppb3P2Ok7x7JUMOS1IQ
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 3571455
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 37
last-modified: Mon, 27 Mar 2023 17:53:25 GMT
server: istio-envoy
etag: W/"6526b5009cc642f706e7156982e7429b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: daJxD7Zp8K-dV-DCuO09qsrVCyUB5WoLlK2jmdz04zCmmnKxDvOm8A==

GET
H2 200 23.c695453b.chunk.css
js.driftt.com/core/assets/css/ Frame 8AD0 365 B
1 KB 41ms
41ms Stylesheet
text/css 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/23.c695453b.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=62f12277-33e1-44a5-b79b-d58254c97334&sessionStarted=1683511991.205&campaignRefreshToken=b1dc1488-d16a-4776-8a30-9ae53b883c0f&hideController=false&pageLoadStartTime=1683511989477&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 15:25:26 GMT
x-amz-version-id: JFaqZy69NwkYwPRskCJMqjuf0WwUdgeN
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: PRG50-C1
age: 7037265
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 24
content-length: 365
last-modified: Wed, 15 Feb 2023 15:10:08 GMT
server: istio-envoy
etag: "06b2963b029c0824382815165bfea73e"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7QpYq8UpYlhHZGc8m2K_zE6gDqFQ-wkpGMbSGs4hEeUP_dDtXYeNeA==

GET
H2 200 23.ed4e6d8f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8AD0 91 KB
25 KB 43ms
43ms Script
application/javascript 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/23.ed4e6d8f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7c4cddc44e59d49ccbfdaf1b57cca9884b74ee1710671c7d9fa974e3fae6f507

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=62f12277-33e1-44a5-b79b-d58254c97334&sessionStarted=1683511991.205&campaignRefreshToken=b1dc1488-d16a-4776-8a30-9ae53b883c0f&hideController=false&pageLoadStartTime=1683511989477&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 16:38:37 GMT
x-amz-version-id: xN70QZOgyKQKNnP0o5N59vnLWimajx0E
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 984874
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Wed, 26 Apr 2023 15:35:22 GMT
server: istio-envoy
etag: W/"697b9f051ece7b5f2c5dbe85f673b6cd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 0xJZgVfQ21U29txlQFzJs18IN4mFKEtwUo99U9_0tAJRzLuFcR7Jaw==

GET
H2 200 38.11d2b6a7.chunk.css
js.driftt.com/core/assets/css/ Frame 3CF0 3 KB
1 KB 41ms
41ms Stylesheet
text/css 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/38.11d2b6a7.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683511989477
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:57 GMT
x-amz-version-id: hzHYKpyiaZmITNnBC_LqpsxusmNF7FFl
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 8671694
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 15
last-modified: Fri, 27 Jan 2023 17:00:18 GMT
server: istio-envoy
etag: W/"87532c4db85f1429fa6d759bc3332f36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ZzAFLUiiMxkORnMziTV-6io8qPytn1cZinDlcXyAaKADix9e8uAzCA==

GET
H2 200 38.2c907ce3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3CF0 3 KB
2 KB 42ms
41ms Script
application/javascript 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/38.2c907ce3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

0c07bf805e857013386ec7ea2d26911aed5c827ee90e71a94188553c6d8ef337

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683511989477
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 02:25:27 GMT
x-amz-version-id: onuGT4zz_sU4hr3DlBgxbQIuxLjpFV9f
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 4924064
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 37
last-modified: Thu, 09 Mar 2023 19:38:34 GMT
server: istio-envoy
etag: W/"ad63bf20f878fb64a363281ee85aa567"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ViXboacEypVV-alM_cngQ-q6hZy8bVeJEfZXQCad_7tmcUPPdhXQMg==

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3CF0 9 KB
3 KB 41ms
39ms Script
application/javascript 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683511989477
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 05:13:02 GMT
x-amz-version-id: .8p7tHE2GxwgsORcKGGO_9nFMPZWnSsu
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 4654810
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 76
last-modified: Mon, 13 Mar 2023 18:41:49 GMT
server: istio-envoy
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: kM3zw_EMEx--rpWI86SQZSqzi0yQ5d0LXpFmBC5h45sy_oMAvv66bg==

GET
H2 200 3.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame 3CF0 7 KB
2 KB 47ms
46ms Stylesheet
text/css 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/3.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683511989477
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 09:37:27 GMT
x-amz-version-id: CYpJUpLsrt_yVPBXibTN8q4juq7z.hOQ
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 5330145
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 37
last-modified: Mon, 06 Mar 2023 18:17:45 GMT
server: istio-envoy
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: mCtDuiqBm_dic86-BiWBMJEMh73Rnjv4tF8WkZtFKHHTvWmaxegFng==

GET
H2 200 3.f50b964b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3CF0 54 KB
15 KB 46ms
45ms Script
application/javascript 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/3.f50b964b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d14e287ddae470b06c4639e73260ca21a4c9b7cfdf56e02965a8f50fb5333b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683511989477
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 03:20:06 GMT
x-amz-version-id: juDlQvNFZgXbUNZf6yx_ugXQ4QpgKA.z
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 4575186
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 32
last-modified: Mon, 13 Mar 2023 18:41:51 GMT
server: istio-envoy
etag: W/"1ac37bf2b93050f29058b66a9ad43e10"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: unG4zy04x-v_XhlnPcn_JE1f37HyOlYmLs4B9f-_BIoOfNEOtjuO1A==

GET
H2 200 1.02a6af84.chunk.css
js.driftt.com/core/assets/css/ Frame 3CF0 44 KB
7 KB 42ms
41ms Stylesheet
text/css 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/1.02a6af84.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

120def079fc4e239098c571e178a9a1b73746f05c6f65a97cd7291b8c13aa401

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683511989477
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 00:54:48 GMT
x-amz-version-id: kVG6e2XpYSXGu4ZmSc1dlbbR9t.nHbNx
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 5102304
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 84
last-modified: Thu, 09 Mar 2023 19:38:31 GMT
server: istio-envoy
etag: W/"295093fc512c5e44a90c3c28242de8ae"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 58vLTKHaZnmcSchpxZHIXZDX-_470xSlNaw_XkefKjvdf55cegPsoA==

GET
H2 200 1.dd688aaf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3CF0 53 KB
17 KB 44ms
43ms Script
application/javascript 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.dd688aaf.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d3ed94b69049a6046b0472b87a4d1be0a1c9482c9edc3793bf72714c82c7ce0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683511989477
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 20:29:53 GMT
x-amz-version-id: EYuyMkYTdV6Sz.Tu3e2Qz8Z_YPV77rIe
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 2785399
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 20
last-modified: Wed, 05 Apr 2023 19:06:48 GMT
server: istio-envoy
etag: W/"456df11dba646f06e80bbae67a65aad8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: LUbmktFWm1v8_5ZP0yIaWbRKz6-Fr0Dsh063jzrbPNzdpn7rAjMzrg==

GET
H2 200 4.b4477698.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3CF0 23 KB
10 KB 44ms
44ms Script
application/javascript 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/4.b4477698.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

277725f80d5c0175c2a996fe1eea07395b87ec1bd0496353409e99e96024816e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683511989477
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 20:29:53 GMT
x-amz-version-id: 0s5HvDu7I8ZUWeiRZtf_7BJNbUsVlUik
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 2785399
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 21
last-modified: Wed, 05 Apr 2023 19:06:49 GMT
server: istio-envoy
etag: W/"ec2b0368f8359c0e46e2bfb9cf8e79ef"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: mkG2NW77j2hH9RCuiMndpSUqfy5TydkKHlmdM232Lq5--mZaPdxxRQ==

GET
H2 200 35.a3318c5e.chunk.css
js.driftt.com/core/assets/css/ Frame 3CF0 14 KB
3 KB 47ms
46ms Stylesheet
text/css 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/35.a3318c5e.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

f3342c52eee43a2ea931cae2ee2d6d9a2939432ffcb03bb4f2983ac7e49b26cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683511989477
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:23:21 GMT
x-amz-version-id: .Qx9Y0gU9g3o.rVP1g.ErQa6wXaiIqXc
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 4657791
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 26
last-modified: Mon, 13 Mar 2023 18:41:48 GMT
server: istio-envoy
etag: W/"b06e02b360914b25e58305b1b9b954dc"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: PiFDXsUYoy_vUjmqD_plZE6Eny3RTNA95CnWjDcx_0yuGwX5HSZkYg==

GET
H2 200 35.46d29dea.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3CF0 12 KB
5 KB 43ms
42ms Script
application/javascript 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.46d29dea.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

2693e158a319fe2c6576e7fdd76ad78ca5e0235cce4418503e5fee2e7426b2d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683511989477
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 19:38:52 GMT
x-amz-version-id: xuvYWNeKM10RQbhB8D3mlc4N6CStBtYA
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 801260
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Fri, 28 Apr 2023 19:33:22 GMT
server: istio-envoy
etag: W/"8195467360aaef75c927565e2e787326"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: hp81BcfBMemXhcblkEGB3KMyU-JoeyNZt4q3x4dmIzc3j-5tCGNeWQ==

POST
H2 200 v2 Show response
bootstrap.api.drift.com/widget_bootstrap/ping/ Frame 8AD0 161 B
601 B 393ms
123ms XHR
application/json 34.193.113.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-113-164.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

814d45cce5caa5b45bc44934f24e210c64cb36ba1438a14d40ad7d23784e78e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 08 May 2023 02:13:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: 6dbf7e168476ef4d
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 4
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 161

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=C02D009704D8495EA69FF0AE39080886&RedC=c.clarity.ms&MXFR=3BF8B9B2A548698709D4AAB9A148678E
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C02D009704D8495EA69FF0AE39080886&MUID=1A68D427D0D765A20BCDC72CD17B640F

42 B
443 B

61ms
60ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C02D009704D8495EA69FF0AE39080886&MUID=1A68D427D0D765A20BCDC72CD17B640F
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 02:13:11 GMT
last-modified: Thu, 04 May 2023 15:33:28 GMT
server: Microsoft-IIS/10.0
etag: "6de038c69d7ed91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 08 May 2023 02:13:11 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BE125C3FC7734C88BCC0649E52FA19D5 Ref B: FRA31EDGE0111 Ref C: 2023-05-08T02:13:12Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C02D009704D8495EA69FF0AE39080886&MUID=1A68D427D0D765A20BCDC72CD17B640F
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H/1.1 204
No Content collect Show response
u.clarity.ms/ 0
307 B 121ms
121ms XHR
text/plain 4.227.249.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.7/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.227.249.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://cofense2022stg.wpengine.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://cofense2022stg.wpengine.com
Date: Mon, 08 May 2023 02:13:12 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

POST
H2 200 v3 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 8AD0 25 B
89 B 142ms
134ms XHR
application/json 34.193.113.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v3

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-113-164.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 08 May 2023 02:13:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: 6ddf119074a27732
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 13
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25

POST
H2 200 widget_bootstrap Show response
bootstrap.api.drift.com/ Frame 8AD0 21 KB
8 KB 493ms
493ms XHR
application/json 34.193.113.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-113-164.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

1e98fb526604153b17fc4e47a5bf122c3ff20e46671b6229d459db91c8bca22e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 08 May 2023 02:13:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: istio-envoy
requestid: 30446b7a61df3f9d
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 375
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 235ms
234ms Image
image/gif 23.36.162.205
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.205 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-205.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:12 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 200 track Show response
event.api.drift.com/ Frame 8AD0 757 B
816 B 122ms
122ms XHR
application/json 34.193.113.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-113-164.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

7f1db47aa95b89d809a895a86f32c61d05637c7ed8dead59e19e11cc0b4489ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxODE3NTg2NDM5NSIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjE0NTI4NjgiLCJleHAiOjE3MTUxMzQzOTIsImlhdCI6MTY4MzUxMTk5Mn0.Kz4fCZfkLhR5x1K-3qrwY0l6qorhN2_15T6etPUIgGIZnAn1eb-Hi1LLbgIgb02laXAR_45yiA3okGLC8eBKRw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 08 May 2023 02:13:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: 17eb1df79fe7d640
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 757

OPTIONS
H2 200 track
event.api.drift.com/ Frame 0
0 142ms
120ms Preflight
text/plain 34.193.113.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-113-164.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Mon, 08 May 2023 02:13:13 GMT
requestid: driftaa9852949f1b4af8de16bd13a5a
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1

POST
H2 200 evaluate_with_log Show response
targeting.api.drift.com/targeting/ Frame 8AD0 1 KB
511 B 121ms
121ms XHR
application/json 34.193.113.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/targeting/evaluate_with_log

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-113-164.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

6c045720214936d18be1a7a1bad67cb007e9fd7cf8830f0baf03153863ad1ca1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxODE3NTg2NDM5NSIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjE0NTI4NjgiLCJleHAiOjE3MTUxMzQzOTIsImlhdCI6MTY4MzUxMTk5Mn0.Kz4fCZfkLhR5x1K-3qrwY0l6qorhN2_15T6etPUIgGIZnAn1eb-Hi1LLbgIgb02laXAR_45yiA3okGLC8eBKRw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 08 May 2023 02:13:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: istio-envoy
requestid: cb662aaa4085928
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 448

OPTIONS
H2 200 evaluate_with_log
targeting.api.drift.com/targeting/ Frame 0
0 152ms
119ms Preflight
text/plain 34.193.113.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/targeting/evaluate_with_log

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-113-164.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Mon, 08 May 2023 02:13:13 GMT
requestid: drift2de3b674f7a821ea39aa86b7ba2
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 237ms
236ms Image
image/gif 23.36.162.205
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.205 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-205.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:13 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

OPTIONS
H2 200 render_initial_v3
flow.api.drift.com/flows/ Frame 0
0 126ms
119ms Preflight
text/plain 34.193.113.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://flow.api.drift.com/flows/render_initial_v3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-113-164.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Mon, 08 May 2023 02:13:13 GMT
requestid: drift19bfb904cd58b48b14ffade1900
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1

POST
H2 200 render_initial_v3 Show response
flow.api.drift.com/flows/ Frame 8AD0 3 KB
2 KB 149ms
148ms XHR
application/json 34.193.113.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://flow.api.drift.com/flows/render_initial_v3

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-113-164.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

19f02e3764fa76eb984a91b00197fcd2722dd8cb9b3b50d65330ec4cc397c4c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxODE3NTg2NDM5NSIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjE0NTI4NjgiLCJleHAiOjE3MTUxMzQzOTIsImlhdCI6MTY4MzUxMTk5Mn0.Kz4fCZfkLhR5x1K-3qrwY0l6qorhN2_15T6etPUIgGIZnAn1eb-Hi1LLbgIgb02laXAR_45yiA3okGLC8eBKRw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 08 May 2023 02:13:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: istio-envoy
requestid: 71d0be2c3de7e1c9
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 30
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 1891

OPTIONS
H2 200 widget
targeting.api.drift.com/impressions/ Frame 0
0 121ms
120ms Preflight
text/plain 34.193.113.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/impressions/widget

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-113-164.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Mon, 08 May 2023 02:13:14 GMT
requestid: driftc6422b748a59070c53c68edb638
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 2

POST
H2 204 widget Show response
targeting.api.drift.com/impressions/ Frame 8AD0 0
39 B 131ms
130ms XHR
text/plain 34.193.113.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/impressions/widget

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-113-164.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxODE3NTg2NDM5NSIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjE0NTI4NjgiLCJleHAiOjE3MTUxMzQzOTIsImlhdCI6MTY4MzUxMTk5Mn0.Kz4fCZfkLhR5x1K-3qrwY0l6qorhN2_15T6etPUIgGIZnAn1eb-Hi1LLbgIgb02laXAR_45yiA3okGLC8eBKRw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 08 May 2023 02:13:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: 3682fbce7068ebc1
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-credentials: true
x-envoy-upstream-service-time: 12
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 42ms
41ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&aip=1&a=539072950&t=event&ni=1&_s=2&dl=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F&ul=en-us&de=UTF-8&dt=Malicious%20email%20campaigns%20abusing%20Telegram%20bots%20rise%20tremendously%20in%20Q1%202023%2C%20surpassing%20all%20of%202022%20by%20310%25&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Drift%20Widget&ea=Playbook%20Fired&el=Playbook%20ID%3A%202612604&_u=aDDAgUABAAAAAEAAI~&jid=&gjid=&cid=1811158415.1683511991&tid=UA-114787942-1&_gid=270694846.1683511991&gtm=45He3530n815RQ37KH&z=1322394748

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 May 2023 00:10:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 7373
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 58.377a2854.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8AD0 18 KB
7 KB 42ms
41ms Script
application/javascript 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/58.377a2854.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

130688f16399fc1980b2900037a220bc182f4b0c320621dc7d70ec721514765e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=28krvx2uf9n3&eId=28krvx2uf9n3&region=US&forceShow=false&skipCampaigns=false&sessionId=62f12277-33e1-44a5-b79b-d58254c97334&sessionStarted=1683511991.205&campaignRefreshToken=b1dc1488-d16a-4776-8a30-9ae53b883c0f&hideController=false&pageLoadStartTime=1683511989477&mode=CHAT&driftEnableLog=false&loadStrategy=EAGER&secureIframe=false&u=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 00:55:20 GMT
x-amz-version-id: 13ChxJhpS35pWMpxNS7AjbGvtgnblU9t
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 5102274
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 55
last-modified: Thu, 09 Mar 2023 19:38:35 GMT
server: istio-envoy
etag: W/"33f417d96bdfff4c4e2ac5468c815f07"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: bwNHrXPeW6AQct5hfAjFdnsJytmlfCGGa8V1xQrjGLxqNTkCMF3czw==

GET
H2 200 58.377a2854.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3CF0 18 KB
7 KB 41ms
41ms Script
application/javascript 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/58.377a2854.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.dc7863b5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

130688f16399fc1980b2900037a220bc182f4b0c320621dc7d70ec721514765e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1683511989477
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 00:55:20 GMT
x-amz-version-id: 13ChxJhpS35pWMpxNS7AjbGvtgnblU9t
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 5102274
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 55
last-modified: Thu, 09 Mar 2023 19:38:35 GMT
server: istio-envoy
etag: W/"33f417d96bdfff4c4e2ac5468c815f07"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: izhptViuZmbWdZrNsfR4G1mgeD9ZDRCJBb8WaHmCrq5dFKd5eFciwA==

GET
H2 200 https%3A%2F%2Fdriftt.imgix.net%2Fhttps%253A%252F%252Fs3.amazonaws.com%252Fcustomer-api-avatars-prod%252F2106400%252F13690614ba4dc30e40747e74e1535a5adzn4mi89fik3%3Ffit%3Dmax%26fm%3Dpng%26h%3D200%26w...
driftt.imgix.net/ Frame 8AD0 23 KB
24 KB 224ms
40ms Image
image/png 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://driftt.imgix.net/https%3A%2F%2Fdriftt.imgix.net%2Fhttps%253A%252F%252Fs3.amazonaws.com%252Fcustomer-api-avatars-prod%252F2106400%252F13690614ba4dc30e40747e74e1535a5adzn4mi89fik3%3Ffit%3Dmax%26fm%3Dpng%26h%3D200%26w%3D200%26s%3D3d628948700c6adffa763ed302d1aec1?fit=max&fm=png&h=200&w=200&s=b89b9dce21f66015eedf860da053c36f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

4bfadbef6403a8d94ce18f4c015c320c8627a0ecaf0e2633ae3e7c601cd00f14

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:14 GMT
x-content-type-options: nosniff
age: 541176
x-cache: HIT, HIT
x-imgix-id: d04eb3767b21ab893dc52f931064ba93d0abf9dd
cross-origin-resource-policy: cross-origin
content-length: 23915
x-served-by: cache-sjc10076-SJC, cache-fra-eddf8230075-FRA
x-imgix-render-farm: 01.8784
last-modified: Mon, 01 May 2023 19:53:38 GMT
server: imgix
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
js.driftt.com/deploy/assets/static/fonts/ Frame 8AD0 38 KB
39 KB 42ms
42ms Font
font/woff2 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/static/fonts/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/css/9.b5c2854f.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

fbeb296c1ecc216a17bda77bf65e833cc0410cfbe1908e121f7a4549cc390675

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/assets/css/9.b5c2854f.chunk.css
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 13:43:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 5228981
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 120
content-length: 39372
last-modified: Fri, 03 Mar 2023 16:21:38 GMT
server: istio-envoy
etag: "40b6965b5cd26213faf61e5ab6765bb9"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/font-woff2,font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1p5hXekIM1QCGVGQEhXFzrSPUP4nUfCPKVpKzsyjNo13behHLgvh1Q==

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
js.driftt.com/deploy/assets/static/fonts/ Frame 3CF0 38 KB
39 KB 42ms
42ms Font
font/woff2 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/static/fonts/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/css/9.b5c2854f.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

fbeb296c1ecc216a17bda77bf65e833cc0410cfbe1908e121f7a4549cc390675

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/assets/css/9.b5c2854f.chunk.css
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 13:43:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 5228981
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 120
content-length: 39372
last-modified: Fri, 03 Mar 2023 16:21:38 GMT
server: istio-envoy
etag: "40b6965b5cd26213faf61e5ab6765bb9"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/font-woff2,font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Ur4QPosdefIc_EN8QT64OVgvaiFc4d5YMaT1x-ZqrdPdsiys3YQkYA==

GET
H2 200 4.3b34b074.chunk.js Show response
js.driftt.com/conductor/assets/ 158 B
854 B 41ms
40ms Script
application/javascript 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/conductor/assets/4.3b34b074.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1683512100000/28krvx2uf9n3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

574aecd6793a65225977300bbb170085109bf62527488370869dd0678d52369e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 02:50:37 GMT
x-amz-version-id: _YQp4xLG7kOSUKXc9UdOX6TfZGekAnRj
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: PRG50-C1
age: 4144957
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 12
content-length: 158
last-modified: Mon, 20 Mar 2023 19:07:05 GMT
server: istio-envoy
etag: "04cb478629934587f65fb92a62238885"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: GDFPMoAO7R0wHQCUdV7R9hMsDIL1F9BPAOuU5BI564H8eayMy2ALEQ==

GET
H2 206 notification.5f7c6014.mp3
js.driftt.com/conductor/assets/media/ 8 KB
8 KB 42ms
42ms Media
audio/mpeg 65.9.95.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/conductor/assets/media/notification.5f7c6014.mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-66.prg50.r.cloudfront.net

Software

nginx /

Resource Hash

bf06f41bb3a1429115fa2dcfbee9986234d6d319da3597648e4e980340d52027

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cofense2022stg.wpengine.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 20 May 2022 04:40:28 GMT
x-amz-version-id: wV32vUIfShKu7wTOM.13Fb46XZ95E34K
via: 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: PRG50-C1
age: 30490366
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
Content-Range: bytes 0-7754/7755
Content-Length: 7755
last-modified: Wed, 18 May 2022 17:52:15 GMT
server: nginx
etag: "5f7c6014cf73831f91963a668b71fbb9"
access-control-allow-methods: GET, POST, OPTIONS
content-type: audio/mpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: x98WuDQfjB-upRVjwxHtsLN_7NRGoZ7t-u5MZKR7ksYg_9yE-A_G_w==

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
494 B 239ms
239ms Image
image/gif 23.36.162.205
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.205 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-205.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:14 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/event3/ Frame 8AD0 25 B
108 B 139ms
139ms XHR
application/json 34.193.113.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event3/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-113-164.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 08 May 2023 02:13:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: f717d785b4837bfc
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 13
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 237ms
237ms Image
image/gif 23.36.162.205
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.205 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-205.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:15 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 48ms
47ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-3G76T4W3LR&gtm=45je3530&_p=539072950&cid=1811158415.1683511991&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1683511990&sct=1&seg=0&dl=https%3A%2F%2Fcofense2022stg.wpengine.com%2Fblog%2Fmalicious-email-campaigns-abusing-telegram-bots-rise-tremendously-in-q1-2023-surpassing-all-of-2022-by-310%2F&dt=Malicious%20email%20campaigns%20abusing%20Telegram%20bots%20rise%20tremendously%20in%20Q1%202023%2C%20surpassing%20all%20of%202022%20by%20310%25&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3G76T4W3LR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cofense2022stg.wpengine.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 08 May 2023 02:13:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cofense2022stg.wpengine.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
u.clarity.ms/ 0
307 B 122ms
121ms XHR
text/plain 4.227.249.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.7/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.227.249.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://cofense2022stg.wpengine.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://cofense2022stg.wpengine.com
Date: Mon, 08 May 2023 02:13:16 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
494 B 249ms
249ms Image
image/gif 23.36.162.205
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.205 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-205.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:16 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
494 B 236ms
235ms Image
image/gif 23.36.162.205
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.205 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-205.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:17 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 200 v2 Show response
metrics.api.drift.com/monitoring/metrics/add/bulk/ Frame 8AD0 25 B
107 B 120ms
120ms XHR
application/json 34.193.113.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/add/bulk/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-113-164.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 08 May 2023 02:13:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: 44ea6a354e2e4702
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 234ms
234ms Image
image/gif 23.36.162.205
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.205 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-205.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cofense2022stg.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 08 May 2023 02:13:18 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H/1.1 204
No Content collect Show response
u.clarity.ms/ 0
307 B 123ms
123ms XHR
text/plain 4.227.249.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.7/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.227.249.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://cofense2022stg.wpengine.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://cofense2022stg.wpengine.com
Date: Mon, 08 May 2023 02:13:19 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

Verdicts & Comments Add Verdict or Comment

113 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
cofense2022stg.wpengine.com/	1969-12-31 23:59:59	Name: wp-wpml_current_language Value: en
.wpengine.com/	1970-01-20 13:48:07	Name: _gcl_au Value: 1.1.914204375.1683511990
.techtarget.com/	1970-01-20 11:38:33	Name: __cf_bm Value: AM.G812xnZWdtvduzUIv_kTObQvrykNUJicoCwK3IzU-1683511990-0-AdUPa+kKt6FVu5sIcfOF2V01e5rpPt45E/WssSlX8z8NNYtcdyAxmMmAtVau3K88hIWZ+eYuG0Os3WoapX3mzyU=
.wpengine.com/	1970-01-20 21:14:31	Name: _mkto_trk Value: id:404-JHU-612&token:_mch-wpengine.com-1683511990730-48348
www.clarity.ms/	1970-01-20 20:24:07	Name: CLID Value: 273993128f184e80bb554169ea0d16e2.20230508.20240507
.wpengine.com/	1970-01-20 21:14:31	Name: __q_state_H3wWDXLUxD4irieG Value: eyJ1dWlkIjoiMjE5MzdjMDctYjUzZS00OTk0LWJjZTctYmM0OTBiNjMzYmRlIiwiY29va2llRG9tYWluIjoid3BlbmdpbmUuY29tIn0=
.wpengine.com/	1970-01-20 21:14:31	Name: _ga Value: GA1.2.1811158415.1683511991
.wpengine.com/	1970-01-20 11:39:58	Name: _gid Value: GA1.2.270694846.1683511991
.wpengine.com/	1970-01-20 11:38:32	Name: _dc_gtm_UA-114787942-1 Value: 1
.ws.zoominfo.com/	1970-01-20 20:24:07	Name: visitorId Value: 82fd9a1a4c38e8766b200cf152a3011aeaa9e7e296dcd4b59f86012b22205369
.zoominfo.com/	1970-01-20 11:38:33	Name: __cf_bm Value: 6DeBiscoddjj9_YO4BUVIs0Fn9m4p8i7YYf0Foqzrgg-1683511990-0-AQV3YW/uHFg2Y5KOvKfBIMFYfkcz7J8BwcwjB8bEHyUh4w4LRubkHqq64dNCN1XjBWA114rzlqETBKyyWz+AgGs=
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: k6WoP1DnxwreP.5e9CtK9yBP8aDnfs3Atapy6pEHWn8-1683511990772-0-604800000
.wpengine.com/	1970-01-20 20:24:07	Name: _clck Value: ttmzqa\|1\|fbf\|0
cofense2022stg.wpengine.com/	1970-01-20 11:48:36	Name: _an_uid Value: 0
cofense2022stg.wpengine.com/	1970-01-20 21:14:31	Name: _gd_visitor Value: a7d33a4a-5f46-41ba-82ca-b0a7742bb384
cofense2022stg.wpengine.com/	1970-01-20 11:38:46	Name: _gd_session Value: a5d1c267-ffdc-4abc-8034-4b51728d2087
cofense2022stg.wpengine.com/	1970-01-20 11:39:58	Name: ln_or Value: eyIzMDA3MjEiOiJkIn0%3D
.linkedin.com/	1970-01-20 12:21:43	Name: UserMatchHistory Value: AQI5GRkW4M64NAAAAYf5Ilpu-m5DwfvUyAIzepJUQTGqor9TVQdqzZc1FpGNctRIgIrI_C6HZPtVPQ
.linkedin.com/	1970-01-20 12:21:43	Name: AnalyticsSyncHistory Value: AQKqxzDnP6seaQAAAYf5Ilpu_uVo7lD7tw_nQkboUX8hncT_bxZWtap6faDLBHB1ar_rKcE7Ss3J2spqlkOCaQ
.linkedin.com/	1970-01-20 20:24:07	Name: bcookie Value: "v=2&20b26b4e-ab01-4f73-80ae-cb0a82831bc6"
.linkedin.com/	1970-01-20 11:39:58	Name: lidc Value: "b=OGST09:s=O:r=O:a=O:p=O:g=2516:u=1:x=1:i=1683511990:t=1683598390:v=2:sig=AQGrCglQAqRlOx9DjrPrkGhLBkUVykot"
.6sc.co/	1970-01-20 21:14:31	Name: 6suuid Value: cdd5ce17c7e62b00b75a58647000000045b51400
cofense2022stg.wpengine.com/	1970-01-20 11:38:33	Name: drift_campaign_refresh Value: b1dc1488-d16a-4776-8a30-9ae53b883c0f
.wpengine.com/	1970-01-20 21:14:31	Name: _ga_3G76T4W3LR Value: GS1.1.1683511990.1.0.1683511991.59.0.0
.www.linkedin.com/	1970-01-20 20:24:07	Name: bscookie Value: "v=1&202305080213117b831b6e-f161-4e02-8203-3e37857d978dAQEhXNOxSXAoy6_SSd6XxDDAH_iWJ7b4"
.linkedin.com/	1970-01-20 15:57:43	Name: li_gc Value: MTswOzE2ODM1MTE5OTE7MjswMjGrp9QH3+t7+Sgi27OWxJqvHRPknGJ5b258lIYJcn1O0Q==
.wpengine.com/	1970-01-20 11:39:58	Name: _clsk Value: v3ab5j\|1683511991477\|1\|1\|u.clarity.ms/collect
cofense2022stg.wpengine.com/	1970-01-20 21:14:31	Name: drift_aid Value: 3bc806b3-4828-4d7a-82c4-5373eb5e8314
cofense2022stg.wpengine.com/	1970-01-20 21:14:31	Name: driftt_aid Value: 3bc806b3-4828-4d7a-82c4-5373eb5e8314
.bing.com/	1970-01-20 21:00:07	Name: MUID Value: 1A68D427D0D765A20BCDC72CD17B640F
.c.bing.com/	1970-01-20 11:48:36	Name: MR Value: 0
.c.bing.com/	1970-01-20 21:00:07	Name: SRM_B Value: 1A68D427D0D765A20BCDC72CD17B640F
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 21:00:07	Name: MUID Value: 1A68D427D0D765A20BCDC72CD17B640F
.c.clarity.ms/	1970-01-20 11:48:36	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 11:38:32	Name: ANONCHK Value: 0

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cofense2022stg.wpengine.com/wp-content/themes/cofense/css/custom.css?ver=6.1.1 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cofense2022stg.wpengine.com/wp-content/themes/cofense/css/testing.css?ver=6.1.1 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cofense2022stg.wpengine.com/wp-content/uploads/2022/05/Inter-Medium.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://lltrck.com/scripts/lt-v3.js?llid=19612 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

404-jhu-612.mktoresp.com
b.6sc.co
bootstrap.api.drift.com
c.6sc.co
c.bing.com
c.clarity.ms
cdn.linkedin.oribi.io
cofense2022stg.wpengine.com
driftt.imgix.net
epsilon.6sense.com
event.api.drift.com
flow.api.drift.com
fonts.googleapis.com
fonts.gstatic.com
ibc-flow.techtarget.com
ipv6.6sc.co
j.6sc.co
js.driftt.com
js.qualified.com
lltrck.com
metrics.api.drift.com
munchkin.marketo.net
okt.to
p.typekit.net
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
secure.adnxs.com
snap.licdn.com
static.oktopost.com
stats.g.doubleclick.net
targeting.api.drift.com
trk.techtarget.com
u.clarity.ms
ws.zoominfo.com
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
13.107.42.14
185.89.211.132
192.28.144.124
2001:4860:4802:32::36
23.197.137.224
23.36.162.205
2600:9000:2127:2a00:2:53b2:240:93a1
2606:4700::6810:a852
2606:4700::6812:1105
2606:4700::6812:d9f
2620:1ec:21::14
2620:1ec:4f:1::60
2620:1ec:c11::200
2a00:1450:4001:80f::2008
2a00:1450:4001:812::2003
2a00:1450:4001:812::200a
2a00:1450:4001:828::2003
2a00:1450:4001:829::2004
2a00:1450:4001:830::200e
2a00:1450:400c:c04::9a
2a02:26f0:3500:14::1724:a259
2a02:26f0:3500:16::215:148d
2a02:26f0:3500:16::215:1495
2a04:4e42:8d::720
3.121.193.168
34.111.208.231
34.193.113.164
34.74.117.101
4.227.249.197
52.20.195.32
52.73.0.225
65.9.95.66
65.9.95.96
68.219.88.97
01c3955df67a9b9d1367957e2c187729eae46b72e92c2b52bdb217b14a8fc874
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
047d14c117d25e9e0a1a2ba3f4aa23a602d417fc7402294e484d20b19140ecf1
09016600a13dd4825b72516765a8da53d1ab896f7582c4619d014e8ee147ea84
09db71dcf500dadf710b4fde01c4af2839d9055c18de62b3de0b7ba590e880ef
0a878495e0cd07bbe654d5ca09dd53707b0349b326c229393df27696e92e255c
0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e
0c07bf805e857013386ec7ea2d26911aed5c827ee90e71a94188553c6d8ef337
0cbf6e774cef56a187b12fea61250b10a013df245ca8ed9c47bf3f18f8a7696b
0ec717c896d0ca54e4536263e84f11f43a944ba2e04d2f5f1264f0acdc7beada
0fe30a881b9d89d4dc8bf8100a8e5550ce4a09232f1cb4c109f105307f77b93b
11223ca6b6926320cb972d7abe5e50b4806da8294cfaa140fd12273a13d9a29a
120def079fc4e239098c571e178a9a1b73746f05c6f65a97cd7291b8c13aa401
12ce92cc3c4eb9d74f48e9a10eb919bdf30bbdc5ccf9843c6543fec302dec54f
130688f16399fc1980b2900037a220bc182f4b0c320621dc7d70ec721514765e
138154c0deed3326477b9b4909175101070a5a3a95342291b53d8cc9879a5f47
13ba7d85cedf2d5b14f9091119f9067689bdc33edde1d37a654787d416fbca34
144bfb88dbdab1a0c04cdf0f570c127ed52c9319b7cd5c1e7acf692a0950f5dd
178c7e0dd0c602d457b8d91dd18b916c3f4220794fccb6067cac187f0c753795
19b9088866f569df384674d08e7f4614b91d86d5849cb45e63257e6cb873102b
19bdcc42d8493c4c89fff6e24832b553a87e170b38d2564c823efb5dd931748a
19f02e3764fa76eb984a91b00197fcd2722dd8cb9b3b50d65330ec4cc397c4c8
1a7d5d0c9c86dc2db1249eee49e178e16885d04b41f20cab6e5ad4e5a51f89af
1b9bafdc56eb8a2d034dad879700061003ff8c8b2bb2a44a7439a9e0a0a5024a
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
1de5811d3ded5c7f325dc71e83a8c4a85325e74d393daa6651aa9dae54072cca
1e98fb526604153b17fc4e47a5bf122c3ff20e46671b6229d459db91c8bca22e
1fa18b1ec5d3e9b4c089118323819e51e6674e4756fbcd1de4e86ef58a3dba31
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
22a79f1fbcc70373c7021bae2164d9232d1e9dd3c6a163df9f9f54070e5f6b50
2544474f9ccba4ce5f26230fea52abf96e3129f3a897daa9fd22a4d356658ad3
2693e158a319fe2c6576e7fdd76ad78ca5e0235cce4418503e5fee2e7426b2d0
277725f80d5c0175c2a996fe1eea07395b87ec1bd0496353409e99e96024816e
28816769ece0ee343025ff388216c645e175c92cce4db6bd812a321b1ad345c6
2cb2c8587eb4c7aa56eb0c5460dc8a28eb1f7aef070aa808b487735ac73e70e8
2cc15bc3d3dda4e699624aae9727570dd1cb7cfa4535a074a453e1437e279d21
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3169ab3142fbf3ecf7eee1b5682a4556ed8a3d4ba940befa71c31b5a43991d92
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
34bbd1c367ffc7d80fcff86c7e5f8777e70f4911bb324e8ecfc7dd3604a96e68
3992ccb3af03535e9a36522b5bdab5c153ee264de529da6bb1eea9fcfa654abc
3c1a5c4b5574a4104a92b2e700e6f0fc5b001c4297ebc5a1e76d67b1fbeb1c2d
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
44c68a4716777a09c291d971f91468c7e72dd2beadecd931aaea641758f4d726
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
49ccde5bd28dd1b912e31322fa9376d751bbc588dd3b98eed4c1c3e470a8fd88
4b6282f417900055c604419822eb0ff788d325f23c9eca94146e3086177e8f0a
4b9257e3e9c959214ddfab833a69a021ae6557403efe76afcbee259621175274
4bfadbef6403a8d94ce18f4c015c320c8627a0ecaf0e2633ae3e7c601cd00f14
4d36e6008a541b46f23448eb97baff09aba6954548c1030a1bc217091ff760e9
4eda4b5575532ad6a713d3d9bbcde581c519d9b8d0202363925ddc80049eed6d
4f42fa1fe21c3cdf7ccfa09bfb44d1325bd3713e1ddb82e661e2c28002eef957
4f7c9d18aa800107e6970d53012df044bb42e14795c2cb7555ca5317c7e63589
51445b2ccc8f515394b4750bd52fbc74089c3e894ec552a64fbc85c71a766f49
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
533e264cc615ee4601da8d2c1dee4a8987319e53d4d7162272f067fbbf250020
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
566d4c5dfefc9c4d867e6bef080917a4273b4228731a8700e81f1763eae3d861
574aecd6793a65225977300bbb170085109bf62527488370869dd0678d52369e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5bca3153792e728edf2e4d182e5140b8877cb477241f1e17dad040ac3ef3672f
5c66f4108473184234cf51f10908502db1c5df427894267225f3de5921c61c47
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
63aaa27a904bf63aa8c6e177abd2f389756b6ca2df27f9159c4564dcdb49bc6d
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
6b9d2b8c3dcf839410a0cf4595656edc46236f9307d14e49d678af1c4b03451e
6c045720214936d18be1a7a1bad67cb007e9fd7cf8830f0baf03153863ad1ca1
6eafef48033bf87526b129f8f292a7ea8b943988241b3abefe94d3a95668ac8a
6fe59d88646876bb8dfb4a1a021b2dc2662b36bf175625eb3ecb89a3ae956937
71966cb221a057ee9313fb232e40c7a0a70d2e472909c3947f4878c8e195ad53
727a730eda79071d5f02ba91d752c3feed10e0cd63a9c042f298390c24f85236
73b2fdcf25aa909c7b0f072cf791066350ab834ca1d0d01ef096bb5583318213
7853bdaed34edce2ba110418f4677ddb6f3e60a9fb633ddb53cedde9be850651
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7c4cddc44e59d49ccbfdaf1b57cca9884b74ee1710671c7d9fa974e3fae6f507
7cb58278c8f54a62c0afa6da0c67b3a45aad637a0bf614e9c0dd42b73cee266b
7f1db47aa95b89d809a895a86f32c61d05637c7ed8dead59e19e11cc0b4489ad
814d45cce5caa5b45bc44934f24e210c64cb36ba1438a14d40ad7d23784e78e7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
8667a50fdab17dd946e43e37c6fd1623583b9440bdca887e44cc726e48feedaf
87b8dee0764adb4697a20648f0b9498453c2656ea2edb0347ebb64ada76fe1b9
8cbc49b1385bf29debe95333f04795a6e3a2cf218d88b415b29872d06491fd1c
8ee0654259fda0bbfeab4305b895e740659613080d90352bd36c1452fd426ef6
95245f488fc923a05392ac8ca5985ac00d44b0603ba7b987d103475181268d88
958a03c833d9116f7ab9a5ee503f7b0360b9291b268bfb77128a8f0e19238613
95af163892829a3ef249441b70b2c8281b845edea4b24680d3326486861d6082
97835f51936631312648ce4198cd92c85beae9e09e3cdaff439c57ffccc5c5d5
987b2e5ba1d940ccf76e74235a3339ce993b29a81c7a67599157c3a5640be710
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134
9c31a014c17b72f36eadba67add0dd225a238265895ba5729870f9ad469f0a95
9cd2be9bf48aaa097c2067d7fcbedeeae90655729b4808fca55fefc62a4c1ae1
9d88866c6295ffc0cadaa1ccb951367e196737a413482176d5787b70aae04ef0
a021e5ef7022a556c759cca4e248f10383d65a1cd4df600dae57ea37ca481073
adfdeb4d7e4a5f5de6839a079fd8816135a5bcb6c6acb9e546ef4a66c62c18d4
ae3f6024712196dff7272f57c522e4048826b484f7336a97cc3e7f6f00d2d443
aebf3a5076b724c0097b17849789e5b72ab7a54d91fae262585b0266c2670b23
b12ecc62ec6d0d12eb19d51ec80e63d04d3c32478672e074808f8d3beedd7a37
b3c983227e71c4f8da7d9af830cde723a94fd1a3a712e666c1f389dfac405bb9
b7c5d1d3e03d31b9b450c0aac2972f3aef995be2a69ec5ecfa6200c4a321ef40
b8166c5475df6a64ab2456e95f64564164ed697d258e8bfed8cebca40efd6fa5
b8449a28a151415d580be1dfd69056906199f1dd6ceb2c1b5edf61950ada9d13
b8597acdd0f11a49c1fd1a1b170b494325848476d83c86a2b6832628b3de9916
b89b6165327872066d09bf529b6f131b238a193e71a8ab9108b2ea40ae92d3f8
bacd426460574c0fc84822fd3846441f1040b4374c8350d67271049bd29fc6d7
bb5b6c52c072488848fbe51554382a6bc0be26a315e7558aa5ad61df4433b2dc
bbe46659150103403480eb003d999726b1cacb8df393a9a81bb73e55bed5b17e
bc963ec675a47c9549e8fa57d49a196bfa1faea63135a4cee881f68ccde88037
bf06f41bb3a1429115fa2dcfbee9986234d6d319da3597648e4e980340d52027
c05a1108c176130e9dff2f6a5ebdb60be1c3e17b5a8f83de35b29f44fb109434
c2b7a45d31339f18ed57fd095feca4da1b3fbab75a5afbc053957f6e8e1613a2
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c3dfc3f03106f85ab56ceaadf44433f35cca4209d64922d50a1c650c90aa60ad
c6b2815294e64eb3d9e30955673ae3b60a486ae5b7dfcc7e48c0e2a4fe7301de
c72c66fc056166d2ffffc5b2471c15c50e74cea1e69070fa323ac81b73998844
c7e9892e66464b9c939f81878a76b28761697e4a9b9252ce7c43fedcb95c94e6
c8c302716cf94980a0d77e614d9fb6c430f166b5ef7c42b7c382771955e52ba6
c96b2cd5b57e02ce65ab0a787a6c8ea69efbf424064e15500691847cd879e8ca
ca4b8bc30efe3bc477a4699a51c7ca0ba2cf24f24f02d3b861453a1aac7d0fb6
ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cdaa4c91b5bc3dd4ce8e1345b453844dd414602022a182ce2853d87bd4b9a9d3
cdeb836f7f77cd2174fa0bb4aa3825963aa64faf657a24f988b82f1c4d28ce69
d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9
d08fa1906998435f62fea09b51c792ed9b1d93a9636efe4fa8981599c7de9419
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d13b38445a994d5cca2bc90c0155435b3e0146d1d0dc7f3b667ef90c8df65329
d14e287ddae470b06c4639e73260ca21a4c9b7cfdf56e02965a8f50fb5333b42
d3ec56e30464585e5c2b664b8dd77525dd3bc5b3079be7d6dede18cd3f90da33
d3ed94b69049a6046b0472b87a4d1be0a1c9482c9edc3793bf72714c82c7ce0c
d608780a3ddd9322d07b2b12af1d880434a9042b1f54fc6ec8eb3cb6977f81ba
d622534d53d3ac1095af275f0b30274fcd835785577df2dde6d9398e6f7a2c8f
d641c13a78017e11f15b152b78082bcd0cf474766f13ba649bfa6378d956c492
dc7e118b7e07217031d017282955569cb66891f527050135caadb2dd5779824f
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba
e517a35c5f569958a934efcb143bdbb42f9f3b8cdd11442aed95bf45716007f2
e5cc98a7681a840c7940cf675360a0def2ffacf2ea52b046ce5354a9ee873dd8
e6ed06388b8a934651b5005f2ece104a979f56b5fa6203ef4a2d8ab0a60c07dd
e6f4a2cd743aa32711cc7b746b6dddac6a6d55783e3a8b2e9eb335b29d12eb1e
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8e658c81a7ff92a6e0f9049ee3a8fc42082e8303abb6ed44c73361259cbdbae
e9ba3d0c5d5408e00becd36ad394fa9ad9c0616741ebdd6dddc8e837db3605ba
eaf3fbeb37e264707dd55409d3e8729dbbf6fdc39536e3961c59ec0a4ebad5f0
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
ec547a2f9fde5ce8e398da2810828ba3c30c641ce2761f5bf915225efb35f919
edb409aebe8f4b88021a0c7c6b60abc2cfa4463f794b2429708cf3294681d0fe
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef95e055a869e0da0233ad796b7090126244c80e15cf0a4b8d29f7a44d70065a
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
f3342c52eee43a2ea931cae2ee2d6d9a2939432ffcb03bb4f2983ac7e49b26cc
f3e04a15bb017b906d4834cb5da6e3ea409b5da37a0cd9cec4b62a496f8560a1
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a
f46108976666130f89c43a82ee045f7a3afb264494060ef6b3d9eb6589e49d16
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f6fee3a799e728409177857ac391bd003bb803d7489e01c521a53258749f97cd
f74dc3dd99ec373eed444cfbf2d5bb3be4fdc2dd5c9ead1de29d930dea1e1a84
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
fa2097c7597ba1ea9ce7d12d82dbe307071a3d0bc409ee3d999fe29d6e3d0c7f
fbeb296c1ecc216a17bda77bf65e833cc0410cfbe1908e121f7a4549cc390675
fcf67e37a8fd1acfa0c65a13eeecc07efeb4efc0447177ee2f3e95bfd794ca3c
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869
fffcc021124d70080ddd0c52562645c46e03ff39c924ced85c1bfd62cb8b8767

cofense2022stg.wpengine.com Open in urlscan Pro 34.74.117.101 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

232 Requests

99 %HTTPS

56 %IPv6

28 Domains

41 Subdomains

33 IPs

4 Countries

2557 kBTransfer

6378 kBSize

36 Cookies

9 Outgoing links

Redirected requests

232 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

cofense2022stg.wpengine.com Open in urlscan Pro
34.74.117.101 Public Scan

Screenshot
Live screenshot

Full Image

232
Requests

99 %
HTTPS

56 %
IPv6

28
Domains

41
Subdomains

33
IPs

4
Countries

2557 kB
Transfer

6378 kB
Size

36
Cookies

232 HTTP transactions
2 data transactions