got-phished.com Open in urlscan Pro
35.222.212.161 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://hulu.validation-service.net/?r_id=01HCCQAX1Z7250A8Q8GYSVED9V
Effective URL:
https://got-phished.com/phished
Submission Tags: falconsandbox
Submission: On November 13 via api (November 13th 2023, 6:54:08 pm UTC) from US — Scanned from DE

Summary HTTP 50 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 20 IPs in 2 countries across 15 domains to perform 50 HTTP transactions. The main IP is 35.222.212.161, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is got-phished.com.
TLS certificate: Issued by R3 on September 25th 2023. Valid for: 3 months.

This is the only time got-phished.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 14	35.222.212.161 35.222.212.161	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:bf59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:2c:... 2a02:26f0:2c::213:6110	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6812:d333	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:350... 2a02:26f0:3500:887::f09	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4eba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:991b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:faa8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	151.101.66.132 151.101.66.132	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6812:b07d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a04:4e42:600... 2a04:4e42:600::644	54113 (FASTLY) (FASTLY)
1	2600:9000:211... 2600:9000:211e:8600:1e:c86:4140:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:239... 2600:9000:2394:7c00:3:471f:5240:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.245.86.108 18.245.86.108	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:211... 2600:9000:211e:9400:1e:c86:4140:93a1	16509 (AMAZON-02) (AMAZON-02)
50	20

14 35.222.212.161 (Council Bluffs, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 161.212.222.35.bc.googleusercontent.com

hulu.validation-service.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
got-phished.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.wizer-training.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:bf59 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:2c::213:6110 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)

consent.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:d333 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscta.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:887::f09 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

consentcdn.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4eba (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:991b (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:faa8 (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.132 (United States)

ASN54113 (FASTLY, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:b07d (United States)

ASN13335 (CLOUDFLARENET, US)

perf-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a04:4e42:600::644 (United States)

ASN54113 (FASTLY, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:8600:1e:c86:4140:93a1 (United States)

ASN16509 (AMAZON-02, US)

embed-ssl.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2394:7c00:3:471f:5240:93a1 (United States)

ASN16509 (AMAZON-02, US)

pipedream.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.86.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-108.fra60.r.cloudfront.net

distillery.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:211e:9400:1e:c86:4140:93a1 (United States)

ASN16509 (AMAZON-02, US)

embed-cloudfront.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	wistia.com fast.wistia.com — Cisco Umbrella Rank: 3892 embed-ssl.wistia.com — Cisco Umbrella Rank: 7431 pipedream.wistia.com — Cisco Umbrella Rank: 6100 distillery.wistia.com — Cisco Umbrella Rank: 6057 embed-cloudfront.wistia.com	873 KB
11	got-phished.com got-phished.com	2 MB
5	hubspot.com js.hubspot.com — Cisco Umbrella Rank: 5485 api.hubspot.com — Cisco Umbrella Rank: 4613 cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 5222 track.hubspot.com — Cisco Umbrella Rank: 2298	26 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	3 KB
3	cookiebot.com consent.cookiebot.com — Cisco Umbrella Rank: 4470 consentcdn.cookiebot.com — Cisco Umbrella Rank: 5121	34 KB
2	wizer-training.com api.wizer-training.com	4 KB
1	hsforms.com perf-na1.hsforms.com — Cisco Umbrella Rank: 5955	1 KB
1	gstatic.com fonts.gstatic.com	35 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	89 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 4559	24 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2155	21 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2150	21 KB
1	hscta.net js.hscta.net — Cisco Umbrella Rank: 21710	7 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2386	1 KB
1	validation-service.net 1 redirects hulu.validation-service.net	146 B
50	15

	Domain	Requested by
11	got-phished.com	got-phished.com
10	fast.wistia.com	got-phished.com fast.wistia.com
4	fonts.googleapis.com	got-phished.com
3	embed-cloudfront.wistia.com	fast.wistia.com
2	pipedream.wistia.com	fast.wistia.com
2	api.hubspot.com	js.usemessages.com
2	api.wizer-training.com	got-phished.com
2	consent.cookiebot.com	got-phished.com consent.cookiebot.com
1	distillery.wistia.com	fast.wistia.com
1	embed-ssl.wistia.com
1	track.hubspot.com
1	perf-na1.hsforms.com	got-phished.com
1	cta-service-cms2.hubspot.com	js.hubspot.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.googletagmanager.com	got-phished.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hubspot.com	js.hs-scripts.com
1	consentcdn.cookiebot.com	consent.cookiebot.com
1	js.hscta.net	got-phished.com
1	js.hs-scripts.com	got-phished.com
1	hulu.validation-service.net	1 redirects
50	23

This site contains links to these domains. Also see Links.

Domain
app.wizer-training.com

Subject Issuer	Validity	Valid
got-phished.com R3	`2023-09-25` - `2023-12-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-03` - `2024-05-02`	a year	crt.sh
consent.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-06` - `2024-04-06`	a year	crt.sh
*.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-17` - `2024-04-17`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
api.wizer-training.com R3	`2023-09-25` - `2023-12-24`	3 months	crt.sh
fast.wistia.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-07-02` - `2024-08-02`	a year	crt.sh
*.wistia.com Amazon RSA 2048 M01	`2023-01-31` - `2024-02-29`	a year	crt.sh
pipedream-production-cloudfront-app-cname.wistia.com Amazon RSA 2048 M03	`2023-09-11` - `2024-10-09`	a year	crt.sh
stats-tap-production-cloudfront-app-cname.wistia.com Amazon RSA 2048 M01	`2023-09-13` - `2024-10-11`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://got-phished.com/phished
Frame ID: 3580D4DA8FDD83DB8265DE0EAB50A9C9
Requests: 49 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: C171079C7BE80F747639AB6A932C7C80
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Security Awareness Training

Page URL History Show full URLs

https://hulu.validation-service.net/?r_id=01HCCQAX1Z7250A8Q8GYSVED9V HTTP 302
https://got-phished.com/phished Page URL

Detected technologies

Cookiebot (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.cookiebot\.com

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Page Statistics

50
Requests

100 %
HTTPS

84 %
IPv6

15
Domains

23
Subdomains

20
IPs

2
Countries

2886 kB
Transfer

4556 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://app.wizer-training.com/
Title: Check Trainings

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://hulu.validation-service.net/?r_id=01HCCQAX1Z7250A8Q8GYSVED9V HTTP 302
https://got-phished.com/phished Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request phished Show response
got-phished.com/
Redirect Chain

https://hulu.validation-service.net/?r_id=01HCCQAX1Z7250A8Q8GYSVED9V
https://got-phished.com/phished

7 KB
7 KB

489ms
152ms

Document
text/html

35.222.212.161
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://got-phished.com/phished

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.222.212.161 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

161.212.222.35.bc.googleusercontent.com

Software

/ Express

Resource Hash

00ccc144adf869fb64dab615f57a222493df57a31d70e03b8b8fce18b548dcff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 6742
content-type: text/html; charset=utf-8
date: Mon, 13 Nov 2023 18:53:57 GMT
etag: W/"1a56-cpbemOn/222KIl4DsTj1hlgZYoA"
strict-transport-security: max-age=15724800; includeSubDomains
x-powered-by: Express

Redirect headers

content-length: 54
content-type: text/html; charset=utf-8
date: Mon, 13 Nov 2023 18:53:57 GMT
location: https://got-phished.com/phished
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin

GET
H2 200 css
fonts.googleapis.com/ 2 KB
894 B 158ms
53ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Muli:400,800&display=swap

Requested by

Host: got-phished.com
URL: https://got-phished.com/phished

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

13ca4842038641c42757dadc032305d79c15813b794858ab7a619277614dae60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 13 Nov 2023 18:53:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 18:53:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Nov 2023 18:53:58 GMT

GET
H2 200 styles.css
got-phished.com/assets/fonts/material-outline-icons/ 1 KB
1 KB 303ms
296ms Stylesheet
text/css 35.222.212.161
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://got-phished.com/assets/fonts/material-outline-icons/styles.css

Requested by

Host: got-phished.com
URL: https://got-phished.com/phished

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.222.212.161 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

161.212.222.35.bc.googleusercontent.com

Software

/ Express

Resource Hash

25e0db9643d7f31d66f5f135bd284815e91f077da8eaa5b9c0ade1d5f0befdcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/phished
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:53:58 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 23 Oct 2023 10:58:10 GMT
x-powered-by: Express
etag: W/"4e3-18b5c2f5dd0"
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 1251

GET
H2 200 5120248.js Show response
js.hs-scripts.com/ 2 KB
1 KB 282ms
193ms Script
application/javascript 2606:4700::6810:bf59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/5120248.js

Requested by

Host: got-phished.com
URL: https://got-phished.com/phished

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:bf59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c67345eeaa306dfc8fe381b0290f7dca685a46b8cb33d634300fe24ef1467281

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:53:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: cc71d5c4-8d93-41c0-8c4c-47222bd54b9e
x-envoy-upstream-service-time: 7
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: cc71d5c4-8d93-41c0-8c4c-47222bd54b9e
last-modified: Mon, 13 Nov 2023 12:21:38 GMT
server: cloudflare
x-trace: 2BEEC29FFF0B5B0CC6B14D7583076088BE88C1A787000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://got-phished.com
x-evy-trace-virtual-host: all
cache-control: public, max-age=60
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5dc9ffbc55-h7k8d
cf-ray: 8259387878495d67-FRA
expires: Mon, 13 Nov 2023 18:54:58 GMT

GET
H2 200 uc.js Show response
consent.cookiebot.com/ 107 KB
33 KB 154ms
47ms Script
application/javascript 2a02:26f0:2c::213:6110
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/uc.js
Requested by: Host: got-phished.com
URL: https://got-phished.com/phished
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:2c::213:6110 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 02b9de7b7bf138e700920ae29919c78cf2188a5725d20499e79225860d164a67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
date: Mon, 13 Nov 2023 18:53:58 GMT
content-encoding: gzip
last-modified: Wed, 27 Sep 2023 07:15:18 GMT
etag: "4a4b65e12f1d91:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=145
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 33511
expires: Mon, 13 Nov 2023 18:56:23 GMT

GET
H2 200 current.js Show response
js.hscta.net/cta/ 18 KB
7 KB 162ms
51ms Script
application/javascript 2606:4700::6812:d333
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hscta.net/cta/current.js

Requested by

Host: got-phished.com
URL: https://got-phished.com/phished

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d333 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1f58a3e48f23d9036625e9f26553d5da8f45516cf308b6ae6fb2b0fe0d13b4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-encoding: br
age: 228
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=cta-embed-js/static-1.226/bundles/current.js&cfRay=825932e47b31194b-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"7a7ad36467619447fadd7b98ce7f3800"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-hs-target-asset: cta-embed-js/static-1.226/bundles/current.js
date: Mon, 13 Nov 2023 18:53:58 GMT
x-amz-version-id: vhhL_YuOEeyrE1us6iU1p_IC2N0DFzup
via: 1.1 6b29c936420d116b13807604a0e67044.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: f533d699-048a-4068-949a-e5be1a9a8a4f
x-cache: Hit from cloudfront
cache-tag: staticjsapp-CtaEmbed-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 0
x-evy-trace-route-configuration: listener_https/all
x-request-id: f533d699-048a-4068-949a-e5be1a9a8a4f
last-modified: Wed, 04 Oct 2023 01:26:06 UTC
server: cloudflare
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-59f9889544-jmkhw
cf-ray: 82593876bccd37d4-FRA
x-amz-cf-id: m4V0JTkz-E2hBnZoh9-evrjjS0xlPTnhh1xZlzJeweC8CbBgOm_lhA==

GET
H2 200 15.51dc4b76.chunk.css
got-phished.com/static/css/ 11 KB
11 KB 153ms
147ms Stylesheet
text/css 35.222.212.161
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://got-phished.com/static/css/15.51dc4b76.chunk.css

Requested by

Host: got-phished.com
URL: https://got-phished.com/phished

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.222.212.161 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

161.212.222.35.bc.googleusercontent.com

Software

/ Express

Resource Hash

c983b409aa7927cb591b75a2ef935b736d24129e8253cab3c7fb40f4f3d561a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/phished
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:53:58 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 23 Oct 2023 10:59:21 GMT
x-powered-by: Express
etag: W/"2b02-18b5c307328"
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 11010

GET
H2 200 main.5d8be383.chunk.css
got-phished.com/static/css/ 121 KB
122 KB 155ms
149ms Stylesheet
text/css 35.222.212.161
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://got-phished.com/static/css/main.5d8be383.chunk.css

Requested by

Host: got-phished.com
URL: https://got-phished.com/phished

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.222.212.161 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

161.212.222.35.bc.googleusercontent.com

Software

/ Express

Resource Hash

4ccdbd9a519309980a9ebf4f490fe7ba2a53a3d3a6eb0b6463264a1205e93712

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/phished
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:53:58 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 23 Oct 2023 10:59:21 GMT
x-powered-by: Express
etag: W/"1e5ae-18b5c307328"
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 124334

GET
H2 200 15.e25ebe02.chunk.js Show response
got-phished.com/static/js/ 1 MB
1 MB 301ms
296ms Script
application/javascript 35.222.212.161
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://got-phished.com/static/js/15.e25ebe02.chunk.js

Requested by

Host: got-phished.com
URL: https://got-phished.com/phished

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.222.212.161 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

161.212.222.35.bc.googleusercontent.com

Software

/ Express

Resource Hash

923037ce428f9931c6c63f6a3ef7ae55d4a8e7aa1f9d981dd1b98f5172e8e8b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/phished
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:53:58 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 23 Oct 2023 10:59:21 GMT
x-powered-by: Express
etag: W/"132430-18b5c307328"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 1254448

GET
H2 200 main.f0bd4389.chunk.js Show response
got-phished.com/static/js/ 334 KB
335 KB 299ms
298ms Script
application/javascript 35.222.212.161
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://got-phished.com/static/js/main.f0bd4389.chunk.js

Requested by

Host: got-phished.com
URL: https://got-phished.com/phished

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.222.212.161 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

161.212.222.35.bc.googleusercontent.com

Software

/ Express

Resource Hash

ca08386c769e19356e491faed941803ac86836082a57db7bbe0dff7c82e01e50

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/phished
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:53:58 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 23 Oct 2023 10:59:21 GMT
x-powered-by: Express
etag: W/"53658-18b5c307328"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 341592

GET
H2 200 bc-v4.min.html Show response
consentcdn.cookiebot.com/sdk/ Frame C171 627 B
814 B 149ms
40ms Document
text/html 2a02:26f0:3500:887::f09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:887::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104

Request headers

Referer: https://got-phished.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=29852610
content-encoding: gzip
content-length: 392
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 13 Nov 2023 18:53:58 GMT
etag: "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
expires: Thu, 24 Oct 2024 07:17:28 GMT
last-modified: Mon, 04 Apr 2022 07:23:49 GMT
server: AkamaiNetStorage
server-timing: cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1699901638669_388276618_1635882684_24_848_42_46_255";dur=1
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mRUM,1

GET
H2 200 cc.js Show response
consent.cookiebot.com/67b76de5-3442-4d94-9916-428b32bce00b/ 371 B
597 B 126ms
126ms Script
application/x-javascript 2a02:26f0:2c::213:6110
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/67b76de5-3442-4d94-9916-428b32bce00b/cc.js?renew=false&referer=got-phished.com&dnt=false&init=false
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:2c::213:6110 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 14bf45cdca5de1ada7644c4189d5f0d7cbf0b44af421c95fb2103e64ff3ed5a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:53:58 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: private, max-age=60
cross-origin-resource-policy: cross-origin
content-length: 359
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef

GET
H2 200 web-interactives-embed.js Show response
js.hubspot.com/ 77 KB
23 KB 255ms
158ms Script
application/javascript 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hubspot.com/web-interactives-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5120248.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79371284e1052bf1e88b017d78ece22e4a39bb58b520a3f3ee3c545b273ae8f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://got-phished.com/
Origin: https://got-phished.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.676/bundles/project.js&cfRay=8259387a4b9c047a-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"01bab0289dcd8ac651a7405f40ec59a4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-hs-target-asset: web-interactives-embed/static-2.676/bundles/project.js
date: Mon, 13 Nov 2023 18:53:58 GMT
x-amz-version-id: QsIa1V6BkpY2avVuCaY7zCDykE83Ad58
via: 1.1 68a3b1d5c75429221abc685a453afb60.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: d8899bbe-f687-4d4a-9f14-8a314e91c8ef
x-cache: Hit from cloudfront
cache-tag: staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 1
x-evy-trace-route-configuration: listener_https/all
x-request-id: d8899bbe-f687-4d4a-9f14-8a314e91c8ef
last-modified: Thu, 09 Nov 2023 11:48:06 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mr%2B5da2%2Bp7Gf8w5sohKcYpkKwugAYLxuszB%2B37kn9R9G6wVRMO6hbwWTl5zZQlBwHF77Nub24DoHZlwv1f68z7kn6oqKxR%2FoTq%2F6iIj%2BOcNbjCwhbrY9xeYgRnGAhtAABW1lGvECln08kimH"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-59f9889544-pw49x
cf-ray: 8259387a4b9c047a-FRA
x-amz-cf-id: sd-rbwjxtColDMFUazM6bKu1lwNu0PZycwXAbaQukXNXPW58wQaTyA==

GET
H2 200 5120248.js Show response
js.hs-analytics.net/analytics/1699901400000/ 66 KB
21 KB 278ms
186ms Script
text/javascript 2606:4700::6810:4eba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1699901400000/5120248.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5120248.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4eba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2b312fbcbc50d004d2de9b7ba5f9a1f2c4aa48d0405009ba8eb8c8e65fff0bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:53:58 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 5DVE8AH6E95R2RC6
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 944c6c38-bfd0-4a3a-a5da-c845c7be3fc9
x-envoy-upstream-service-time: 17
x-amz-id-2: LsGXrzJX0SE5P2vZ3ybsgPgbUCtjJo5AD8Yf1vAcc3/0b/eUC1xaGUsD0VV2ICybDfet7gwJm8s=
x-evy-trace-listener: listener_https
x-request-id: 944c6c38-bfd0-4a3a-a5da-c845c7be3fc9
x-evy-trace-route-configuration: listener_https/all
last-modified: Thu, 12 Oct 2023 15:03:44 GMT
server: cloudflare
etag: W/"2d955e973b792a145a2c43594cef758a"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-576b4d6667-pljn2
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 8259387a4a746934-FRA
expires: Mon, 13 Nov 2023 18:58:58 GMT

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/5120248/ 77 KB
21 KB 269ms
173ms Script
text/javascript 2606:4700:4400::ac40:991b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/5120248/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5120248.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a59b23c37ef566378cf2453cd67927893ab4909117fcede91d5a45147a472bb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:53:58 GMT
x-amz-version-id: qA8SbcjyWpcyCuTzQ9U5KGFem9ug5x33
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: 9C1BGJ5YV1RH09GG
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: a72af154-07dd-429d-b77e-e3df4c98d65f
x-envoy-upstream-service-time: 67
x-amz-id-2: 9vfWHUjeF/a+1+UfgcIvXW4wLMxva4uDptYvGl2QxZkCCZ1m737lF5Gim2LT/qAKtqfayq1UAmw=
x-evy-trace-listener: listener_https
x-request-id: a72af154-07dd-429d-b77e-e3df4c98d65f
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 18 Oct 2023 11:19:02 GMT
server: cloudflare
etag: W/"64c753e9bb39f18c3e73a731ed8791c7"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://admin.wizer-training.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-576b4d6667-lh5rv
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 8259387a4fdf9a0f-FRA
expires: Mon, 13 Nov 2023 18:58:58 GMT

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 83 KB
24 KB 152ms
59ms Script
application/javascript 2606:4700::6811:faa8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.usemessages.com/conversations-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5120248.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:faa8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b14289833de1c5b8da19bf0aa86278185dfdbb3113baca8b658fa0ee8a563dba

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:53:58 GMT
x-amz-version-id: wH3z2hXmzY083mmKsKR.rBDdNfo.ct1e
via: 1.1 76e55a2361219fb19722e949475d1844.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 426
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.14670/bundles/project.js&cfRay=82592e100dc49107-FRA
x-cache: Hit from cloudfront
x-hubspot-correlation-id: d40acee1-d8eb-44de-a280-53ccefc8f170
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: d40acee1-d8eb-44de-a280-53ccefc8f170
last-modified: Mon, 06 Nov 2023 17:38:05 UTC
server: cloudflare
etag: W/"16a6c607eb7d2279e56c6ae6291e6de2"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-59f9889544-hsbs2
cf-ray: 8259387a4e6c9bb9-FRA
x-amz-cf-id: yq_SUBDLmZKEVc-Sdhy67gNBMsD_nwfvzfgpQQmG0yXE0yOVt6buRA==
x-hs-target-asset: conversations-embed/static-1.14670/bundles/project.js

GET
H2 200 css
fonts.googleapis.com/ 679 B
441 B 53ms
49ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Heebo

Requested by

Host: got-phished.com
URL: https://got-phished.com/static/css/main.5d8be383.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

985949b8fad5482ff01b2b3027a1c5a0b63d52dfc9977f9dbe3d482c68a0767f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 13 Nov 2023 18:53:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 18:30:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Nov 2023 18:53:58 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
688 B 55ms
51ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Rubik:400,500

Requested by

Host: got-phished.com
URL: https://got-phished.com/static/css/main.5d8be383.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a2dda54e54c481d666851dbdeb8f66d397ec9fbfc803472f6d15e9217fabec93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 13 Nov 2023 18:53:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 17:15:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Nov 2023 18:53:58 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
540 B 56ms
53ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Muli:400,500,600

Requested by

Host: got-phished.com
URL: https://got-phished.com/static/css/main.5d8be383.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1d5c55334086c8063bb57d27065e4d4d218b6290d7225aff975a021b32fc8731

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 13 Nov 2023 18:53:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 18:53:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Nov 2023 18:53:58 GMT

GET
H2 200 reactPlayerWistia.4d1a3320.chunk.js Show response
got-phished.com/static/js/ 6 KB
6 KB 146ms
146ms Script
application/javascript 35.222.212.161
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://got-phished.com/static/js/reactPlayerWistia.4d1a3320.chunk.js

Requested by

Host: got-phished.com
URL: https://got-phished.com/phished

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.222.212.161 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

161.212.222.35.bc.googleusercontent.com

Software

/ Express

Resource Hash

e490e645edb31fd016bfc53b41971fcd421acd5fc4bdd66452c96bc2dd5522ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/phished
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:53:59 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 23 Oct 2023 10:59:21 GMT
x-powered-by: Express
etag: W/"177b-18b5c307328"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 6011

GET
H2 200 wizer_bg_logo_white.2a75021d.svg
got-phished.com/static/media/ 6 KB
6 KB 149ms
147ms Image
image/svg+xml 35.222.212.161
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://got-phished.com/static/media/wizer_bg_logo_white.2a75021d.svg

Requested by

Host: got-phished.com
URL: https://got-phished.com/phished

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.222.212.161 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

161.212.222.35.bc.googleusercontent.com

Software

/ Express

Resource Hash

5f438d14adda199463fc44ce9e32fe0d5494b3af4de658b82e5890a019621023

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/phished
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:53:59 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 23 Oct 2023 10:59:20 GMT
x-powered-by: Express
etag: W/"1631-18b5c306f40"
content-type: image/svg+xml
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 5681

GET
H2 200 phishing.36dbb6cd.svg
got-phished.com/static/media/ 7 KB
7 KB 147ms
145ms Image
image/svg+xml 35.222.212.161
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://got-phished.com/static/media/phishing.36dbb6cd.svg

Requested by

Host: got-phished.com
URL: https://got-phished.com/phished

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.222.212.161 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

161.212.222.35.bc.googleusercontent.com

Software

/ Express

Resource Hash

1b4d60cfe13805f33f23527f884619463b4d5c688d17835e10f5203afeb6fec1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/phished
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:53:59 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 23 Oct 2023 10:59:20 GMT
x-powered-by: Express
etag: W/"1c1b-18b5c306f40"
content-type: image/svg+xml
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 7195

GET
H2 200 arrowDownPhishing.fe5d22eb.svg
got-phished.com/static/media/ 604 B
835 B 148ms
147ms Image
image/svg+xml 35.222.212.161
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://got-phished.com/static/media/arrowDownPhishing.fe5d22eb.svg

Requested by

Host: got-phished.com
URL: https://got-phished.com/phished

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.222.212.161 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

161.212.222.35.bc.googleusercontent.com

Software

/ Express

Resource Hash

eafc098f5e53e49f564606de79ca398632a0538e75538dfd18f7ac6ec49ab502

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/phished
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:53:59 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 23 Oct 2023 10:59:20 GMT
x-powered-by: Express
etag: W/"25c-18b5c306f40"
content-type: image/svg+xml
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 604

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 265 KB
89 KB 152ms
62ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MQ5Q4MBM7N&l=ga4DataLayer

Requested by

Host: got-phished.com
URL: https://got-phished.com/static/js/15.e25ebe02.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e544015ef8f88f005782d3d20c4069b8ef1268f7d5726cb162452f6d46e6f4ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:53:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90948
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 13 Nov 2023 18:53:59 GMT

GET
H2 200 water.e55d26d4.svg
got-phished.com/static/media/ 20 KB
20 KB 150ms
149ms Image
image/svg+xml 35.222.212.161
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://got-phished.com/static/media/water.e55d26d4.svg

Requested by

Host: got-phished.com
URL: https://got-phished.com/static/css/main.5d8be383.chunk.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.222.212.161 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

161.212.222.35.bc.googleusercontent.com

Software

/ Express

Resource Hash

ab4ef091c82daa5d555d4c02a10ea3ce27f42065ec673ee195e5baeb66e06e35

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/static/css/main.5d8be383.chunk.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:53:59 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 23 Oct 2023 10:59:20 GMT
x-powered-by: Express
etag: W/"506f-18b5c306f40"
content-type: image/svg+xml
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 20591

GET
H2 200 iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v28/ 35 KB
35 KB 129ms
41ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rubik:400,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://got-phished.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 21:01:58 GMT
x-content-type-options: nosniff
age: 424321
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35448
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 16:14:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Nov 2024 21:01:58 GMT

GET
H2 200 got-phished.com Show response
api.wizer-training.com/api/v1/white_label/company/by-domain/customDomainWeb/ 1 KB
2 KB 4146ms
187ms XHR
application/json 35.222.212.161
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.wizer-training.com/api/v1/white_label/company/by-domain/customDomainWeb/got-phished.com

Requested by

Host: got-phished.com
URL: https://got-phished.com/static/js/15.e25ebe02.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.222.212.161 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

161.212.222.35.bc.googleusercontent.com

Software

Resource Hash

b36defd8d316a6bef9304085628500c4c258458fd97c18c6a581c52dc596f146

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Referer: https://got-phished.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:54:03 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
content-length: 1456
x-xss-protection: 0
referrer-policy: no-referrer
etag: W/"5b0-BoeeX4BpZ+MFpINWjtw22WzG88o"
expect-ct: max-age=0
x-download-options: noopen
access-control-allow-methods: GET,POST,PUT,HEAD,PATCH,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://got-phished.com
access-control-allow-credentials: true

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 3798ms
3785ms Preflight
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=5120248&conversations-embed=static-1.14670&mobile=false&messagesUtk=bf38f5ccdfdc4d69a936c2d17bfbe576&traceId=bf38f5ccdfdc4d69a936c2d17bfbe576

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://got-phished.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://got-phished.com
allow: HEAD,GET,OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 8259387fbaca047a-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Mon, 13 Nov 2023 18:53:59 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gCQPXVjwlBbhxMZXLksadEatUMFQCcU7vZGpg%2F7oe9YzUFd%2FxsiKh4jKASyhriBQUw2%2Fm10lI%2BI4RmQyBJOzcovVX%2BhF3JaZvXm6eq1SkL3%2B%2FWPrfFmcJHQICVsPcinmawy3SR8jaByy20Tluw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 8
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5dc9ffbc55-pzl9z
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 34b4853b-4851-4455-b71c-eefa7bb00124
x-request-id: 34b4853b-4851-4455-b71c-eefa7bb00124
x-trace: 2BF38B6AF494A2C60CC34F81F690B9CEC6151B7B3E000000000000000000

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 265 B
1 KB 184ms
184ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ade6079d9359d2f0cfe739035663e008176a0817cebe6116375fc2fafc153384

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://got-phished.com/
accept-language: de-DE,de;q=0.9
X-HubSpot-Messages-Uri: https://got-phished.com/phished
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:54:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: cea895a8-33bc-40c9-b80a-1728138925c1
x-envoy-upstream-service-time: 11
content-length: 206
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: cea895a8-33bc-40c9-b80a-1728138925c1
server: cloudflare
x-trace: 2BEE60C16F77620BA5889DC1E0B945981587CEC75F000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://got-phished.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5dc9ffbc55-dfbmh
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PAIMu6zVyk0c87kbKVWi9dJvF4JqY%2Bx9kQBfUjebCOAeuY3%2BPaz6LnDPPA9YcZln90Ngd4xbQyWr9jc%2B%2Fo3krndQvqZFxbInSGQjBwQJ54eHnMODiFtJhSE4hiRJUap1nTqc0bGNwOnRQHUZQg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 825938976c23047a-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 combinedConfigs Show response
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 246 B
1 KB 3798ms
3796ms Fetch
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=5120248&currentUrl=https%3A%2F%2Fgot-phished.com%2Fphished

Requested by

Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97824daa6d5a75e1aa86b8148af2fa935276f4aa8abe1d050fd861d325a5686e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:53:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 6dc6561e-4e33-404d-be3a-bf22fb86870f
content-encoding: br
x-envoy-upstream-service-time: 55
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 6dc6561e-4e33-404d-be3a-bf22fb86870f
server: cloudflare
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://got-phished.com
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: true
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bw5dm4n6HirWkW4M1P0XkOIkjSSc%2FMWSj595Yic3ERpOiiQLRr3QmhMo0FTM5ZxkxJAMb8Y6CafiM%2FRgMM2knamnf5h0lpmqIEiv%2F3KWpQfWeFrHeWblHRXfK934QjmU7I%2BT06lfjNp6w%2B7WvyWtS0ja8hjKHqx%2FHHw%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag: noindex, follow
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 8259387faabd047a-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-fd659ccfb-s7swd

GET
H2 200 E-v1.js Show response
fast.wistia.com/assets/external/ 740 KB
126 KB 3781ms
40ms Script
text/javascript 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/E-v1.js

Requested by

Host: got-phished.com
URL: https://got-phished.com/static/js/15.e25ebe02.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

259b64629b8b70424820a6114cba022469d5ab04ad4975ec433e1500d45c8aa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:54:03 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1121
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 128262
x-served-by: cache-iad-kcgs7200133-IAD, cache-fra-eddf8230122-FRA
x-browser-version: 119
last-modified: Mon, 13 Nov 2023 16:33:59 GMT
server: AmazonS3
x-timer: S1699901643.472633,VS0,VE0
etag: "8278bb81da32f9b266b7b73e18aa40b1"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: b982c88194554d9c99852f4bb2a268a6e84b35d6
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 68, 36

GET
H/1.1 200
OK counters.gif
perf-na1.hsforms.com/embed/v3/ 35 B
1 KB 297ms
208ms Image
image/gif 2606:4700::6812:b07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1

Requested by

Host: got-phished.com
URL: https://got-phished.com/phished

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Mon, 13 Nov 2023 18:54:03 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: c252258c-b9ae-4d9f-9784-617f807695e6
x-envoy-upstream-service-time: 22
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: c252258c-b9ae-4d9f-9784-617f807695e6
Last-Modified: Mon, 13 Nov 2023 18:54:03 GMT
Server: cloudflare
X-Trace: 2B15932096DCEE69DDA97A7D39252641C2BDF5F3CA000000000000000000
Vary: origin, Accept-Encoding
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-fd659ccfb-86mwt
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
X-Robots-Tag: none
CF-RAY: 82593897fef05d8d-FRA

GET
H2 200 ud6nby85sm.json Show response
fast.wistia.com/embed/medias/ 4 KB
2 KB 290ms
173ms Fetch
application/json 2a04:4e42:600::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/ud6nby85sm.json

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

b7999df68ae6f29c29db2d8135022361c0891bc5a31c5d8d6d91175e7b3b5f3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:54:03 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=0
via: 1.1 aed3f8ed29085c056c75452d71b07f7e.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies: none
x-amz-cf-pop: PHL50-C1
age: 55965
x-cache: Miss from cloudfront, HIT, MISS
x-envoy-upstream-service-time: 120
content-length: 1670
x-request-id: 709f6683-cc55-424c-b9b1-d9f1741cec2c
x-served-by: cache-iad-kjyo7100086-IAD, cache-sof1510039-SOF
x-runtime: 0.118626
x-browser-version: 119
server: envoy
x-timer: S1699901644.840144,VS0,VE116
etag: W/"b7999df68ae6f29c29db2d8135022361"
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 6YiNOyjowXELotV5BbCt1KMC8LA2vYHvOIpk6jXBRhBvIRvenbXyHg==
x-cache-hits: 33, 0

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 250ms
164ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=972325071&v=1.1&a=5120248&pu=https%3A%2F%2Fgot-phished.com%2Fphished&t=Security+Awareness+Training&cts=1699901643719&vi=96efd6a3905e874d9b63e47ce2e3ad13&nc=true&u=86665159.96efd6a3905e874d9b63e47ce2e3ad13.1699901643712.1699901643712.1699901643712.1&b=86665159.1.1699901643713&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:54:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 1d6ab823-994d-4e91-9851-9a239a5e396a
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 8
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 1d6ab823-994d-4e91-9851-9a239a5e396a
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aZ%2FJmfKEJL4AHpCaK2m%2BVKmjBUTjvFqHXsm0tvNtfCRaM5HR0ZYml6DNomfUJpmMBGugih6QsARb67BJc7jVKkDz4O0Q37TogLfjiiDR1HjWSh8yFElruqqWaXarpyKTNZ%2FXhOXoUiZsylLDlILC"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-7d556d9994-qdggr
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 82593899ea621e5c-FRA
x-robots-tag: none

GET
H2 200 got-phished.com Show response
api.wizer-training.com/api/v1/white_label/company/by-domain/customDomainWeb/ 1 KB
2 KB 184ms
183ms XHR
application/json 35.222.212.161
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.wizer-training.com/api/v1/white_label/company/by-domain/customDomainWeb/got-phished.com

Requested by

Host: got-phished.com
URL: https://got-phished.com/static/js/15.e25ebe02.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.222.212.161 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

161.212.222.35.bc.googleusercontent.com

Software

Resource Hash

b36defd8d316a6bef9304085628500c4c258458fd97c18c6a581c52dc596f146

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Referer: https://got-phished.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:54:03 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
content-length: 1456
x-xss-protection: 0
referrer-policy: no-referrer
etag: W/"5b0-BoeeX4BpZ+MFpINWjtw22WzG88o"
expect-ct: max-age=0
x-download-options: noopen
access-control-allow-methods: GET,POST,PUT,HEAD,PATCH,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://got-phished.com
access-control-allow-credentials: true

GET
H2 200 captions.js Show response
fast.wistia.com/assets/external/ 162 KB
33 KB 41ms
41ms Script
text/javascript 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/captions.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b8be1df3b98989d7dd91bd56293a0c35353f9a23da4f3d5f0376459470cf734d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:54:04 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1122
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 33856
x-served-by: cache-iad-kiad7000165-IAD, cache-fra-eddf8230122-FRA
x-browser-version: 119
last-modified: Mon, 13 Nov 2023 16:33:59 GMT
server: AmazonS3
x-timer: S1699901644.019402,VS0,VE0
etag: "c4698e7593ebb905a19562d24bef62aa"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: b982c88194554d9c99852f4bb2a268a6e84b35d6
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 51, 27

GET
H2 200 playPauseLoadingControl.js Show response
fast.wistia.com/assets/external/ 79 KB
21 KB 57ms
57ms Script
text/javascript 2a04:4e42:600::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/playPauseLoadingControl.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

19cef7bc7f4bb1619ed916762756e9ac56c8d73ed0a58e6e4a1f387566f6c875

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Origin: https://got-phished.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:54:04 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1122
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 21113
x-served-by: cache-iad-kjyo7100135-IAD, cache-sof1510039-SOF
x-browser-version: 119
last-modified: Mon, 13 Nov 2023 16:34:00 GMT
server: AmazonS3
x-timer: S1699901644.097266,VS0,VE0
etag: "a4a09ca5a5db648b9b996a8237ad8bbe"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: b982c88194554d9c99852f4bb2a268a6e84b35d6
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 46, 133

GET
H2 200 ud6nby85sm.json Show response
fast.wistia.com/embed/captions/ 2 KB
1 KB 390ms
390ms Fetch
application/json 2a04:4e42:600::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/captions/ud6nby85sm.json

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/captions.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

fd1071098e50bc8fafd2ff49d8b23a6f077212439a4538e3baa87bcda7886b25

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:54:04 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=0
via: 1.1 10a9e9969f05a75cc05e6f70b8499f7e.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies: none
x-amz-cf-pop: IAD89-C3
age: 0
x-cache: Miss from cloudfront, HIT, MISS
x-envoy-upstream-service-time: 68
content-length: 765
x-request-id: bfa2cd9e-fa13-44e5-a6e7-af614404f994
x-served-by: cache-iad-kcgs7200144-IAD, cache-sof1510039-SOF
x-runtime: 0.066608
x-browser-version: 119
server: envoy
x-timer: S1699901644.102255,VS0,VE203
etag: W/"fd1071098e50bc8fafd2ff49d8b23a6f"
vary: Accept-Encoding,X-Forwarded-Proto
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: GCJmiRB2ncQraRJFmg6Wqro88rRxP-Dh2rsooe2r5y6PAXNwukOf_w==
x-cache-hits: 24, 0

GET
H2 200 interFontFace.js Show response
fast.wistia.com/assets/external/ 45 KB
18 KB 59ms
58ms Script
text/javascript 2a04:4e42:600::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/interFontFace.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/captions.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e3d653cf287a3212e8c5f8d68f2af6563d062b2aaf37348d0b1c5c1798dc22a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Origin: https://got-phished.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:54:04 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1121
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 18267
x-served-by: cache-iad-kjyo7100096-IAD, cache-sof1510039-SOF
x-browser-version: 119
last-modified: Mon, 13 Nov 2023 16:34:00 GMT
server: AmazonS3
x-timer: S1699901644.115433,VS0,VE0
etag: "9273139b4f23d8c9635da27dfe1931ba"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: b982c88194554d9c99852f4bb2a268a6e84b35d6
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 61, 63

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe2d7250cc0730dc655721c5fa4bf5236dcabdf57f8593e8fe2096a42c0c8baf

Request headers

Referer
Origin: https://got-phished.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 a1546c9b7265507f4fb908d9039c7db0.webp
embed-ssl.wistia.com/deliveries/ 56 KB
57 KB 420ms
72ms Image
image/webp 2600:9000:211e:8600:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embed-ssl.wistia.com/deliveries/a1546c9b7265507f4fb908d9039c7db0.webp?image_crop_resized=1920x1080
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:8600:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 8bac71ccb81f3bcd179fe3e3a6fb61ee9fb18523a5a59908aaa8344f0c4acea0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 16:09:12 GMT
access-control-request-method: *
via: 1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA56-C2
age: 9892
edge-cache-tag: a1546c9b7265507f4fb908d9039c7db0
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 286
content-disposition: inline
surrogate-key: a1546c9b7265507f4fb908d9039c7db0 thumbnail-delivery
last-modified: Tue, 28 Feb 2023 11:39:30 UTC
server: envoy
etag: -TMvUehWvvkUj-zCDNXAzXz3tqQ=
vary: Origin
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: none
x-amz-cf-id: 2L9z4mj9IG7qtnAthL1pkw-3ubRr91B9d0uHsQ0aPT82k1EiQojcfQ==

POST
H2 200 mput Show response
pipedream.wistia.com/ 2 B
328 B 257ms
129ms Fetch
text/plain 2600:9000:2394:7c00:3:471f:5240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2394:7c00:3:471f:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://got-phished.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 13 Nov 2023 18:54:04 GMT
via: 1.1 4a3271596b4750a635e84d92a47448bc.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: AMS1-P2
x-cache: Miss from cloudfront
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
content-type: text/plain; charset=utf-8
x-envoy-upstream-service-time: 1
content-length: 2
x-amz-cf-id: lbr1s0_-NXlvpC3GQEjNpfhf3YIA7uQJoM9drsAGYBAlNUuMhzJ8uQ==

GET
H2 200 hls_video.js Show response
fast.wistia.com/assets/external/engines/ 473 KB
115 KB 76ms
75ms Script
text/javascript 2a04:4e42:600::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/engines/hls_video.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ed6461d96fd87e90bb7c96e8d2e5893c9a25a1fb3bc463f1e8b8e42356870bd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Origin: https://got-phished.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:54:04 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1123
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 117752
x-served-by: cache-iad-kcgs7200137-IAD, cache-sof1510039-SOF
x-browser-version: 119
last-modified: Mon, 13 Nov 2023 16:33:59 GMT
server: AmazonS3
x-timer: S1699901645.663497,VS0,VE0
etag: "b078a15f7e506f739b7d13c270333fb8"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: b982c88194554d9c99852f4bb2a268a6e84b35d6
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 34, 112

GET
H2 200 ud6nby85sm.m3u8 Show response
fast.wistia.com/embed/medias/ 734 B
1 KB 184ms
184ms XHR
application/x-mpegurl 2a04:4e42:600::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/ud6nby85sm.m3u8

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

a9597d08f05f1eda205f2816b09995376a4658bafc29184a462f798c18f82914

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:54:04 GMT
via: 1.1 613faec4b883bfe2ebdd8a74d5006f4c.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-permitted-cross-domain-policies: none
x-amz-cf-pop: IAD89-C3
age: 50084
x-cache: Miss from cloudfront, HIT, MISS
x-envoy-upstream-service-time: 36
content-length: 734
x-request-id: 4c838c9e-9ced-46f2-8d49-e2e8d73363af
x-served-by: cache-iad-kcgs7200080-IAD, cache-sof1510039-SOF
x-runtime: 0.034512
x-browser-version: 119
server: envoy
x-timer: S1699901645.845237,VS0,VE123
etag: W/"a9597d08f05f1eda205f2816b0999537"
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: TdPd-ULi3D1EYAZ9aQj-3OIsNtSfs__jkW8rKMEj1M1TZZGHDEAlKA==
x-cache-hits: 27, 0

GET
H2 200 blank.gif
fast.wistia.com/assets/images/ 1 KB
1 KB 57ms
57ms Image
image/gif 2a04:4e42:600::644
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.com/assets/images/blank.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://got-phished.com/
Origin: https://got-phished.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:54:04 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 3007
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 1214
x-served-by: cache-iad-kcgs7200077-IAD, cache-sof1510039-SOF
x-browser-version: 119
last-modified: Wed, 10 May 2023 19:48:54 GMT
server: AmazonS3
x-timer: S1699901645.846996,VS0,VE0
etag: "fbdc4ed9a1e2ee4917a265306927bcf1"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 10, 46348

POST
H2 204 x
distillery.wistia.com/ 0
0 286ms
135ms Fetch 18.245.86.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://distillery.wistia.com/x
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-108.fra60.r.cloudfront.net
Software: envoy /
Resource Hash

Request headers

Referer: https://got-phished.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 13 Nov 2023 18:54:05 GMT
via: 1.1 e3f7f612cf7d05edb500a43ad2f70e96.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: FRA60-P6
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
x-amz-cf-id: GRweW8Q76nvdRjhsBDuo8ZDtgYLNAd-D6gu_yjR2MN2Fsu4lYLoLFA==

GET
H2 200 95595f9d5a2d174dc2fefc5a85c0eef6c25f96cb.m3u8 Show response
embed-cloudfront.wistia.com/deliveries/ 1 KB
2 KB 133ms
50ms XHR
application/vnd.apple.mpegurl 2600:9000:211e:9400:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/95595f9d5a2d174dc2fefc5a85c0eef6c25f96cb.m3u8
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:9400:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 6bd80b6edb251675670162cbb2510870e0ea1d9c72b8a85618c3fac9f7cbb572

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 10:35:18 GMT
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA56-C2
age: 29927
edge-cache-tag: 95595f9d5a2d174dc2fefc5a85c0eef6c25f96cb-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 243
content-length: 1462
surrogate-key: 95595f9d5a2d174dc2fefc5a85c0eef6c25f96cb-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: H4Lx9t1CI3IQ1nV5BUKXpe0rxSdeQYpzrh4ufsa8F8MWRLy4svm7yA==
expires: Tue, 12 Nov 2024 10:35:18 GMT

GET
H2 200 allIntegrations.js Show response
fast.wistia.com/assets/external/ 23 KB
6 KB 62ms
58ms Script
text/javascript 2a04:4e42:600::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/allIntegrations.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

82c388a484353affdf14ee9f925a815699bc070f9e6c02b967958b7f75e17853

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Origin: https://got-phished.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:54:05 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1122
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 5797
x-served-by: cache-iad-kiad7000083-IAD, cache-sof1510039-SOF
x-browser-version: 119
last-modified: Mon, 13 Nov 2023 16:33:59 GMT
server: AmazonS3
x-timer: S1699901645.166745,VS0,VE0
etag: "285026b429b58a2547ff975662f02740"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: b982c88194554d9c99852f4bb2a268a6e84b35d6
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 38, 54

GET
H2 200 seg-1-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/95595f9d5a2d174dc2fefc5a85c0eef6c25f96cb.m3u8/ 485 KB
486 KB 49ms
49ms XHR
video/mp2t 2600:9000:211e:9400:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/95595f9d5a2d174dc2fefc5a85c0eef6c25f96cb.m3u8/seg-1-v1-a1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:9400:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: b6af15c9a2a553d977b02155445a85b1ae526a7cbb866aa1cee4376869c14f00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 10:35:18 GMT
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA56-C2
age: 29927
edge-cache-tag: 95595f9d5a2d174dc2fefc5a85c0eef6c25f96cb-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 258
content-length: 496696
surrogate-key: 95595f9d5a2d174dc2fefc5a85c0eef6c25f96cb-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: w9zyZ2LptkwJAhLHupzEayg_QGUbzmNDeONItsS0XQJ-XqABlD3H0Q==
expires: Tue, 12 Nov 2024 10:35:18 GMT

GET
H2 200 44d2a9922c5c43ff5fa41a10c95bea282a685ca3.m3u8 Show response
embed-cloudfront.wistia.com/deliveries/ 1 KB
2 KB 341ms
340ms XHR
application/vnd.apple.mpegurl 2600:9000:211e:9400:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/44d2a9922c5c43ff5fa41a10c95bea282a685ca3.m3u8
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:9400:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 1f32aa7f1db5b96ff04d7af1ba79e0248c3e64520a9e270c6e917c409916a872

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://got-phished.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:54:05 GMT
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA56-C2
edge-cache-tag: 44d2a9922c5c43ff5fa41a10c95bea282a685ca3-hls-segment
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 205
content-length: 1462
surrogate-key: 44d2a9922c5c43ff5fa41a10c95bea282a685ca3-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: ybaWqKyMGA9h0tENgvg3AuvMmTN-fZa2TKOC6Qs3gHtBJszhG75Nbg==
expires: Tue, 12 Nov 2024 18:54:05 GMT

POST
H2 200 mput Show response
pipedream.wistia.com/ 2 B
327 B 129ms
129ms Fetch
text/plain 2600:9000:2394:7c00:3:471f:5240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2394:7c00:3:471f:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://got-phished.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 13 Nov 2023 18:54:05 GMT
via: 1.1 4a3271596b4750a635e84d92a47448bc.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: AMS1-P2
x-cache: Miss from cloudfront
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
content-type: text/plain; charset=utf-8
x-envoy-upstream-service-time: 1
content-length: 2
x-amz-cf-id: 9GNiWMgU9WRtYHM1gTl05De1recN19ykXyP7TgHdhXltX15__HVN9Q==

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
got-phished.com/	1970-01-20 20:30:53	Name: __hstc Value: 86665159.96efd6a3905e874d9b63e47ce2e3ad13.1699901643712.1699901643712.1699901643712.1
got-phished.com/	1970-01-20 20:30:53	Name: hubspotutk Value: 96efd6a3905e874d9b63e47ce2e3ad13
got-phished.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
got-phished.com/	1970-01-20 16:11:43	Name: __hssc Value: 86665159.1.1699901643713
.hubspot.com/	1970-01-20 16:11:43	Name: __cf_bm Value: pzfI9UEOUIpuKlCB0CHa9_Xb3dOfKiIC0aRV5FcVv.o-1699901643-0-AXnHYRLk8gV+SJYWVhvReacpYQmB1vT3cjj489LJN0p1shvhN2MjFGxiHYYeu8mFfMGzwec7pB7InocMjRNhRFg=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubspot.com
api.wizer-training.com
consent.cookiebot.com
consentcdn.cookiebot.com
cta-service-cms2.hubspot.com
distillery.wistia.com
embed-cloudfront.wistia.com
embed-ssl.wistia.com
fast.wistia.com
fonts.googleapis.com
fonts.gstatic.com
got-phished.com
hulu.validation-service.net
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscta.net
js.hubspot.com
js.usemessages.com
perf-na1.hsforms.com
pipedream.wistia.com
track.hubspot.com
www.googletagmanager.com
151.101.66.132
18.245.86.108
2600:9000:211e:8600:1e:c86:4140:93a1
2600:9000:211e:9400:1e:c86:4140:93a1
2600:9000:2394:7c00:3:471f:5240:93a1
2606:4700:4400::ac40:991b
2606:4700::6810:4eba
2606:4700::6810:bf59
2606:4700::6811:faa8
2606:4700::6812:b07d
2606:4700::6812:d333
2606:4700::6813:9a53
2a00:1450:4001:810::2003
2a00:1450:4001:813::2008
2a00:1450:4001:82b::200a
2a02:26f0:2c::213:6110
2a02:26f0:3500:887::f09
2a04:4e42:600::644
35.222.212.161
00ccc144adf869fb64dab615f57a222493df57a31d70e03b8b8fce18b548dcff
02b9de7b7bf138e700920ae29919c78cf2188a5725d20499e79225860d164a67
13ca4842038641c42757dadc032305d79c15813b794858ab7a619277614dae60
14bf45cdca5de1ada7644c4189d5f0d7cbf0b44af421c95fb2103e64ff3ed5a8
19cef7bc7f4bb1619ed916762756e9ac56c8d73ed0a58e6e4a1f387566f6c875
1b4d60cfe13805f33f23527f884619463b4d5c688d17835e10f5203afeb6fec1
1d5c55334086c8063bb57d27065e4d4d218b6290d7225aff975a021b32fc8731
1f32aa7f1db5b96ff04d7af1ba79e0248c3e64520a9e270c6e917c409916a872
259b64629b8b70424820a6114cba022469d5ab04ad4975ec433e1500d45c8aa0
25e0db9643d7f31d66f5f135bd284815e91f077da8eaa5b9c0ade1d5f0befdcf
47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
4ccdbd9a519309980a9ebf4f490fe7ba2a53a3d3a6eb0b6463264a1205e93712
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5f438d14adda199463fc44ce9e32fe0d5494b3af4de658b82e5890a019621023
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bd80b6edb251675670162cbb2510870e0ea1d9c72b8a85618c3fac9f7cbb572
738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104
79371284e1052bf1e88b017d78ece22e4a39bb58b520a3f3ee3c545b273ae8f7
82c388a484353affdf14ee9f925a815699bc070f9e6c02b967958b7f75e17853
8bac71ccb81f3bcd179fe3e3a6fb61ee9fb18523a5a59908aaa8344f0c4acea0
923037ce428f9931c6c63f6a3ef7ae55d4a8e7aa1f9d981dd1b98f5172e8e8b9
97824daa6d5a75e1aa86b8148af2fa935276f4aa8abe1d050fd861d325a5686e
985949b8fad5482ff01b2b3027a1c5a0b63d52dfc9977f9dbe3d482c68a0767f
a1f58a3e48f23d9036625e9f26553d5da8f45516cf308b6ae6fb2b0fe0d13b4e
a2dda54e54c481d666851dbdeb8f66d397ec9fbfc803472f6d15e9217fabec93
a59b23c37ef566378cf2453cd67927893ab4909117fcede91d5a45147a472bb0
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
a9597d08f05f1eda205f2816b09995376a4658bafc29184a462f798c18f82914
ab4ef091c82daa5d555d4c02a10ea3ce27f42065ec673ee195e5baeb66e06e35
ade6079d9359d2f0cfe739035663e008176a0817cebe6116375fc2fafc153384
b14289833de1c5b8da19bf0aa86278185dfdbb3113baca8b658fa0ee8a563dba
b36defd8d316a6bef9304085628500c4c258458fd97c18c6a581c52dc596f146
b6af15c9a2a553d977b02155445a85b1ae526a7cbb866aa1cee4376869c14f00
b7999df68ae6f29c29db2d8135022361c0891bc5a31c5d8d6d91175e7b3b5f3e
b8be1df3b98989d7dd91bd56293a0c35353f9a23da4f3d5f0376459470cf734d
c67345eeaa306dfc8fe381b0290f7dca685a46b8cb33d634300fe24ef1467281
c983b409aa7927cb591b75a2ef935b736d24129e8253cab3c7fb40f4f3d561a6
ca08386c769e19356e491faed941803ac86836082a57db7bbe0dff7c82e01e50
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e2b312fbcbc50d004d2de9b7ba5f9a1f2c4aa48d0405009ba8eb8c8e65fff0bb
e3d653cf287a3212e8c5f8d68f2af6563d062b2aaf37348d0b1c5c1798dc22a0
e490e645edb31fd016bfc53b41971fcd421acd5fc4bdd66452c96bc2dd5522ac
e544015ef8f88f005782d3d20c4069b8ef1268f7d5726cb162452f6d46e6f4ea
eafc098f5e53e49f564606de79ca398632a0538e75538dfd18f7ac6ec49ab502
ed6461d96fd87e90bb7c96e8d2e5893c9a25a1fb3bc463f1e8b8e42356870bd4
fd1071098e50bc8fafd2ff49d8b23a6f077212439a4538e3baa87bcda7886b25
fe2d7250cc0730dc655721c5fa4bf5236dcabdf57f8593e8fe2096a42c0c8baf

got-phished.com Open in urlscan Pro 35.222.212.161 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

50 Requests

100 %HTTPS

84 %IPv6

15 Domains

23 Subdomains

20 IPs

2 Countries

2886 kBTransfer

4556 kBSize

5 Cookies

1 Outgoing links

Page URL History

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

got-phished.com Open in urlscan Pro
35.222.212.161 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

100 %
HTTPS

84 %
IPv6

15
Domains

23
Subdomains

20
IPs

2
Countries

2886 kB
Transfer

4556 kB
Size

5
Cookies

50 HTTP transactions
1 data transactions