thedefenceworks.com Open in urlscan Pro
35.197.249.125  Public Scan

8 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61

• https://www.google-analytics.com/r/collect?v=1&_v=j79&a=394844803&t=pageview&_s=1&dl=https%3A%2F%2Fthedefenceworks.com%2Fblog%2Fbreaking-scams-phishing-email-attachment-scam%2F&ul=en-us&de=UTF-8&dt=Breaking%20Scams%3A%20Try%20Not%20to%20Get%20Too%20Attached%3A%20The%20Phishing%20Email%20Attachment%20Scam%20-%20The%20Defence%20Works&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=782080602&gjid=1810371237&cid=1281928475.1575469858&tid=UA-78958244-2&_gid=440590329.1575469858&_r=1&gtm=2ouav9&z=1894201399 HTTP 302
• https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-78958244-2&cid=1281928475.1575469858&jid=782080602&_gid=440590329.1575469858&gjid=1810371237&_v=j79&z=1894201399 HTTP 302
• https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-78958244-2&cid=1281928475.1575469858&jid=782080602&_v=j79&z=1894201399 HTTP 302
• https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-78958244-2&cid=1281928475.1575469858&jid=782080602&_v=j79&z=1894201399&slf_rd=1&random=3390868180

Request Chain 81

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1284409&url=https%3A%2F%2Fthedefenceworks.com%2Fblog%2Fbreaking-scams-phishing-email-attachment-scam%2F&time=1575469857877 HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1284409%26url%3Dhttps%253A%252F%252Fthedefenceworks.com%252Fblog%252Fbreaking-scams-phishing-email-attachment-scam%252F%26time%3D1575469857877%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1284409&url=https%3A%2F%2Fthedefenceworks.com%2Fblog%2Fbreaking-scams-phishing-email-attachment-scam%2F&time=1575469857877&liSync=true

94 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/	51 KB 13 KB	113ms 37ms	Document text/html	35.197.249.125 Google LLC
General Check archive.org Show headers Download Go to Full URL https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.197.249.125 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 125.249.197.35.bc.googleusercontent.com Software nginx / Resource Hash d0e91164f5f133835c690c523fcd23b8b2cc2b22c25213d2f092b43022532564 Security Headers Name Value Content-Security-Policy default-src *; script-src 'self' 'unsafe-inline' 'unsafe-eval' http://*; style-src 'self' 'unsafe-inline' http://* Strict-Transport-Security max-age=2592000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers :method GET :authority thedefenceworks.com :scheme https :path /blog/breaking-scams-phishing-email-attachment-scam/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-user ?1 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 sec-fetch-site none sec-fetch-mode navigate accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-User ?1 Response headers status 200 server nginx date Wed, 04 Dec 2019 14:30:57 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding Accept-Encoding Accept-Encoding,Cookie x-frame-options DENY x-xss-protection 0 x-content-type-options nosniff strict-transport-security max-age=2592000; preload content-security-policy default-src *; script-src 'self' 'unsafe-inline' 'unsafe-eval' http://*; style-src 'self' 'unsafe-inline' http://* referrer-policy x-pingback https://thedefenceworks.com/xmlrpc.php link <https://thedefenceworks.com/wp-json/>; rel="https://api.w.org/" <https://thedefenceworks.com/?p=1021>; rel=shortlink x-cacheable SHORT cache-control max-age=600, must-revalidate x-cache HIT: 1 x-pass-why x-cache-group normal content-encoding gzip
GET H2	200	js Show response www.googletagmanager.com/gtag/	73 KB 27 KB	35ms 33ms	Script application/javascript	2a00:1450:4001:81b::2008 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-78958244-2 Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Google Tag Manager / Resource Hash 2bd85b0855b8115e1eb1048e02679fed3279fbf9259e8690112814e4d3fc22c7 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT content-encoding br last-modified Wed, 04 Dec 2019 12:00:00 GMT server Google Tag Manager access-control-allow-origin http://www.googletagmanager.com vary Accept-Encoding content-type application/javascript; charset=UTF-8 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control content-length 27666 x-xss-protection 0 expires Wed, 04 Dec 2019 14:30:57 GMT
GET H2	200	style.min.css thedefenceworks.com/wp-includes/css/dist/block-library/	29 KB 5 KB	26ms 23ms	Stylesheet text/css	35.197.249.125 Google LLC
General Check archive.org Show headers Download Go to Full URL https://thedefenceworks.com/wp-includes/css/dist/block-library/style.min.css?ver=5.2.4 Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.197.249.125 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 125.249.197.35.bc.googleusercontent.com Software nginx / Resource Hash 4b8fe5c3d0e5ef7a6582185cbf5c535b5d369c8df1da98c03ed69833e55f474d Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT content-encoding gzip last-modified Mon, 22 Apr 2019 12:40:04 GMT server nginx access-control-allow-origin * etag W/"5cbdb624-726f" vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type text/css status 200 cache-control public, max-age=31536000
GET H2	200	svgs-attachment.css thedefenceworks.com/wp-content/plugins/svg-support/css/	222 B 422 B	28ms 25ms	Stylesheet text/css	35.197.249.125 Google LLC
General Check archive.org Show headers Download Go to Full URL https://thedefenceworks.com/wp-content/plugins/svg-support/css/svgs-attachment.css?ver=5.2.4 Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.197.249.125 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 125.249.197.35.bc.googleusercontent.com Software nginx / Resource Hash 756df835cdc3e6d51abfaa6f2cd0d48a3430e2bcc2c12566e06dc79f3ba4ff74 Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT last-modified Fri, 25 Oct 2019 03:08:48 GMT server nginx access-control-allow-origin * etag "5db26740-de" vary Accept-Encoding content-type text/css status 200 cache-control public, max-age=31536000 accept-ranges bytes content-length 222
GET H2	200	style.css thedefenceworks.com/wp-content/plugins/uk-cookie-consent/assets/css/	5 KB 1 KB	33ms 30ms	Stylesheet text/css	35.197.249.125 Google LLC
General Check archive.org Show headers Download Go to Full URL https://thedefenceworks.com/wp-content/plugins/uk-cookie-consent/assets/css/style.css?ver=5.2.4 Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.197.249.125 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 125.249.197.35.bc.googleusercontent.com Software nginx / Resource Hash 34513f6e62e1b5dedbea61d6f79455a5df46097096913bbf1d154ac86b9d9fb5 Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT content-encoding gzip last-modified Tue, 19 Nov 2019 11:20:55 GMT server nginx access-control-allow-origin * etag W/"5dd3d017-1230" vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type text/css status 200 cache-control public, max-age=31536000
GET H2	200	css fonts.googleapis.com/	2 KB 581 B	17ms 14ms	Stylesheet text/css	2a00:1450:4001:800::200a Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software ESF / Resource Hash e5b09ae4f391ccd8e04977e2330f1e533a2a507d95c609a3fd437a7ffc7cddfa Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Wed, 04 Dec 2019 14:30:57 GMT server ESF access-control-allow-origin * date Wed, 04 Dec 2019 14:30:57 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin x-xss-protection 0 expires Wed, 04 Dec 2019 14:30:57 GMT
GET H2	200	button.css checkout.stripe.com/v3/checkout/	4 KB 2 KB	31ms 10ms	Stylesheet text/css	151.101.12.176 Fastly
General Check archive.org Show headers Download Go to Full URL https://checkout.stripe.com/v3/checkout/button.css Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software AmazonS3 / Resource Hash 576c19f6140a328c4af9fa9e04f764efbe570b0e8e3e4f0f66c5bdde58562a8a Security Headers Name Value Content-Security-Policy default-src 'self'; connect-src 'self' https://api.stripe.com wss://verificator.stripe.com wss://verificator-main.stripe.com https://*.stripecdn.com https://errors.stripe.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://js.stripe.com https://*.stripecdn.com https://stripecdn.com https://api.stripe.com https://maps.googleapis.com https://maps.gstatic.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.stripecdn.com; frame-src 'self' stripecheckout: bitcoin: https://*.stripecdn.com https://js.stripe.com; img-src * data:; font-src 'none'; media-src 'none'; object-src 'self' https://*.stripecdn.com; Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT content-encoding gzip content-type text/css age 276 x-cache HIT status 200 strict-transport-security max-age=31556926; includeSubDomains; preload content-length 724 x-amz-id-2 YCPyXciiR1B8gJiggIJRA1TsCB2uWXKkXehMApnXn/myUGaYJossAzNjDRs5MDYaJsP1EGk2ny0= x-served-by cache-fra19161-FRA last-modified Wed, 06 Sep 2017 17:33:42 GMT server AmazonS3 x-timer S1575469857.347124,VS0,VE0 etag "aa9c16d967e4074a065955880128c839" vary Accept-Encoding x-amz-request-id 45B228E0C9EBEE60 via 1.1 varnish cache-control no-cache content-security-policy default-src 'self'; connect-src 'self' https://api.stripe.com wss://verificator.stripe.com wss://verificator-main.stripe.com https://*.stripecdn.com https://errors.stripe.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://js.stripe.com https://*.stripecdn.com https://stripecdn.com https://api.stripe.com https://maps.googleapis.com https://maps.gstatic.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.stripecdn.com; frame-src 'self' stripecheckout: bitcoin: https://*.stripecdn.com https://js.stripe.com; img-src * data:; font-src 'none'; media-src 'none'; object-src 'self' https://*.stripecdn.com; accept-ranges bytes timing-allow-origin * x-cache-hits 6
GET H2	200	public.min.css thedefenceworks.com/wp-content/plugins/wp-simple-pay-pro-3/assets/css/	1 KB 767 B	33ms 31ms	Stylesheet text/css	35.197.249.125 Google LLC
General Check archive.org Show headers Download Go to Full URL https://thedefenceworks.com/wp-content/plugins/wp-simple-pay-pro-3/assets/css/public.min.css?ver=3.6.5 Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.197.249.125 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 125.249.197.35.bc.googleusercontent.com Software nginx / Resource Hash a680f88c2677ba336660ea523b20178f959875a71edf094dd1238356c55445ef Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT content-encoding gzip last-modified Tue, 19 Nov 2019 11:21:06 GMT server nginx access-control-allow-origin * etag W/"5dd3d022-50c" vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type text/css status 200 cache-control public, max-age=31536000
GET H2	200	jquery-ui-cupertino.min.css thedefenceworks.com/wp-content/plugins/wp-simple-pay-pro-3/assets/css/	31 KB 8 KB	33ms 31ms	Stylesheet text/css	35.197.249.125 Google LLC
General Check archive.org Show headers Download Go to Full URL https://thedefenceworks.com/wp-content/plugins/wp-simple-pay-pro-3/assets/css/jquery-ui-cupertino.min.css?ver=3.6.5 Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.197.249.125 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 125.249.197.35.bc.googleusercontent.com Software nginx / Resource Hash d7517c914e3eaa81b702d32aa7a617948cde245775289eefd26eb3760b3a1b20 Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT content-encoding gzip last-modified Tue, 19 Nov 2019 11:21:06 GMT server nginx access-control-allow-origin * etag W/"5dd3d022-7b22" vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type text/css status 200 cache-control public, max-age=31536000
GET H2	200	public-pro.min.css thedefenceworks.com/wp-content/plugins/wp-simple-pay-pro-3/assets/css/	40 KB 4 KB	35ms 33ms	Stylesheet text/css	35.197.249.125 Google LLC
General Check archive.org Show headers Download Go to Full URL https://thedefenceworks.com/wp-content/plugins/wp-simple-pay-pro-3/assets/css/public-pro.min.css?ver=3.6.5 Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.197.249.125 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 125.249.197.35.bc.googleusercontent.com Software nginx / Resource Hash da1698debdd882a138659eba4cb986fa81352698ff2460a36412234ba32cdd16 Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT content-encoding gzip last-modified Tue, 19 Nov 2019 11:21:06 GMT server nginx access-control-allow-origin * etag W/"5dd3d022-a0d3" vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type text/css status 200 cache-control public, max-age=31536000
GET H2	200	app.css thedefenceworks.com/wp-content/themes/tdw/dist/assets/css/	221 KB 34 KB	36ms 33ms	Stylesheet text/css	35.197.249.125 Google LLC
General Check archive.org Show headers Download Go to Full URL https://thedefenceworks.com/wp-content/themes/tdw/dist/assets/css/app.css?ver=2.10.4 Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.197.249.125 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 125.249.197.35.bc.googleusercontent.com Software nginx / Resource Hash ea821931052f2177bfb611041ec4a4bb0fec8ec205371b8e2631391d89adb84a Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT content-encoding gzip last-modified Fri, 25 Oct 2019 03:08:48 GMT server nginx access-control-allow-origin * etag W/"5db26740-37469" vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type text/css status 200 cache-control public, max-age=31536000
GET H2	200	addtoany.min.css thedefenceworks.com/wp-content/plugins/add-to-any/	1 KB 691 B	36ms 34ms	Stylesheet text/css	35.197.249.125 Google LLC
General Check archive.org Show headers Download Go to Full URL https://thedefenceworks.com/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.15 Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.197.249.125 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 125.249.197.35.bc.googleusercontent.com Software nginx / Resource Hash a94558535ca72995a47883885d6fdfdee113dcbb8e937e88196f25cb181c72b2 Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT content-encoding gzip last-modified Fri, 08 Nov 2019 10:13:05 GMT server nginx access-control-allow-origin * etag W/"5dc53fb1-5b7" vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type text/css status 200 cache-control public, max-age=31536000
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.2.1/	85 KB 30 KB	9ms 7ms	Script text/javascript	2a00:1450:4001:814::200a Google LLC
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js?ver=3.2.1 Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 21 Nov 2019 23:18:24 GMT content-encoding gzip x-content-type-options nosniff age 1091553 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 30306 x-xss-protection 0 last-modified Fri, 24 Mar 2017 20:55:54 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Fri, 20 Nov 2020 23:18:24 GMT
GET H2	200	addtoany.min.js Show response thedefenceworks.com/wp-content/plugins/add-to-any/	129 B 339 B	37ms 35ms	Script application/javascript	35.197.249.125 Google LLC
General Check archive.org Show headers Download Go to Full URL https://thedefenceworks.com/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1 Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.197.249.125 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 125.249.197.35.bc.googleusercontent.com Software nginx / Resource Hash 50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1 Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT last-modified Fri, 08 Nov 2019 10:13:05 GMT server nginx access-control-allow-origin * etag "5dc53fb1-81" vary Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=31536000 accept-ranges bytes content-length 129
GET H2	200	inputsubmit.js Show response thedefenceworks.com/wp-content/plugins/agile-crm-lead-management/js/	137 B 347 B	39ms 38ms	Script application/javascript	35.197.249.125 Google LLC
General Check archive.org Show headers Download Go to Full URL https://thedefenceworks.com/wp-content/plugins/agile-crm-lead-management/js/inputsubmit.js?ver=5.2.4 Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.197.249.125 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 125.249.197.35.bc.googleusercontent.com Software nginx / Resource Hash f50bb422406739a222564ab896fc8e60f69e636fe2f9182e11f883b6ede270c0 Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT last-modified Fri, 25 Oct 2019 03:08:49 GMT server nginx access-control-allow-origin * etag "5db26741-89" vary Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=31536000 accept-ranges bytes content-length 137
GET H2	200	svgs-inline-min.js Show response thedefenceworks.com/wp-content/plugins/svg-support/js/min/	1 KB 795 B	42ms 40ms	Script application/javascript	35.197.249.125 Google LLC
General Check archive.org Show headers Download Go to Full URL https://thedefenceworks.com/wp-content/plugins/svg-support/js/min/svgs-inline-min.js?ver=1.0.0 Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.197.249.125 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 125.249.197.35.bc.googleusercontent.com Software nginx / Resource Hash f5e0d4e432c51d6b82047befba23bfd5597790b88cbcdfe1ec21dee7195e8399 Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT content-encoding gzip last-modified Fri, 25 Oct 2019 03:08:48 GMT server nginx access-control-allow-origin * etag W/"5db26740-493" vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=31536000
GET H2	200	custom-ajax.js Show response thedefenceworks.com/wp-content/themes/tdw/dist/assets/js/	971 B 656 B	25ms 24ms	Script application/javascript	35.197.249.125 Google LLC
General Check archive.org Show headers Download Go to Full URL https://thedefenceworks.com/wp-content/themes/tdw/dist/assets/js/custom-ajax.js?ver=5.2.4 Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.197.249.125 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 125.249.197.35.bc.googleusercontent.com Software nginx / Resource Hash e913a33a8c40746a9e95d0cdee894233e86c40f85bc31ded472dd9b5949c2bfc Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT content-encoding gzip last-modified Fri, 25 Oct 2019 03:08:48 GMT server nginx access-control-allow-origin * etag W/"5db26740-3cb" vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=31536000
GET H2	200	slick.min.js Show response thedefenceworks.com/wp-content/themes/tdw/dist/assets/js/	42 KB 11 KB	31ms 29ms	Script application/javascript	35.197.249.125 Google LLC
General Check archive.org Show headers Download Go to Full URL https://thedefenceworks.com/wp-content/themes/tdw/dist/assets/js/slick.min.js?ver=5.2.4 Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.197.249.125 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 125.249.197.35.bc.googleusercontent.com Software nginx / Resource Hash 0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740 Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT content-encoding gzip last-modified Fri, 25 Oct 2019 03:08:48 GMT server nginx access-control-allow-origin * etag W/"5db26740-a76f" vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=31536000
GET H2	200	css fonts.googleapis.com/	3 KB 494 B	17ms 16ms	Stylesheet text/css	2a00:1450:4001:800::200a Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Raleway:400,500,700,800 Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software ESF / Resource Hash c5abfe7a2b38a6eeb5e045c7d2563ec64a66d1e999b8061e831f97bdb85d57dd Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Wed, 04 Dec 2019 14:30:57 GMT server ESF access-control-allow-origin * date Wed, 04 Dec 2019 14:30:57 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin x-xss-protection 0 expires Wed, 04 Dec 2019 14:30:57 GMT
GET H2	200	ied3wgy.css use.typekit.net/	2 KB 827 B	145ms 126ms	Stylesheet text/css	104.109.64.186 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/ied3wgy.css Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.109.64.186 , Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a104-109-64-186.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 7cfe5379746a3da6805bf81f679f397d3ba1bc8abdafb92953c4273ab5f65cdb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; content-encoding gzip server nginx access-control-allow-origin * date Wed, 04 Dec 2019 14:30:57 GMT vary Accept-Encoding content-type text/css;charset=utf-8 status 200 cache-control private, max-age=600, stale-while-revalidate=604800 timing-allow-origin * content-length 627
GET H2	200	all.css use.fontawesome.com/releases/v5.1.0/css/	45 KB 11 KB	27ms 26ms	Stylesheet text/css	23.111.9.35 Highwinds Network...
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v5.1.0/css/all.css Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Origin https://thedefenceworks.com Response headers date Wed, 04 Dec 2019 14:30:57 GMT content-encoding gzip last-modified Wed, 20 Jun 2018 20:19:16 GMT server NetDNA-cache/2.2 access-control-allow-origin * etag W/"826c57385f3d35cfed5478ba7b1f5c03" vary Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding access-control-allow-methods GET content-type text/css status 200 access-control-max-age 3000 cache-control max-age=31556926 x-cache HIT
GET H2	200	circle-top-offset.svg thedefenceworks.com/wp-content/themes/tdw/dist/assets/images/	177 B 382 B	31ms 30ms	Image image/svg+xml	35.197.249.125 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://thedefenceworks.com/wp-content/themes/tdw/dist/assets/images/circle-top-offset.svg Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.197.249.125 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 125.249.197.35.bc.googleusercontent.com Software nginx / Resource Hash 8792ad1783c3967a09f6bd07f9317ce156a9323c78100a9c2d5c11eec118b4c5 Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT last-modified Fri, 25 Oct 2019 03:08:48 GMT server nginx access-control-allow-origin * etag "5db26740-b1" vary Accept-Encoding content-type image/svg+xml status 200 cache-control public, max-age=31536000 accept-ranges bytes content-length 177
GET H2	200	Pasted-File-at-January-25-2019-9_21-AM-640x498.png thedefenceworks.com/wp-content/uploads/2019/01/	179 KB 179 KB	38ms 36ms	Image image/png	35.197.249.125 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://thedefenceworks.com/wp-content/uploads/2019/01/Pasted-File-at-January-25-2019-9_21-AM-640x498.png Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.197.249.125 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 125.249.197.35.bc.googleusercontent.com Software nginx / Resource Hash 9bfa12156ccca637ad529d48614616937ac6916d82f32f5d804360085c51d911 Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT last-modified Fri, 25 Oct 2019 03:08:47 GMT server nginx access-control-allow-origin * etag "5db2673f-2cb7e" vary Accept-Encoding content-type image/png status 200 cache-control public, max-age=31536000 accept-ranges bytes content-length 183166
GET H2	200	circle-top-large.svg thedefenceworks.com/wp-content/themes/tdw/dist/assets/images/	169 B 374 B	42ms 40ms	Image image/svg+xml	35.197.249.125 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://thedefenceworks.com/wp-content/themes/tdw/dist/assets/images/circle-top-large.svg Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.197.249.125 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 125.249.197.35.bc.googleusercontent.com Software nginx / Resource Hash 219f356cdf49ae5d1401052de7344b5c3a70f490ebed6e381bd345409dea0ec4 Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT last-modified Fri, 25 Oct 2019 03:08:48 GMT server nginx access-control-allow-origin * etag "5db26740-a9" vary Accept-Encoding content-type image/svg+xml status 200 cache-control public, max-age=31536000 accept-ranges bytes content-length 169
GET H2	200	circle-top.svg thedefenceworks.com/wp-content/themes/tdw/dist/assets/images/	172 B 377 B	43ms 41ms	Image image/svg+xml	35.197.249.125 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://thedefenceworks.com/wp-content/themes/tdw/dist/assets/images/circle-top.svg Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.197.249.125 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 125.249.197.35.bc.googleusercontent.com Software nginx / Resource Hash 4cc61ef7dfdc13fb676fc0f92af0e3e1f9f5d5d3c4217f2965cb61c7d7465f60 Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT last-modified Fri, 25 Oct 2019 03:08:48 GMT server nginx access-control-allow-origin * etag "5db26740-ac" vary Accept-Encoding content-type image/svg+xml status 200 cache-control public, max-age=31536000 accept-ranges bytes content-length 172
GET H2	200	tdw-office-against-the-world.svg thedefenceworks.com/wp-content/uploads/2018/11/	184 KB 62 KB	49ms 47ms	Image image/svg+xml	35.197.249.125 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://thedefenceworks.com/wp-content/uploads/2018/11/tdw-office-against-the-world.svg Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.197.249.125 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 125.249.197.35.bc.googleusercontent.com Software nginx / Resource Hash 58b7fbcdc71601dc4730f3dd2c53f94b521320fb547f0b76e2e74cc98e4b604b Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT content-encoding gzip last-modified Fri, 25 Oct 2019 03:08:48 GMT server nginx access-control-allow-origin * etag W/"5db26740-2e041" vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type image/svg+xml status 200 cache-control public, max-age=31536000
GET H2	404	the-defence-works-gartner-peer-insights-badge-300x94.png thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/wp-content/uploads/2018/11/	564 B 564 B	49ms 47ms	Image text/html	35.197.249.125 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/wp-content/uploads/2018/11/the-defence-works-gartner-peer-insights-badge-300x94.png Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.197.249.125 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 125.249.197.35.bc.googleusercontent.com Software nginx / Resource Hash 0b52c5338af355699530a47683420e48c7344e779d3e815ff9943cbfdc153cf2 Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 404 date Wed, 04 Dec 2019 14:30:57 GMT content-encoding gzip server nginx vary Accept-Encoding, Accept-Encoding content-type text/html
GET H2	200	the-defence-works-cyber-essentials-300x253.png thedefenceworks.com/wp-content/uploads/2019/10/	13 KB 14 KB	49ms 47ms	Image image/png	35.197.249.125 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://thedefenceworks.com/wp-content/uploads/2019/10/the-defence-works-cyber-essentials-300x253.png Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.197.249.125 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 125.249.197.35.bc.googleusercontent.com Software nginx / Resource Hash 32d7b5cb868d657eed536a00eb932fd8af6b87f1b8f5f3901b441b1c25bc0402 Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT last-modified Fri, 25 Oct 2019 03:08:45 GMT server nginx access-control-allow-origin * etag "5db2673d-3540" vary Accept-Encoding content-type image/png status 200 cache-control public, max-age=31536000 accept-ranges bytes content-length 13632
GET H2	200	the-defence-works-cyber-essentials-plus-300x253.png thedefenceworks.com/wp-content/uploads/2019/10/	16 KB 16 KB	49ms 48ms	Image image/png	35.197.249.125 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://thedefenceworks.com/wp-content/uploads/2019/10/the-defence-works-cyber-essentials-plus-300x253.png Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.197.249.125 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 125.249.197.35.bc.googleusercontent.com Software nginx / Resource Hash 63c6253249ede123510d2f5a33ab3c99abd795bbd033cc38f20b8c10d763e9da Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT last-modified Fri, 25 Oct 2019 03:08:45 GMT server nginx access-control-allow-origin * etag "5db2673d-3eb3" vary Accept-Encoding content-type image/png status 200 cache-control public, max-age=31536000 accept-ranges bytes content-length 16051
GET H2	200	The-defence-works-partner-crown-commerical-service-supplier.png thedefenceworks.com/wp-content/uploads/2019/11/	29 KB 29 KB	50ms 48ms	Image image/png	35.197.249.125 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://thedefenceworks.com/wp-content/uploads/2019/11/The-defence-works-partner-crown-commerical-service-supplier.png Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.197.249.125 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 125.249.197.35.bc.googleusercontent.com Software nginx / Resource Hash d2ab130d8b839cc668e2757ba300474e4e3039a568c1e5ae220dfe1da1b879a2 Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT last-modified Fri, 08 Nov 2019 10:48:10 GMT server nginx access-control-allow-origin * etag "5dc547ea-7465" vary Accept-Encoding content-type image/png status 200 cache-control public, max-age=31536000 accept-ranges bytes content-length 29797
GET H2	200	the-defence-works-cassi-logomark.svg thedefenceworks.com/wp-content/themes/tdw/dist/assets/images/	342 B 461 B	50ms 48ms	Image image/svg+xml	35.197.249.125 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://thedefenceworks.com/wp-content/themes/tdw/dist/assets/images/the-defence-works-cassi-logomark.svg Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.197.249.125 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 125.249.197.35.bc.googleusercontent.com Software nginx / Resource Hash 1a6c31ef439ccc11247ab80c107b858be7839cb557a39d6f1ade22c331263b99 Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT content-encoding gzip last-modified Fri, 25 Oct 2019 03:08:48 GMT server nginx access-control-allow-origin * etag W/"5db26740-156" vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type image/svg+xml status 200 cache-control public, max-age=31536000
GET H2	200	uk-cookie-consent-js.js Show response thedefenceworks.com/wp-content/plugins/uk-cookie-consent/assets/js/	2 KB 903 B	54ms 49ms	Script application/javascript	35.197.249.125 Google LLC
General Check archive.org Show headers Download Go to Full URL https://thedefenceworks.com/wp-content/plugins/uk-cookie-consent/assets/js/uk-cookie-consent-js.js?ver=2.3.0 Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.197.249.125 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 125.249.197.35.bc.googleusercontent.com Software nginx / Resource Hash 2e52aa532594524ce54ab7f748eb9828e2285b705ba1da5fe5b4c0f4ada6ce1a Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT content-encoding gzip last-modified Tue, 19 Nov 2019 11:20:55 GMT server nginx access-control-allow-origin * etag W/"5dd3d017-62d" vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=31536000
GET H2	200	/ Show response js.stripe.com/v3/	152 KB 40 KB	9ms 8ms	Script application/javascript	151.101.12.176 Fastly
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/ Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software AmazonS3 / Resource Hash 283592a794e3a1c142c5610f1c1dfe161362bc0b8e6e10c9fdeba81c2c93b536 Security Headers Name Value Content-Security-Policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self'; Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT content-encoding gzip content-type application/javascript; charset=utf-8 age 11 x-cache HIT status 200 strict-transport-security max-age=31556926; includeSubDomains; preload content-length 40170 x-amz-id-2 0HKYq1IOvLho73Q45ugH5ejY9IQfKqEnet1yh1cOdCFEo0eHcVklKFQQkJooyFTrqqqj4upMjFw= x-served-by cache-fra19161-FRA last-modified Tue, 03 Dec 2019 23:38:07 GMT server AmazonS3 x-timer S1575469857.378632,VS0,VE0 etag "02f85cfc720ea5132c3bdd9a955c7429" vary Accept-Encoding x-amz-request-id EB66AC68052719E4 via 1.1 varnish cache-control public, max-age=300 content-security-policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self'; accept-ranges bytes timing-allow-origin * x-cache-hits 11
GET H2	200	accounting.min.js Show response thedefenceworks.com/wp-content/plugins/wp-simple-pay-pro-3/assets/js/vendor/	3 KB 2 KB	39ms 38ms	Script application/javascript	35.197.249.125 Google LLC
General Check archive.org Show headers Download Go to Full URL https://thedefenceworks.com/wp-content/plugins/wp-simple-pay-pro-3/assets/js/vendor/accounting.min.js?ver=3.6.5 Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.197.249.125 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 125.249.197.35.bc.googleusercontent.com Software nginx / Resource Hash de4945bf8c32247c3570f1945b4af05f3efb440b46c93c18d2f428ae9162c8ea Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT content-encoding gzip last-modified Tue, 19 Nov 2019 11:21:06 GMT server nginx access-control-allow-origin * etag W/"5dd3d022-c4f" vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=31536000
GET H2	200	shared.min.js Show response thedefenceworks.com/wp-content/plugins/wp-simple-pay-pro-3/assets/js/	2 KB 989 B	26ms 18ms	Script application/javascript	35.197.249.125 Google LLC
General Check archive.org Show headers Download Go to Full URL https://thedefenceworks.com/wp-content/plugins/wp-simple-pay-pro-3/assets/js/shared.min.js?ver=3.6.5 Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.197.249.125 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 125.249.197.35.bc.googleusercontent.com Software nginx / Resource Hash 4bdaef621f96ceaad238ae40b662c6714b76615878ff32d1331e727f4ee396ec Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT content-encoding gzip last-modified Tue, 19 Nov 2019 11:21:06 GMT server nginx access-control-allow-origin * etag W/"5dd3d022-627" vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=31536000
GET H2	200	underscore.min.js Show response thedefenceworks.com/wp-includes/js/	16 KB 6 KB	35ms 35ms	Script application/javascript	35.197.249.125 Google LLC
General Check archive.org Show headers Download Go to Full URL https://thedefenceworks.com/wp-includes/js/underscore.min.js?ver=1.8.3 Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.197.249.125 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 125.249.197.35.bc.googleusercontent.com Software nginx / Resource Hash ede1815b17e451c16258034bcf89a7957256c67884aefffefbb97020770fdc06 Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT content-encoding gzip last-modified Thu, 10 Jan 2019 01:39:50 GMT server nginx access-control-allow-origin * etag W/"5c36a266-3f38" vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=31536000
GET H2	200	backbone.min.js Show response thedefenceworks.com/wp-includes/js/	22 KB 8 KB	20ms 17ms	Script application/javascript	35.197.249.125 Google LLC
General Check archive.org Show headers Download Go to Full URL https://thedefenceworks.com/wp-includes/js/backbone.min.js?ver=1.2.3 Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.197.249.125 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 125.249.197.35.bc.googleusercontent.com Software nginx / Resource Hash d1b4ad20017b52fa7d71856374122c44dc54e4a6aadc2a63f2f45f62cf244adc Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT content-encoding gzip last-modified Wed, 23 May 2018 10:05:31 GMT server nginx access-control-allow-origin * etag W/"5b053ceb-57c2" vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=31536000
GET H2	200	api-request.min.js Show response thedefenceworks.com/wp-includes/js/	771 B 690 B	23ms 20ms	Script application/javascript	35.197.249.125 Google LLC
General Check archive.org Show headers Download Go to Full URL https://thedefenceworks.com/wp-includes/js/api-request.min.js?ver=5.2.4 Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.197.249.125 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 125.249.197.35.bc.googleusercontent.com Software nginx / Resource Hash b5fb36601292e67e640378a8fb54effe16945559858910d4b6b771a2666a2e00 Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT content-encoding gzip last-modified Mon, 09 Apr 2018 13:10:31 GMT server nginx access-control-allow-origin * etag W/"5acb6647-303" vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=31536000
GET H2	200	wp-api.min.js Show response thedefenceworks.com/wp-includes/js/	14 KB 4 KB	31ms 28ms	Script application/javascript	35.197.249.125 Google LLC
General Check archive.org Show headers Download Go to Full URL https://thedefenceworks.com/wp-includes/js/wp-api.min.js?ver=5.2.4 Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.197.249.125 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 125.249.197.35.bc.googleusercontent.com Software nginx / Resource Hash 8eee3a7a8051fa72df3a50680c86c633ab465cfc6666aaf042a969f7bef8f858 Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT content-encoding gzip last-modified Sat, 11 Aug 2018 18:51:24 GMT server nginx access-control-allow-origin * etag W/"5b6f302c-3962" vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=31536000
GET H2	200	public.min.js Show response thedefenceworks.com/wp-content/plugins/wp-simple-pay-pro-3/assets/js/	24 KB 8 KB	32ms 29ms	Script application/javascript	35.197.249.125 Google LLC
General Check archive.org Show headers Download Go to Full URL https://thedefenceworks.com/wp-content/plugins/wp-simple-pay-pro-3/assets/js/public.min.js?ver=3.6.5 Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.197.249.125 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 125.249.197.35.bc.googleusercontent.com Software nginx / Resource Hash 6041e6adb6b9d79a3ecb3dd1c8322d70de0b7e5a82ddf47648e2812b7f58fbe4 Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT content-encoding gzip last-modified Tue, 19 Nov 2019 11:21:06 GMT server nginx access-control-allow-origin * etag W/"5dd3d022-5e63" vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=31536000
GET H2	200	core.min.js Show response thedefenceworks.com/wp-includes/js/jquery/ui/	4 KB 2 KB	33ms 30ms	Script application/javascript	35.197.249.125 Google LLC
General Check archive.org Show headers Download Go to Full URL https://thedefenceworks.com/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4 Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.197.249.125 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 125.249.197.35.bc.googleusercontent.com Software nginx / Resource Hash 936567bc744e199e02bfc3c33fe2bc9c862999e0d479e2a694aa7485460a3960 Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT content-encoding gzip last-modified Thu, 03 Nov 2016 05:40:34 GMT server nginx access-control-allow-origin * etag W/"581acdd2-fa0" vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=31536000
GET H2	200	datepicker.min.js Show response thedefenceworks.com/wp-includes/js/jquery/ui/	36 KB 11 KB	34ms 31ms	Script application/javascript	35.197.249.125 Google LLC
General Check archive.org Show headers Download Go to Full URL https://thedefenceworks.com/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.11.4 Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.197.249.125 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 125.249.197.35.bc.googleusercontent.com Software nginx / Resource Hash fe5d09013cdf89dd17c511c908bee2628e4c0f9b4550f802fdb1fd5086999c8d Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT content-encoding gzip last-modified Thu, 03 Nov 2016 05:40:34 GMT server nginx access-control-allow-origin * etag W/"581acdd2-8e9c" vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=31536000
GET H2	200	public-pro.min.js Show response thedefenceworks.com/wp-content/plugins/wp-simple-pay-pro-3/assets/js/	48 KB 15 KB	34ms 31ms	Script application/javascript	35.197.249.125 Google LLC
General Check archive.org Show headers Download Go to Full URL https://thedefenceworks.com/wp-content/plugins/wp-simple-pay-pro-3/assets/js/public-pro.min.js?ver=3.6.5 Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.197.249.125 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 125.249.197.35.bc.googleusercontent.com Software nginx / Resource Hash 0b28c54efa88d28eedd7b73da459623db57cdb1e1a46273cfd6ca3c840290716 Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT content-encoding gzip last-modified Tue, 19 Nov 2019 11:21:06 GMT server nginx access-control-allow-origin * etag W/"5dd3d022-c139" vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=31536000
GET H2	200	app.js Show response thedefenceworks.com/wp-content/themes/tdw/dist/assets/js/	168 KB 36 KB	35ms 33ms	Script application/javascript	35.197.249.125 Google LLC
General Check archive.org Show headers Download Go to Full URL https://thedefenceworks.com/wp-content/themes/tdw/dist/assets/js/app.js?ver=2.10.4 Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.197.249.125 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 125.249.197.35.bc.googleusercontent.com Software nginx / Resource Hash c347e57664de5f6c5ed936ec1c16c300139b8596e57d8c51b54c420daa7ad5f3 Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT content-encoding gzip last-modified Fri, 25 Oct 2019 03:08:48 GMT server nginx access-control-allow-origin * etag W/"5db26740-29e4e" vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=31536000
GET H2	200	comment-reply.min.js Show response thedefenceworks.com/wp-includes/js/	2 KB 1 KB	31ms 29ms	Script application/javascript	35.197.249.125 Google LLC
General Check archive.org Show headers Download Go to Full URL https://thedefenceworks.com/wp-includes/js/comment-reply.min.js?ver=5.2.4 Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.197.249.125 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 125.249.197.35.bc.googleusercontent.com Software nginx / Resource Hash 31cb76c05cbf5d71466f93078e8ba0f6e39cd92d0acc86d385b8cf2899963695 Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT content-encoding gzip last-modified Tue, 05 Mar 2019 01:52:51 GMT server nginx access-control-allow-origin * etag W/"5c7dd673-8ba" vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=31536000
GET H2	200	new-tab.js Show response thedefenceworks.com/wp-content/plugins/page-links-to/dist/	1 KB 879 B	31ms 28ms	Script application/javascript	35.197.249.125 Google LLC
General Check archive.org Show headers Download Go to Full URL https://thedefenceworks.com/wp-content/plugins/page-links-to/dist/new-tab.js?ver=3.2.1 Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.197.249.125 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 125.249.197.35.bc.googleusercontent.com Software nginx / Resource Hash 94a3acbabd08cec6c15bfb3596f63945ea34547d16495ac5dda42f002b0f5154 Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT content-encoding gzip last-modified Tue, 19 Nov 2019 11:20:57 GMT server nginx access-control-allow-origin * etag W/"5dd3d019-524" vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=31536000
GET H2	200	wp-embed.min.js Show response thedefenceworks.com/wp-includes/js/	1 KB 992 B	32ms 30ms	Script application/javascript	35.197.249.125 Google LLC
General Check archive.org Show headers Download Go to Full URL https://thedefenceworks.com/wp-includes/js/wp-embed.min.js?ver=5.2.4 Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.197.249.125 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 125.249.197.35.bc.googleusercontent.com Software nginx / Resource Hash 2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7 Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT content-encoding gzip last-modified Thu, 30 Aug 2018 12:40:26 GMT server nginx access-control-allow-origin * etag W/"5b87e5ba-57b" vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=31536000
GET H/1.1	200 OK	agile-cloud.js Show response d1gwclp1pmzk26.cloudfront.net/agile/	706 B 972 B	10ms 8ms	Script application/x-javascript	143.204.98.153 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://d1gwclp1pmzk26.cloudfront.net/agile/agile-cloud.js?ver=5.2.4 Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.98.153 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-143-204-98-153.fra50.r.cloudfront.net Software nginx/1.2.4 / Resource Hash 77659a8f46f482d83b81c2789cc9bf8c094a94f5b954940b7e3711505e6c707d Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 03 Dec 2019 00:32:09 GMT Content-Encoding gzip Last-Modified Tue, 31 Oct 2017 11:09:09 GMT Server nginx/1.2.4 Age 136728 Vary Accept-Encoding X-Cache Hit from cloudfront Content-Type application/x-javascript Via 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront) Cache-Control max-age=2592000, public Transfer-Encoding chunked X-Amz-Cf-Pop FRA50-C1 Connection keep-alive X-Amz-Cf-Id SN33g438XoKJ5xc2i6Cpkn7Cb8AtB2773nrAVnHWjGu046p3LRTz8A== Expires Thu, 19 Dec 2019 00:06:48 GMT
GET H2	200	bat.js Show response bat.bing.com/	23 KB 7 KB	129ms 128ms	Script application/javascript	2620:1ec:c11::200 Microsoft Corpora...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US), Reverse DNS Software / Resource Hash b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721 Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT content-encoding gzip last-modified Tue, 10 Sep 2019 18:57:28 GMT x-msedge-ref Ref A: D833B20676374C58BCD11B24756D5CF9 Ref B: VIEEDGE0317 Ref C: 2019-12-04T14:30:57Z access-control-allow-origin * etag "09c5197968d51:0" vary Accept-Encoding content-type application/javascript status 200 cache-control private,max-age=1800 accept-ranges bytes content-length 7148
GET H/1.1	200 OK	agile-form-min.css d1gwclp1pmzk26.cloudfront.net/agile/forms/v1/	56 KB 9 KB	53ms 13ms	Stylesheet text/css	143.204.98.153 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://d1gwclp1pmzk26.cloudfront.net/agile/forms/v1/agile-form-min.css Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.98.153 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-143-204-98-153.fra50.r.cloudfront.net Software nginx/1.2.4 / Resource Hash 02f58e0f947f082dc5fd1667d58acb9cc22e48f4ea303ae4a7b43c1410a053a9 Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 02 Jun 2019 00:12:50 GMT Content-Encoding gzip Last-Modified Mon, 25 Sep 2017 10:46:03 GMT Server nginx/1.2.4 Age 2372932 Vary Accept-Encoding X-Cache Hit from cloudfront Content-Type text/css Via 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront) Cache-Control max-age=2592000, public Transfer-Encoding chunked X-Amz-Cf-Pop FRA50-C1 Connection keep-alive X-Amz-Cf-Id gYMsopCJLxeSaB1BVaRE7A3AMXs84E3pzAvs3Uxi_TxuUpmuBF5ZXQ== Expires Tue, 02 Jul 2019 00:12:50 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	43 KB 17 KB	7ms 5ms	Script text/javascript	2a00:1450:4001:808::200e Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-78958244-2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Golfe2 / Resource Hash dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Mon, 19 Aug 2019 17:22:41 GMT server Golfe2 age 7040 date Wed, 04 Dec 2019 12:33:37 GMT vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=7200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 17803 expires Wed, 04 Dec 2019 14:33:37 GMT
GET H2	200	page.js Show response static.addtoany.com/menu/	79 KB 26 KB	73ms 27ms	Script application/javascript	2606:4700:10::6814:6e27 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://static.addtoany.com/menu/page.js Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:6e27 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash c364200214146a3472c5bda921358178d782760c33320dca356cfeab4353b0e2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT via e5s x-content-type-options nosniff cf-cache-status HIT age 48589 p3p CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT" status 200 strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br last-modified Fri, 08 Nov 2019 00:59:54 GMT server cloudflare etag W/"13d09-596cb4ccb962f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control public, max-age=172800 cf-ray 53fe7b3179d9cbac-VIE cf-bgj minify
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	121 KB 26 KB	7ms 6ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 Facebook
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash 71b52274b1b43661e6523b2774c9fa98a673e1861703bea5f32d75a32a850394 Security Headers Name Value Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff status 200 alt-svc h3-23=":443"; ma=3600 content-length 26702 x-xss-protection 0 pragma public x-fb-debug s/OJ79jKBGYm1rr3WJxvXNv29dFw4dzdpxJFkjVA/8UiZ/EZWkPFX1Z0f4jhHGH5J4/aQmxyx4oSyr+JaYo42w== x-fb-trip-id 420120009 date Wed, 04 Dec 2019 14:30:57 GMT x-frame-options DENY content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 content-security-policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	logo-yellow.svg thedefenceworks.com/wp-content/themes/tdw/dist/assets/images/	4 KB 2 KB	35ms 22ms	Image image/svg+xml	35.197.249.125 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://thedefenceworks.com/wp-content/themes/tdw/dist/assets/images/logo-yellow.svg Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.197.249.125 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 125.249.197.35.bc.googleusercontent.com Software nginx / Resource Hash 2577f6e859176b638289ffa4b8043d8d114cbf3fda49b09025a40636d1fefdbc Request headers Referer https://thedefenceworks.com/wp-content/themes/tdw/dist/assets/css/app.css?ver=2.10.4 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT content-encoding gzip last-modified Fri, 25 Oct 2019 03:08:48 GMT server nginx access-control-allow-origin * etag W/"5db26740-e6b" vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type image/svg+xml status 200 cache-control public, max-age=31536000
GET H2	200	tdw-right-white.svg thedefenceworks.com/wp-content/themes/tdw/dist/assets/images/	211 B 416 B	35ms 22ms	Image image/svg+xml	35.197.249.125 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://thedefenceworks.com/wp-content/themes/tdw/dist/assets/images/tdw-right-white.svg Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.197.249.125 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 125.249.197.35.bc.googleusercontent.com Software nginx / Resource Hash 5fca7e075a8c16fa4fe9a7929ff1665d8003bde9a345b75e7eef9e2005f42304 Request headers Referer https://thedefenceworks.com/wp-content/themes/tdw/dist/assets/css/app.css?ver=2.10.4 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT last-modified Fri, 25 Oct 2019 03:08:48 GMT server nginx access-control-allow-origin * etag "5db26740-d3" vary Accept-Encoding content-type image/svg+xml status 200 cache-control public, max-age=31536000 accept-ranges bytes content-length 211
GET H2	200	tdw-back-to-top.svg thedefenceworks.com/wp-content/themes/tdw/dist/assets/images/	209 B 414 B	43ms 31ms	Image image/svg+xml	35.197.249.125 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://thedefenceworks.com/wp-content/themes/tdw/dist/assets/images/tdw-back-to-top.svg Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.197.249.125 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 125.249.197.35.bc.googleusercontent.com Software nginx / Resource Hash 4fe9491440f91ef7b8f995ca24ff144b43e1a635c68bf7da4770d66105197b7e Request headers Referer https://thedefenceworks.com/wp-content/themes/tdw/dist/assets/css/app.css?ver=2.10.4 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT last-modified Fri, 25 Oct 2019 03:08:48 GMT server nginx access-control-allow-origin * etag "5db26740-d1" vary Accept-Encoding content-type image/svg+xml status 200 cache-control public, max-age=31536000 accept-ranges bytes content-length 209
GET H2	200	1Ptrg8zYS_SKggPNwJYtWqZPANqczVs.woff2 fonts.gstatic.com/s/raleway/v14/	13 KB 13 KB	19ms 6ms	Font font/woff2	2a00:1450:4001:81f::2003 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/raleway/v14/1Ptrg8zYS_SKggPNwJYtWqZPANqczVs.woff2 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 5c1dde4cdc5c608da53737233f02219a7421ab6870d5d90bc0b7b294d571942c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Raleway:400,500,700,800 Origin https://thedefenceworks.com Response headers date Thu, 21 Nov 2019 23:44:39 GMT x-content-type-options nosniff last-modified Tue, 23 Jul 2019 03:47:42 GMT server sffe age 1089978 content-type font/woff2 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-origin * content-length 13228 x-xss-protection 0 expires Fri, 20 Nov 2020 23:44:39 GMT
GET H2	200	1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2 fonts.gstatic.com/s/raleway/v14/	13 KB 13 KB	18ms 6ms	Font font/woff2	2a00:1450:4001:81f::2003 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/raleway/v14/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 7e347b66fb1145f780600551e06778b33ecaca5c45897ac90eb96eb4b6afd082 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Raleway:400,500,700,800 Origin https://thedefenceworks.com Response headers date Wed, 20 Nov 2019 23:39:44 GMT x-content-type-options nosniff last-modified Tue, 23 Jul 2019 03:48:04 GMT server sffe age 1176673 content-type font/woff2 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-origin * content-length 13428 x-xss-protection 0 expires Thu, 19 Nov 2020 23:39:44 GMT
GET H2	200	1Ptrg8zYS_SKggPNwN4rWqZPANqczVs.woff2 fonts.gstatic.com/s/raleway/v14/	13 KB 14 KB	12ms 9ms	Font font/woff2	2a00:1450:4001:81f::2003 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/raleway/v14/1Ptrg8zYS_SKggPNwN4rWqZPANqczVs.woff2 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 046fa5c62e3b17b46ea2f8c601465dacfd5c153aee7a71754a9be582de74a385 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Raleway:400,500,700,800 Origin https://thedefenceworks.com Response headers date Wed, 20 Nov 2019 01:17:31 GMT x-content-type-options nosniff last-modified Tue, 23 Jul 2019 03:47:47 GMT server sffe age 1257206 content-type font/woff2 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-origin * content-length 13752 x-xss-protection 0 expires Thu, 19 Nov 2020 01:17:31 GMT
GET H/1.1	200 OK	CWB0XYA8bzo0kSThX0UTuA.woff2 agilecrm.s3.amazonaws.com/forms/woff/	14 KB 15 KB	563ms 299ms	Font application/x-unknown-content-type	52.216.137.244 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://agilecrm.s3.amazonaws.com/forms/woff/CWB0XYA8bzo0kSThX0UTuA.woff2 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.216.137.244 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS s3-1-w.amazonaws.com Software AmazonS3 / Resource Hash f7bbc8461b2f4cc870743729ee5d44ce0466ca67618f89a8942b655f8a644e68 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://d1gwclp1pmzk26.cloudfront.net/agile/forms/v1/agile-form-min.css Origin https://thedefenceworks.com Response headers Date Wed, 04 Dec 2019 14:30:58 GMT Last-Modified Wed, 01 Mar 2017 13:07:27 GMT Server AmazonS3 x-amz-request-id 1A7F0B7BA52890E3 ETag "7e367be02cd17a96d513ab74846bafb3" Vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method Access-Control-Allow-Methods GET, POST Content-Type application/x-unknown-content-type Access-Control-Allow-Origin * Access-Control-Max-Age 3600 x-amz-meta-s3fox-modifiedtime 1488373536000 Accept-Ranges bytes x-amz-meta-s3fox-filesize 14584 Content-Length 14584 x-amz-id-2 iRcworE57GwiSwmqujY4GdsNzvP2m0u4bwepO8Jf7hFwiASloSnRiVmnYF1rZ7dkCnU5mxUrrAA=
GET H2	200	1Ptrg8zYS_SKggPNwIouWqZPANqczVs.woff2 fonts.gstatic.com/s/raleway/v14/	13 KB 13 KB	9ms 8ms	Font font/woff2	2a00:1450:4001:81f::2003 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/raleway/v14/1Ptrg8zYS_SKggPNwIouWqZPANqczVs.woff2 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 7d1a48d4eaa4b3accebbc72b3c7f2577bf662a409a79c8cc9cc9db6e13bb7b0d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Raleway:400,500,700,800 Origin https://thedefenceworks.com Response headers date Thu, 21 Nov 2019 17:32:33 GMT x-content-type-options nosniff last-modified Tue, 23 Jul 2019 03:47:41 GMT server sffe age 1112304 content-type font/woff2 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-origin * content-length 13132 x-xss-protection 0 expires Fri, 20 Nov 2020 17:32:33 GMT
GET H2	200	fa-brands-400.woff2 use.fontawesome.com/releases/v5.1.0/webfonts/	62 KB 62 KB	6ms 5ms	Font font/woff2	23.111.9.35 Highwinds Network...
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v5.1.0/webfonts/fa-brands-400.woff2 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash 62b5e7ae9e2ed60dcd7cb2e0823dd0884575f2176aff629f2df1e912dfae20e1 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://use.fontawesome.com/releases/v5.1.0/css/all.css Origin https://thedefenceworks.com Response headers date Wed, 04 Dec 2019 14:30:57 GMT last-modified Wed, 20 Jun 2018 20:19:30 GMT server NetDNA-cache/2.2 access-control-allow-origin * etag "f319eac1c755f9929fd856720ce1695e" vary Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding access-control-allow-methods GET content-type font/woff2 status 200 access-control-max-age 3000 cache-control max-age=31556926 x-cache HIT accept-ranges bytes content-length 63376
GET H2	200	ga-audiences www.google.de/ads/ Redirect Chain https://www.google-analytics.com/r/collect?v=1&_v=j79&a=394844803&t=pageview&_s=1&dl=https%3A%2F%2Fthedefenceworks.com%2Fblog%2Fbreaking-scams-phishing-email-attachment-scam%2F&ul=en-us&de=UTF-8&dt... https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-78958244-2&cid=1281928475.1575469858&jid=782080602&_gid=440590329.1575469858&gjid=1810371237&_v=j79&z=1894201399 https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-78958244-2&cid=1281928475.1575469858&jid=782080602&_v=j79&z=1894201399 https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-78958244-2&cid=1281928475.1575469858&jid=782080602&_v=j79&z=1894201399&slf_rd=1&random=3390868180	42 B 109 B	30ms 29ms	Image image/gif	2a00:1450:4001:800::2003 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-78958244-2&cid=1281928475.1575469858&jid=782080602&_v=j79&z=1894201399&slf_rd=1&random=3390868180 Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Wed, 04 Dec 2019 14:30:57 GMT x-content-type-options nosniff content-type image/gif server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, no-store, must-revalidate timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Wed, 04 Dec 2019 14:30:57 GMT x-content-type-options nosniff server cafe timing-allow-origin * location https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-78958244-2&cid=1281928475.1575469858&jid=782080602&_v=j79&z=1894201399&slf_rd=1&random=3390868180 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 302 cache-control no-cache, no-store, must-revalidate content-type text/html; charset=UTF-8 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	p.css p.typekit.net/	5 B 168 B	27ms 25ms	Stylesheet text/css	104.109.64.186 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://p.typekit.net/p.css?s=1&k=ied3wgy&ht=tk&f=15528.15530&a=2988418&app=typekit&e=css Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.109.64.186 , Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a104-109-64-186.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT last-modified Mon, 04 Feb 2019 20:01:41 GMT server nginx access-control-allow-origin * etag "5c589a25-5" content-type text/css status 200 cache-control max-age=604800 accept-ranges bytes content-length 5 expires Wed, 08 May 2019 15:16:03 GMT
GET H2	200	identity.js Show response connect.facebook.net/signals/plugins/	40 KB 10 KB	6ms 6ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 Facebook
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/plugins/identity.js?v=2.9.14 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash 856f9f8f94a07d69cc63101cfbf2396561e41d660b7eeecb6ae7cd2da910f0a2 Security Headers Name Value Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff status 200 alt-svc h3-23=":443"; ma=3600 content-length 10340 x-xss-protection 0 pragma public x-fb-debug zfvmwsAYdDvhQ4KnUmG6R3h+ASeBr7S8rPKM2vCadqlYfrHRn7Cu+KxF99vuDPLLo0paJg7GCtm89ZHLqxTiHA== x-fb-trip-id 420120009 date Wed, 04 Dec 2019 14:30:57 GMT x-frame-options DENY content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 content-security-policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	394717684376068 Show response connect.facebook.net/signals/config/	349 KB 86 KB	51ms 51ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 Facebook
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/394717684376068?v=2.9.14&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash b7098931506e6a00bbb4794aecf44b9c12deedd8d276eca76aacb54c8683ec11 Security Headers Name Value Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff status 200 alt-svc h3-23=":443"; ma=3600 x-xss-protection 0 pragma public x-fb-debug BBmifQPJKSv+1wB0+AI6ZYJmEuvp+vyfVEY8VWEV/ZhPlGOnilnw9n9ZHzYLA63ZIfoItIniKi2vssZB7vrtEg== x-fb-trip-id 420120009 date Wed, 04 Dec 2019 14:30:57 GMT x-frame-options DENY content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 content-security-policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ Show response thedefenceworks.com/wp-json/wp/v2/	72 KB 5 KB	20ms 19ms	XHR application/json	35.197.249.125 Google LLC
General Check archive.org Show headers Download Go to Full URL https://thedefenceworks.com/wp-json/wp/v2/ Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js?ver=3.2.1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.197.249.125 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 125.249.197.35.bc.googleusercontent.com Software nginx / Resource Hash db245e036de2a3ae9a2e4761c74c2387b35307c25c83cf5b2be047fad2fb7803 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT content-encoding gzip x-content-type-options nosniff x-cacheable SHORT x-cache HIT: 1 status 200 x-cache-group normal access-control-allow-headers Authorization, Content-Type allow GET server nginx vary Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie content-type application/json; charset=UTF-8 access-control-expose-headers X-WP-Total, X-WP-TotalPages cache-control max-age=600, must-revalidate x-robots-tag noindex link <https://thedefenceworks.com/wp-json/>; rel="https://api.w.org/" x-pass-why
GET H2	200	l use.typekit.net/af/f3ba4f/00000000000000003b9b12fa/27/	18 KB 18 KB	18ms 6ms	Font application/font-woff2	104.109.64.186 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/f3ba4f/00000000000000003b9b12fa/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js?ver=3.2.1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.109.64.186 , Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a104-109-64-186.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 7dd43c45157046414e239271d72a74e24ed7fa1d3623c5ff4b6c375dd1613112 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://use.typekit.net/ied3wgy.css Origin https://thedefenceworks.com Response headers date Wed, 04 Dec 2019 14:30:57 GMT server nginx access-control-allow-origin * etag "e2418760f00448874f89ae40256bf9d1d180c197" content-type application/font-woff2 status 200 cache-control public, max-age=31536000 timing-allow-origin * content-length 18668
GET H2	200	tdw-down.svg thedefenceworks.com/wp-content/themes/tdw/dist/assets/images/	172 B 377 B	19ms 19ms	Image image/svg+xml	35.197.249.125 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://thedefenceworks.com/wp-content/themes/tdw/dist/assets/images/tdw-down.svg Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js?ver=3.2.1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.197.249.125 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 125.249.197.35.bc.googleusercontent.com Software nginx / Resource Hash 52c0660ff3960d453da8f3882d6570b9f1449da6938d2bb408cb37789d3be492 Request headers Referer https://thedefenceworks.com/wp-content/themes/tdw/dist/assets/css/app.css?ver=2.10.4 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT last-modified Fri, 25 Oct 2019 03:08:48 GMT server nginx access-control-allow-origin * etag "5db26740-ac" vary Accept-Encoding content-type image/svg+xml status 200 cache-control public, max-age=31536000 accept-ranges bytes content-length 172
GET H2	200	tdw-down-white.svg thedefenceworks.com/wp-content/themes/tdw/dist/assets/images/	244 B 449 B	21ms 21ms	Image image/svg+xml	35.197.249.125 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://thedefenceworks.com/wp-content/themes/tdw/dist/assets/images/tdw-down-white.svg Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js?ver=3.2.1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.197.249.125 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 125.249.197.35.bc.googleusercontent.com Software nginx / Resource Hash e1e294f7f27d0a61f3473155f72352b40fa89aa527ec661befa755a637fa32c2 Request headers Referer https://thedefenceworks.com/wp-content/themes/tdw/dist/assets/css/app.css?ver=2.10.4 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT last-modified Fri, 25 Oct 2019 03:08:48 GMT server nginx access-control-allow-origin * etag "5db26740-f4" vary Accept-Encoding content-type image/svg+xml status 200 cache-control public, max-age=31536000 accept-ranges bytes content-length 244
GET H2	200	Breaking-Scams-Phishing-Attachment-1920x1080.png thedefenceworks.com/wp-content/uploads/2019/01/	351 KB 352 KB	21ms 21ms	Image image/png	35.197.249.125 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://thedefenceworks.com/wp-content/uploads/2019/01/Breaking-Scams-Phishing-Attachment-1920x1080.png Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js?ver=3.2.1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.197.249.125 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 125.249.197.35.bc.googleusercontent.com Software nginx / Resource Hash 3b25dbbdcc31387e13e0de964655073d79ce79786f59c3b714f1c1086f9d0455 Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT last-modified Fri, 25 Oct 2019 03:08:47 GMT server nginx access-control-allow-origin * etag "5db2673f-57bd9" vary Accept-Encoding content-type image/png status 200 cache-control public, max-age=31536000 accept-ranges bytes content-length 359385
GET H/1.1	200 OK	agile-min.js Show response d1gwclp1pmzk26.cloudfront.net/agile/stats/min/app/v11/	63 KB 18 KB	8ms 7ms	Script application/x-javascript	143.204.98.153 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://d1gwclp1pmzk26.cloudfront.net/agile/stats/min/app/v11/agile-min.js Requested by Host: d1gwclp1pmzk26.cloudfront.net URL: https://d1gwclp1pmzk26.cloudfront.net/agile/agile-cloud.js?ver=5.2.4 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.98.153 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-143-204-98-153.fra50.r.cloudfront.net Software nginx/1.2.4 / Resource Hash 3dfa9239012b3cd2737cdb2b0370dc9f9c253d38883f48ace64590e0cdd8b7c5 Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sat, 23 Nov 2019 00:09:36 GMT Content-Encoding gzip Last-Modified Fri, 25 May 2018 13:26:48 GMT Server nginx/1.2.4 Age 1002081 Vary Accept-Encoding X-Cache Hit from cloudfront Content-Type application/x-javascript Via 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront) Cache-Control max-age=2592000, public Transfer-Encoding chunked X-Amz-Cf-Pop FRA50-C1 Connection keep-alive X-Amz-Cf-Id qx_96vKumcVYE373B0EFZkH1EsgABbi8Puy0aNJMyG6ZHuWli9ucTw== Expires Sun, 20 Oct 2019 00:04:30 GMT
GET H/1.1	200 OK	insight.min.js Show response snap.licdn.com/li.lms-analytics/	3 KB 2 KB	6ms 6ms	Script application/x-javascript	2a02:26f0:6c00:28c::25ea AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:28c::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software / Resource Hash 41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0 Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 04 Dec 2019 14:30:57 GMT Content-Encoding gzip Last-Modified Mon, 07 Oct 2019 16:41:31 GMT X-CDN AKAM Vary Accept-Encoding Content-Type application/x-javascript;charset=utf-8 Cache-Control max-age=81086 Connection keep-alive Accept-Ranges bytes Content-Length 1576
GET H2	200	outer.html js.stripe.com/v2/m/ Frame D3CE	0 0	6ms 5ms	Document text/html	151.101.12.176 Fastly
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v2/m/outer.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software AmazonS3 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers :method GET :authority js.stripe.com :scheme https :path /v2/m/outer.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 sec-fetch-site cross-site sec-fetch-mode nested-navigate referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Response headers status 200 x-amz-id-2 zguMTW7ESme6Z3BgYhPkCqdsj2TteCuSAhIDN/9ibSa2Fxc3WgbSqHL92qnJKaRO2hB7/rUPuv0= x-amz-request-id 47F5F2FDA9B8F188 last-modified Wed, 06 Sep 2017 17:40:34 GMT etag "51b76bd7931c50d2bf6d4c5a93d343f9" cache-control public, max-age=300 content-type text/html; charset=utf-8 server AmazonS3 content-encoding gzip accept-ranges bytes date Wed, 04 Dec 2019 14:30:57 GMT via 1.1 varnish age 33 x-served-by cache-fra19161-FRA x-cache HIT x-cache-hits 34 x-timer S1575469858.739779,VS0,VE0 vary Accept-Encoding strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * content-length 388
GET H2	200	sm.22.html static.addtoany.com/menu/ Frame 76DB	0 0	16ms 16ms	Document text/html	2606:4700:10::6814:6e27 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://static.addtoany.com/menu/sm.22.html Requested by Host: static.addtoany.com URL: https://static.addtoany.com/menu/page.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:6e27 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers :method GET :authority static.addtoany.com :scheme https :path /menu/sm.22.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 sec-fetch-site cross-site sec-fetch-mode nested-navigate referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ accept-encoding gzip, deflate, br cookie __cfduid=de25b763e778fdb51ca43344a42db42a61575469857 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Response headers status 200 date Wed, 04 Dec 2019 14:30:57 GMT content-type text/html; charset=utf-8 p3p CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT" last-modified Thu, 03 Oct 2019 06:59:00 GMT etag W/"70f-593fc1ec1791b" cache-control max-age=315360000, immutable age 545306 vary Accept-Encoding via e5s cf-cache-status HIT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 53fe7b331f6dcbac-VIE content-encoding br
GET		truncated /	0 0
GET H2	204	0 bat.bing.com/action/	0 93 B	51ms 51ms	Image text/plain	2620:1ec:c11::200 Microsoft Corpora...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=26046244&Ver=2&mid=70cc73ba-59f6-d23c-745d-ea0f6c8dc7f6&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Breaking%20Scams%3A%20Try%20Not%20to%20Get%20Too%20Attached%3A%20The%20Phishing%20Email%20Attachment%20Scam%20-%20The%20Defence%20Works&p=https%3A%2F%2Fthedefenceworks.com%2Fblog%2Fbreaking-scams-phishing-email-attachment-scam%2F&r=&lt=531&evt=pageLoad&msclkid=N&rn=9012 Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 204 pragma no-cache date Wed, 04 Dec 2019 14:30:57 GMT cache-control no-cache, must-revalidate x-msedge-ref Ref A: 3BC65330E17D4655946B5CB00921C4DB Ref B: VIEEDGE0317 Ref C: 2019-12-04T14:30:57Z access-control-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	circle-top-offset.svg Show response thedefenceworks.com/wp-content/themes/tdw/dist/assets/images/	177 B 382 B	22ms 22ms	XHR image/svg+xml	35.197.249.125 Google LLC
General Check archive.org Show headers Download Go to Full URL https://thedefenceworks.com/wp-content/themes/tdw/dist/assets/images/circle-top-offset.svg Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js?ver=3.2.1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.197.249.125 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 125.249.197.35.bc.googleusercontent.com Software nginx / Resource Hash 8792ad1783c3967a09f6bd07f9317ce156a9323c78100a9c2d5c11eec118b4c5 Request headers Accept application/xml, text/xml, */*; q=0.01 Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT last-modified Fri, 25 Oct 2019 03:08:48 GMT server nginx status 200 etag "5db26740-b1" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 177
GET H2	200	circle-top-large.svg Show response thedefenceworks.com/wp-content/themes/tdw/dist/assets/images/	169 B 374 B	23ms 23ms	XHR image/svg+xml	35.197.249.125 Google LLC
General Check archive.org Show headers Download Go to Full URL https://thedefenceworks.com/wp-content/themes/tdw/dist/assets/images/circle-top-large.svg Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js?ver=3.2.1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.197.249.125 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 125.249.197.35.bc.googleusercontent.com Software nginx / Resource Hash 219f356cdf49ae5d1401052de7344b5c3a70f490ebed6e381bd345409dea0ec4 Request headers Accept application/xml, text/xml, */*; q=0.01 Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT last-modified Fri, 25 Oct 2019 03:08:48 GMT server nginx status 200 etag "5db26740-a9" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 169
GET H2	200	circle-top.svg Show response thedefenceworks.com/wp-content/themes/tdw/dist/assets/images/	172 B 377 B	22ms 22ms	XHR image/svg+xml	35.197.249.125 Google LLC
General Check archive.org Show headers Download Go to Full URL https://thedefenceworks.com/wp-content/themes/tdw/dist/assets/images/circle-top.svg Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js?ver=3.2.1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.197.249.125 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 125.249.197.35.bc.googleusercontent.com Software nginx / Resource Hash 4cc61ef7dfdc13fb676fc0f92af0e3e1f9f5d5d3c4217f2965cb61c7d7465f60 Request headers Accept application/xml, text/xml, */*; q=0.01 Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT last-modified Fri, 25 Oct 2019 03:08:48 GMT server nginx status 200 etag "5db26740-ac" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 172
GET H2	200	the-defence-works-cassi-logomark.svg Show response thedefenceworks.com/wp-content/themes/tdw/dist/assets/images/	342 B 461 B	44ms 44ms	XHR image/svg+xml	35.197.249.125 Google LLC
General Check archive.org Show headers Download Go to Full URL https://thedefenceworks.com/wp-content/themes/tdw/dist/assets/images/the-defence-works-cassi-logomark.svg Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js?ver=3.2.1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.197.249.125 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 125.249.197.35.bc.googleusercontent.com Software nginx / Resource Hash 1a6c31ef439ccc11247ab80c107b858be7839cb557a39d6f1ade22c331263b99 Request headers Accept application/xml, text/xml, */*; q=0.01 Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT content-encoding gzip last-modified Fri, 25 Oct 2019 03:08:48 GMT server nginx status 200 etag W/"5db26740-156" vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	icons.29.old.css static.addtoany.com/menu/svg/	8 KB 1 KB	18ms 17ms	Stylesheet text/css	2606:4700:10::6814:6e27 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://static.addtoany.com/menu/svg/icons.29.old.css Requested by Host: static.addtoany.com URL: https://static.addtoany.com/menu/page.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:6e27 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash a03d790d85c51718b875b4ac5d10ad2d7dbd19f2cd44f39c503a758b5851bbc3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT via e5s x-content-type-options nosniff cf-cache-status HIT age 26127157 p3p CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT" status 200 strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br last-modified Mon, 31 Dec 2018 23:29:11 GMT server cloudflare etag W/"1e29-57e59c7b44616" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css; charset=utf-8 cache-control max-age=315360000, immutable cf-ray 53fe7b3398f0cbac-VIE cf-bgj minify
GET H2	200	collect px.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1284409&url=https%3A%2F%2Fthedefenceworks.com%2Fblog%2Fbreaking-scams-phishing-email-attachment-scam%2F&time=1575469857877 https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1284409%26url%3Dhttps%253A%252F%252Fthedefenceworks.com%252Fblog%252Fbreaking-sca... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1284409&url=https%3A%2F%2Fthedefenceworks.com%2Fblog%2Fbreaking-scams-phishing-email-attachment-scam%2F&time=1575469857877&liSync=true	0 94 B	106ms 106ms	Image application/javascript	2a05:f500:10:101::b93f:9105 LinkedIn Corporation
General Check archive.org Show headers Download Go to Show image Full URL https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1284409&url=https%3A%2F%2Fthedefenceworks.com%2Fblog%2Fbreaking-scams-phishing-email-attachment-scam%2F&time=1575469857877&liSync=true Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN - LinkedIn Corporation, US), Reverse DNS Software Play / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:58 GMT content-encoding gzip server Play vary Accept-Encoding x-li-fabric prod-lva1 status 200 x-li-proto http/2 x-li-pop prod-efr5 content-type application/javascript content-length 20 x-li-uuid v4xPHn0x3RXwxAVFDysAAA== Redirect headers date Wed, 04 Dec 2019 14:30:58 GMT content-encoding gzip x-content-type-options nosniff status 302 x-li-pop prod-efr5 content-length 20 x-li-uuid 3tqrF30x3RUAIZYNICsAAA== pragma no-cache server Play x-frame-options sameorigin expect-ct max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct" vary Accept-Encoding strict-transport-security max-age=2592000 x-li-fabric prod-lva1 location https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1284409&url=https%3A%2F%2Fthedefenceworks.com%2Fblog%2Fbreaking-scams-phishing-email-attachment-scam%2F&time=1575469857877&liSync=true x-xss-protection 1; mode=block cache-control no-cache, no-store content-security-policy default-src *; connect-src 'self' static.licdn.com media.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media-exp1.licdn.com media-exp2.licdn.com https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob:; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' x-li-proto http/2 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	agile-webrules-min.js Show response s3.amazonaws.com/agilecrm/web-rules-static/	38 KB 39 KB	357ms 95ms	Script application/x-javascript	52.216.137.182 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://s3.amazonaws.com/agilecrm/web-rules-static/agile-webrules-min.js Requested by Host: d1gwclp1pmzk26.cloudfront.net URL: https://d1gwclp1pmzk26.cloudfront.net/agile/stats/min/app/v11/agile-min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.216.137.182 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS s3-1.amazonaws.com Software AmazonS3 / Resource Hash e260b9c304598205a322374408f2e2718acab63e585af74e41fb69179d3b4337 Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 04 Dec 2019 14:30:59 GMT Last-Modified Thu, 20 Jul 2017 12:34:14 GMT Server AmazonS3 x-amz-request-id A54FC53FD4947662 ETag "8905dc1d776f9bce281cdbca7a515b7f" Content-Type application/x-javascript Accept-Ranges bytes Content-Length 39245 x-amz-id-2 Y74fH1Zs9cyKvP8w0B3rJfKIsePdjMafqNBH3XxGzqM2GmSw9klvlypqcYPv75E0++s8T9TS43Q=
GET H2	200	addstats Show response stats2.agilecrm.com/	0 116 B	430ms 378ms	Script text/html	2a00:1450:4001:820::2013 Google LLC
General Check archive.org Show headers Download Go to Full URL https://stats2.agilecrm.com/addstats?callback=json5854611427751433&guid=551859d2-a525-ac0f-c6dc-92624fbce198&sid=d4978f24-1fa8-6109-992c-6ab629f7bab1&url=https%3A%2F%2Fthedefenceworks.com%2Fblog%2Fbreaking-scams-phishing-email-attachment-scam%2F&agile=t29fkna7d7k6nrqvgggkkptgm4&new=1&ref=&domain=thebfpp Requested by Host: d1gwclp1pmzk26.cloudfront.net URL: https://d1gwclp1pmzk26.cloudfront.net/agile/stats/min/app/v11/agile-min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:820::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Google Frontend / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 x-cloud-trace-context 18262f57c72655b8cd67fa7f0de0664d server Google Frontend date Wed, 04 Dec 2019 14:30:58 GMT content-length 0 content-type text/html
GET H2	200	/ www.facebook.com/tr/	44 B 247 B	6ms 6ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de Facebook
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=394717684376068&ev=PageView&dl=https%3A%2F%2Fthedefenceworks.com%2Fblog%2Fbreaking-scams-phishing-email-attachment-scam%2F&rl=&if=false&ts=1575469857895&sw=1600&sh=1200&v=2.9.14&r=stable&a=wordpress-5.2.4-1.7.25&ec=0&o=30&fbp=fb.1.1575469857895.1984187353&it=1575469857602&coo=false&rqm=GET Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif status 200 cache-control no-cache, must-revalidate, max-age=0 alt-svc h3-23=":443"; ma=3600 content-length 44 expires Wed, 04 Dec 2019 14:30:57 GMT
GET H2	200	linkedin.png static.addtoany.com/menu/svg/png/	378 B 534 B	17ms 16ms	Image image/png	2606:4700:10::6814:6e27 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://static.addtoany.com/menu/svg/png/linkedin.png Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:6e27 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 24a94e6220188c3daaee8d4b67a3e0efd9dbdb66a5e4352d1d7a2d29f2917139 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://static.addtoany.com/menu/svg/icons.29.old.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT via e5s x-content-type-options nosniff cf-cache-status HIT age 5284850 cf-polished status=not_needed p3p CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT" status 200 vary Accept-Encoding content-length 378 last-modified Thu, 11 Aug 2016 01:27:28 GMT server cloudflare etag "17a-539c1ab43cd4d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type image/png cache-control max-age=315360000, immutable accept-ranges bytes cf-ray 53fe7b33e99acbac-VIE cf-bgj imgq:100
GET H2	200	email.png static.addtoany.com/menu/svg/png/	358 B 471 B	20ms 19ms	Image image/png	2606:4700:10::6814:6e27 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://static.addtoany.com/menu/svg/png/email.png Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:6e27 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 296d15474ee4dab8e9f2532aa6ded11187e51747139894e8bcf6e030c799bd5b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://static.addtoany.com/menu/svg/icons.29.old.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT via e5s x-content-type-options nosniff cf-cache-status HIT age 5376090 cf-polished status=not_needed p3p CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT" status 200 vary Accept-Encoding content-length 358 last-modified Thu, 11 Aug 2016 01:27:31 GMT server cloudflare etag "166-539c1ab7414ab" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type image/png cache-control max-age=315360000, immutable accept-ranges bytes cf-ray 53fe7b33e99ccbac-VIE cf-bgj imgq:100
GET H2	200	twitter.png static.addtoany.com/menu/svg/png/	533 B 645 B	18ms 17ms	Image image/png	2606:4700:10::6814:6e27 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://static.addtoany.com/menu/svg/png/twitter.png Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:6e27 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash d5ce5f4fc85c68b6d412ac2f82a577917c009a84b4a8a4639f829f7493bb7fda Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://static.addtoany.com/menu/svg/icons.29.old.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT via e5s x-content-type-options nosniff cf-cache-status HIT age 638587 cf-polished status=not_needed p3p CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT" status 200 vary Accept-Encoding content-length 533 last-modified Thu, 11 Aug 2016 01:27:22 GMT server cloudflare etag "215-539c1aae7c2d1" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type image/png cache-control max-age=315360000, immutable accept-ranges bytes cf-ray 53fe7b33e99fcbac-VIE cf-bgj imgq:100
GET H2	200	facebook.png static.addtoany.com/menu/svg/png/	311 B 424 B	20ms 20ms	Image image/png	2606:4700:10::6814:6e27 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://static.addtoany.com/menu/svg/png/facebook.png Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:6e27 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 8017851b6211190f6e0c60cfe33cdd894044fef4c47d41e97c52064f279cba7d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://static.addtoany.com/menu/svg/icons.29.old.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT via e5s x-content-type-options nosniff cf-cache-status HIT age 24530622 cf-polished status=not_needed p3p CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT" status 200 vary Accept-Encoding content-length 311 last-modified Thu, 11 Aug 2016 01:27:30 GMT server cloudflare etag "137-539c1ab6b2b6b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type image/png cache-control max-age=315360000, immutable accept-ranges bytes cf-ray 53fe7b33e9a0cbac-VIE cf-bgj imgq:100
GET H2	200	whatsapp.png static.addtoany.com/menu/svg/png/	850 B 963 B	23ms 23ms	Image image/png	2606:4700:10::6814:6e27 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://static.addtoany.com/menu/svg/png/whatsapp.png Requested by Host: thedefenceworks.com URL: https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:6e27 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash b0034d1f95478639574191ff0f5914d28c9880abeb12624030154dcdc0cd1fb6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://static.addtoany.com/menu/svg/icons.29.old.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:57 GMT via e5s x-content-type-options nosniff cf-cache-status HIT age 1168316 cf-polished status=not_needed p3p CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT" status 200 vary Accept-Encoding content-length 850 last-modified Thu, 11 Aug 2016 01:27:21 GMT server cloudflare etag "352-539c1aae0cd91" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type image/png cache-control max-age=315360000, immutable accept-ranges bytes cf-ray 53fe7b33e9a1cbac-VIE cf-bgj imgq:100
GET H2	200	web-rules Show response thebfpp.agilecrm.com/core/js/api/	9 KB 9 KB	546ms 488ms	Script text/plain	2a00:1450:4001:819::2013 Google LLC
General Check archive.org Show headers Download Go to Full URL https://thebfpp.agilecrm.com/core/js/api/web-rules?callback=json106659020383582&id=t29fkna7d7k6nrqvgggkkptgm4 Requested by Host: d1gwclp1pmzk26.cloudfront.net URL: https://d1gwclp1pmzk26.cloudfront.net/agile/stats/min/app/v11/agile-min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:819::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Google Frontend / Resource Hash 8c00c3283eab3c4c98952faac1ce9b5855626e39ccd00317ef3e454f6372ffd0 Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:58 GMT server Google Frontend content-type application / x-javascript;charset="UTF-8" status 200 x-cloud-trace-context 2d9d8e8ae408411ccc6118dd93448831 cache-control private content-length 9176 expires Thu, 01 Jan 1970 00:00:00 GMT
POST H2	200	/ www.facebook.com/tr/	0 100 B	6ms 6ms	Other text/plain	2a03:2880:f11c:8183:face:b00c:0:25de Facebook
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/tr/ Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Origin https://thedefenceworks.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type multipart/form-data; boundary=----WebKitFormBoundaryaoljsOEFALvLLdGQ Response headers strict-transport-security max-age=31536000; includeSubDomains server proxygen-bolt access-control-allow-origin https://thedefenceworks.com date Wed, 04 Dec 2019 14:30:58 GMT content-type text/plain status 200 access-control-allow-credentials true alt-svc h3-23=":443"; ma=3600 content-length 0
GET H2	200	livechat.js Show response thebfpp.agilecrm.com/agile-livechat/website/	7 KB 3 KB	135ms 135ms	Script application/x-javascript	2a00:1450:4001:819::2013 Google LLC
General Check archive.org Show headers Download Go to Full URL https://thebfpp.agilecrm.com/agile-livechat/website/livechat.js Requested by Host: d1gwclp1pmzk26.cloudfront.net URL: https://d1gwclp1pmzk26.cloudfront.net/agile/stats/min/app/v11/agile-min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:819::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Google Frontend / Resource Hash a043f3037d9e8b4203b3c30ada687dc9e839b0185d048669ea6a2f8ebdf63480 Request headers Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Dec 2019 14:30:58 GMT content-encoding gzip server Google Frontend etag "W33Wfw" content-type application/x-javascript status 200 x-cloud-trace-context 0271432c5c75e3706f959b36d73e73cf cache-control public, max-age=600 expires Wed, 04 Dec 2019 14:40:58 GMT
GET H2	200	session thebfpp.agilecrm.com/livechat/ Frame 61BB	0 0	281ms 280ms	Document text/html	2a00:1450:4001:819::2013 Google LLC
General Check archive.org Show headers Download Go to Full URL https://thebfpp.agilecrm.com/livechat/session?k=t29fkna7d7k6nrqvgggkkptgm4 Requested by Host: thebfpp.agilecrm.com URL: https://thebfpp.agilecrm.com/agile-livechat/website/livechat.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:819::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Google Frontend / Resource Hash Request headers :method GET :authority thebfpp.agilecrm.com :scheme https :path /livechat/session?k=t29fkna7d7k6nrqvgggkkptgm4 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 sec-fetch-site cross-site sec-fetch-mode nested-navigate referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ accept-encoding gzip, deflate, br cookie JSESSIONID=I1wHq0re-QuYc_IRlOdZrA Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://thedefenceworks.com/blog/breaking-scams-phishing-email-attachment-scam/ Response headers status 200 content-type text/html;charset=utf-8 content-encoding gzip x-cloud-trace-context 2999f317d02e67321b9e7cec477e86ec vary Accept-Encoding date Wed, 04 Dec 2019 14:30:59 GMT server Google Frontend cache-control private content-length 4844

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

truncated

URL

data:truncated