security.defendid.us Open in urlscan Pro
100.24.100.138  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response security.defendid.us/id=RvkUQIeGawVsUfahBqDsGD/b4318c/3152f42f-dd1f-41c4-8d69-2c4a6c2ae490/	6 KB 3 KB	445ms 141ms	Document text/html	100.24.100.138 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://security.defendid.us/id=RvkUQIeGawVsUfahBqDsGD/b4318c/3152f42f-dd1f-41c4-8d69-2c4a6c2ae490/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 100.24.100.138 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-100-24-100-138.compute-1.amazonaws.com Software Apache / Resource Hash 14e4554e45cf8ae4f0fd2f3b9a971cdec884b4054937c842ae1a77fc259a6ab9 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Host security.defendid.us Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Access-Control-Allow-Origin http://landing.phishme.com Cache-Control no-cache, no-store Content-Encoding gzip Content-Type text/html; charset=utf-8 Date Tue, 15 Dec 2020 13:53:36 GMT ETag W/"14e4554e45cf8ae4f0fd2f3b9a971cde-gzip" Expires Fri, 01 Jan 1990 00:00:00 GMT Pragma no-cache Referrer-Policy strict-origin-when-cross-origin Server Apache Set-Cookie _phishme.com_session_id=2ce8da341aa653e06903500c955edab1; path=/; HttpOnly Status 200 OK Vary Accept-Encoding X-Content-Type-Options nosniff X-Download-Options noopen noopen X-Frame-Options DENY X-Permitted-Cross-Domain-Policies none X-Request-Id 9153e907-3ac7-4c93-a8f5-5dbde5bcea0a X-Runtime 0.039349 X-XSS-Protection 1; mode=block Content-Length 2318
GET H2	200	js Show response www.googletagmanager.com/gtag/	96 KB 38 KB	25ms 24ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-126808791-4 Requested by Host: security.defendid.us URL: https://security.defendid.us/id=RvkUQIeGawVsUfahBqDsGD/b4318c/3152f42f-dd1f-41c4-8d69-2c4a6c2ae490/? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 35c0aad3cc56eaa246b0f3b048c58f7c21e0a6e0155974edcda1490b6bd2748d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://security.defendid.us/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 15 Dec 2020 13:53:36 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 39021 x-xss-protection 0 last-modified Tue, 15 Dec 2020 12:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 15 Dec 2020 13:53:36 GMT
GET H/1.1	200 OK	jquery-latest.min.js Show response security.defendid.us/javascripts/	86 KB 30 KB	105ms 104ms	Script application/javascript	100.24.100.138 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://security.defendid.us/javascripts/jquery-latest.min.js Requested by Host: security.defendid.us URL: https://security.defendid.us/id=RvkUQIeGawVsUfahBqDsGD/b4318c/3152f42f-dd1f-41c4-8d69-2c4a6c2ae490/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 100.24.100.138 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-100-24-100-138.compute-1.amazonaws.com Software Apache / Resource Hash 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Request headers Referer https://security.defendid.us/id=RvkUQIeGawVsUfahBqDsGD/b4318c/3152f42f-dd1f-41c4-8d69-2c4a6c2ae490/? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 15 Dec 2020 13:53:36 GMT Content-Encoding gzip Last-Modified Tue, 24 Nov 2020 18:11:21 GMT Server Apache ETag "15851-5b4de3ce60440-gzip" X-Download-Options noopen Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin http://landing.phishme.com Cache-Control max-age=0 Accept-Ranges bytes Content-Length 30677 Expires Tue, 15 Dec 2020 13:53:36 GMT
GET H/1.1	200 OK	jquery.periodicalupdater.js Show response security.defendid.us/javascripts/	7 KB 3 KB	292ms 100ms	Script application/javascript	100.24.100.138 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://security.defendid.us/javascripts/jquery.periodicalupdater.js Requested by Host: security.defendid.us URL: https://security.defendid.us/id=RvkUQIeGawVsUfahBqDsGD/b4318c/3152f42f-dd1f-41c4-8d69-2c4a6c2ae490/? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 100.24.100.138 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-100-24-100-138.compute-1.amazonaws.com Software Apache / Resource Hash 850ebab175e20015432217d462b446fd904cc7e90ae8c0339212053481163969 Request headers Referer https://security.defendid.us/id=RvkUQIeGawVsUfahBqDsGD/b4318c/3152f42f-dd1f-41c4-8d69-2c4a6c2ae490/? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 15 Dec 2020 13:53:36 GMT Content-Encoding gzip Last-Modified Tue, 24 Nov 2020 18:11:21 GMT Server Apache ETag "1a02-5b4de3ce60440-gzip" X-Download-Options noopen Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin http://landing.phishme.com Cache-Control max-age=0 Accept-Ranges bytes Content-Length 2221 Expires Tue, 15 Dec 2020 13:53:36 GMT
GET H2	200	header_phishing-f21028c3.jpg images.pmeimg.com/public/user_assets/b140ffa3-4a19-40c7-a3b6-e07147d89f7f/	33 KB 33 KB	138ms 51ms	Image image/jpeg	13.227.156.124 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://images.pmeimg.com/public/user_assets/b140ffa3-4a19-40c7-a3b6-e07147d89f7f/header_phishing-f21028c3.jpg Requested by Host: security.defendid.us URL: https://security.defendid.us/id=RvkUQIeGawVsUfahBqDsGD/b4318c/3152f42f-dd1f-41c4-8d69-2c4a6c2ae490/? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.156.124 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-156-124.muc51.r.cloudfront.net Software AmazonS3 / Resource Hash 410e12b73f36c4a7ee87fa4b5d343be6224bc695ec7b9bcc0ff918d2ae09a0cc Request headers Referer https://security.defendid.us/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 15 Dec 2020 05:25:14 GMT via 1.1 139113252a51f85c84cb641b4d964ba5.cloudfront.net (CloudFront) last-modified Fri, 06 Nov 2020 14:05:07 GMT server AmazonS3 age 30503 etag "fd1c8c9916dde44e590e23be91081164" x-cache Hit from cloudfront x-amz-cf-pop MUC51-C1 accept-ranges bytes content-length 33688 x-amz-cf-id Npd0LvmSmSUod5AxDnmtDGmaOVvm7eGNhO0KOMLLZBKzunEpgP18Hg==
GET H2	200	03_codes-malveillants-6fac7fd4.png images.pmeimg.com/public/user_assets/b140ffa3-4a19-40c7-a3b6-e07147d89f7f/	2 KB 3 KB	56ms 55ms	Image image/png	13.227.156.124 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://images.pmeimg.com/public/user_assets/b140ffa3-4a19-40c7-a3b6-e07147d89f7f/03_codes-malveillants-6fac7fd4.png Requested by Host: security.defendid.us URL: https://security.defendid.us/id=RvkUQIeGawVsUfahBqDsGD/b4318c/3152f42f-dd1f-41c4-8d69-2c4a6c2ae490/? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.156.124 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-156-124.muc51.r.cloudfront.net Software AmazonS3 / Resource Hash 4d0f72375244cab1fb407cd32354f75ab41b9478d4fff729b88c85f820ebb9a7 Request headers Referer https://security.defendid.us/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 15 Dec 2020 05:25:14 GMT via 1.1 139113252a51f85c84cb641b4d964ba5.cloudfront.net (CloudFront) last-modified Fri, 06 Nov 2020 14:01:10 GMT server AmazonS3 age 30503 etag "78168319d06b46581a61ea2d18995ef7" x-cache Hit from cloudfront x-amz-cf-pop MUC51-C1 accept-ranges bytes content-length 2502 x-amz-cf-id tSL0qGe9TieUe-YkGmvgK5EIXl7mh-Wuga5I0j34-g0-qGqC8lpbzg==
GET H/1.1	200 OK	flyer_phishing_vf_hd-2-9722920f.png images.pmeimg.com/public/user_assets/3efac72f-3a77-40d4-a29c-8175048fe8d3/	137 KB 137 KB	74ms 54ms	Image image/png	13.227.156.124 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL http://images.pmeimg.com/public/user_assets/3efac72f-3a77-40d4-a29c-8175048fe8d3/flyer_phishing_vf_hd-2-9722920f.png Requested by Host: security.defendid.us URL: https://security.defendid.us/id=RvkUQIeGawVsUfahBqDsGD/b4318c/3152f42f-dd1f-41c4-8d69-2c4a6c2ae490/? Protocol HTTP/1.1 Server 13.227.156.124 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-156-124.muc51.r.cloudfront.net Software AmazonS3 / Resource Hash f31059555878c3a2981eaa7467ea73eafd7ec68a15ac1363d2770bf893055ebd Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 15 Dec 2020 06:19:53 GMT Via 1.1 a4e2e59f66a1d4717bfa6c64f818168c.cloudfront.net (CloudFront) Last-Modified Mon, 20 Nov 2017 16:52:50 GMT Server AmazonS3 Age 27224 ETag "f032260af5ff3be0fcc08f4c4550affd" X-Cache Hit from cloudfront Connection keep-alive X-Amz-Cf-Pop MUC51-C1 Accept-Ranges bytes Content-Length 140049 X-Amz-Cf-Id mdh0yaIiIHhiFYN1L_-FL7nrQH7SXuxcJxJrMOykdwXJ6hS6RIIKew==
GET H/1.1	200 OK	flyer_phishing_vf_hd-1-7b98577d.png images.pmeimg.com/public/user_assets/3efac72f-3a77-40d4-a29c-8175048fe8d3/	121 KB 121 KB	75ms 55ms	Image image/png	13.227.156.124 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL http://images.pmeimg.com/public/user_assets/3efac72f-3a77-40d4-a29c-8175048fe8d3/flyer_phishing_vf_hd-1-7b98577d.png Requested by Host: security.defendid.us URL: https://security.defendid.us/id=RvkUQIeGawVsUfahBqDsGD/b4318c/3152f42f-dd1f-41c4-8d69-2c4a6c2ae490/? Protocol HTTP/1.1 Server 13.227.156.124 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-156-124.muc51.r.cloudfront.net Software AmazonS3 / Resource Hash f2fc6842cb55131be5bf600f992051965ce6c034787a0082fa4fd84c6177f2b2 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 15 Dec 2020 06:19:53 GMT Via 1.1 4f554fde1e65aef727b4fe23240eafbd.cloudfront.net (CloudFront) Last-Modified Mon, 20 Nov 2017 16:53:09 GMT Server AmazonS3 Age 27224 ETag "ec01f3cb3cc6659cd42cd8522dc9b696" X-Cache Hit from cloudfront Connection keep-alive X-Amz-Cf-Pop MUC51-C1 Accept-Ranges bytes Content-Length 123691 X-Amz-Cf-Id -KIMvbnKWQLOX_3BLLQMjfeOeN0RzP4Oxz-oJXUdChfoq1nlwYulYQ==
GET H/1.1	200 OK	footer_phishing-45aa964d.png images.pmeimg.com/public/user_assets/3efac72f-3a77-40d4-a29c-8175048fe8d3/	5 KB 6 KB	71ms 52ms	Image image/png	13.227.156.124 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL http://images.pmeimg.com/public/user_assets/3efac72f-3a77-40d4-a29c-8175048fe8d3/footer_phishing-45aa964d.png Requested by Host: security.defendid.us URL: https://security.defendid.us/id=RvkUQIeGawVsUfahBqDsGD/b4318c/3152f42f-dd1f-41c4-8d69-2c4a6c2ae490/? Protocol HTTP/1.1 Server 13.227.156.124 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-156-124.muc51.r.cloudfront.net Software AmazonS3 / Resource Hash 8a64cd6928560026f3a4654979734888686e8fff9d046dc7ded48be269c67cad Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 15 Dec 2020 06:19:53 GMT Via 1.1 3cac3fd7fa29edd9751e89e1095c53fc.cloudfront.net (CloudFront) Last-Modified Mon, 20 Nov 2017 16:53:23 GMT Server AmazonS3 Age 27224 ETag "c8b3c8d90a6eea4fa061a20925d0196d" X-Cache Hit from cloudfront Connection keep-alive X-Amz-Cf-Pop MUC51-C1 Accept-Ranges bytes Content-Length 5360 X-Amz-Cf-Id qhD16b0c6b9s0xMaTLsyHzd0lfF_R52kUp-rq_8IYPG8DriKU7LdLw==
GET H2	200	analytics.js Show response www.google-analytics.com/	46 KB 18 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:820::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-126808791-4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://security.defendid.us/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 23 Oct 2020 03:00:57 GMT server Golfe2 age 181 date Tue, 15 Dec 2020 13:50:35 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18817 expires Tue, 15 Dec 2020 15:50:35 GMT
POST H3-Q050	200	collect Show response www.google-analytics.com/j/	2 B 391 B	47ms 13ms	XHR text/plain	2a00:1450:4001:820::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j87&aip=1&a=216237673&t=pageview&_s=1&dl=https%3A%2F%2Fsecurity.defendid.us%2Fid%3DRvkUQIeGawVsUfahBqDsGD%2Fb4318c%2F3152f42f-dd1f-41c4-8d69-2c4a6c2ae490%2F%3F&ul=en-us&de=UTF-8&dt=PhishMe&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=2127911085&gjid=392532426&cid=331818027.1608040417&tid=UA-126808791-4&_gid=726143365.1608040417&_r=1&gtm=2oubu0&z=1355743195 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://security.defendid.us/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 15 Dec 2020 13:53:36 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://security.defendid.us cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 88 B	14ms 14ms	XHR text/plain	2a00:1450:400c:c06::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-126808791-4&cid=331818027.1608040417&jid=2127911085&gjid=392532426&_gid=726143365.1608040417&_u=IEBAAUAAAAAAAC~&z=123188702 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://security.defendid.us/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Tue, 15 Dec 2020 13:53:36 GMT content-type text/plain access-control-allow-origin https://security.defendid.us cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	log_info Show response security.defendid.us/	0 592 B	112ms 111ms	XHR text/plain	100.24.100.138 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://security.defendid.us/log_info?tid=3152f42f-dd1f-41c4-8d69-2c4a6c2ae490&_=1608040416790 Requested by Host: security.defendid.us URL: https://security.defendid.us/javascripts/jquery-latest.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 100.24.100.138 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-100-24-100-138.compute-1.amazonaws.com Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept text/plain, */*; q=0.01 Referer https://security.defendid.us/id=RvkUQIeGawVsUfahBqDsGD/b4318c/3152f42f-dd1f-41c4-8d69-2c4a6c2ae490/? X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 15 Dec 2020 13:53:46 GMT X-Content-Type-Options nosniff X-Permitted-Cross-Domain-Policies none Access-Control-Allow-Origin http://landing.phishme.com Status 200 OK Content-Length 0 X-XSS-Protection 1; mode=block X-Request-Id 2c98324e-f903-44b0-9267-f92f2e230c06 X-Runtime 0.011734 Referrer-Policy strict-origin-when-cross-origin Server Apache X-Download-Options noopen, noopen X-Frame-Options DENY Content-Type text/plain Pragma no-cache Cache-Control no-cache, no-store Expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	log_info Show response security.defendid.us/	0 592 B	116ms 116ms	XHR text/plain	100.24.100.138 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://security.defendid.us/log_info?tid=3152f42f-dd1f-41c4-8d69-2c4a6c2ae490&_=1608040416791 Requested by Host: security.defendid.us URL: https://security.defendid.us/javascripts/jquery-latest.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 100.24.100.138 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-100-24-100-138.compute-1.amazonaws.com Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept text/plain, */*; q=0.01 Referer https://security.defendid.us/id=RvkUQIeGawVsUfahBqDsGD/b4318c/3152f42f-dd1f-41c4-8d69-2c4a6c2ae490/? X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 15 Dec 2020 13:53:46 GMT X-Content-Type-Options nosniff X-Permitted-Cross-Domain-Policies none Access-Control-Allow-Origin http://landing.phishme.com Status 200 OK Content-Length 0 X-XSS-Protection 1; mode=block X-Request-Id e2a24159-a8eb-4a73-a57a-0658fdf76a2e X-Runtime 0.014429 Referrer-Policy strict-origin-when-cross-origin Server Apache X-Download-Options noopen, noopen X-Frame-Options DENY Content-Type text/plain Pragma no-cache Cache-Control no-cache, no-store Expires Fri, 01 Jan 1990 00:00:00 GMT

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| $ function| jQuery number| pollingIntervalInMilliseconds object| gaplugins object| gaGlobal object| gaData

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.defendid.us/	1970-01-19 14:40:40	Name: _gat_gtag_UA_126808791_4 Value: 1
			.defendid.us/	1970-01-20 08:11:52	Name: _ga Value: GA1.2.331818027.1608040417
			.defendid.us/	1970-01-19 14:42:06	Name: _gid Value: GA1.2.726143365.1608040417
			security.defendid.us/	1969-12-31 23:59:59	Name: _phishme.com_session_id Value: 2ce8da341aa653e06903500c955edab1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

images.pmeimg.com
security.defendid.us
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
100.24.100.138
13.227.156.124
2a00:1450:4001:808::2008
2a00:1450:4001:820::200e
2a00:1450:400c:c06::9b
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
14e4554e45cf8ae4f0fd2f3b9a971cdec884b4054937c842ae1a77fc259a6ab9
35c0aad3cc56eaa246b0f3b048c58f7c21e0a6e0155974edcda1490b6bd2748d
410e12b73f36c4a7ee87fa4b5d343be6224bc695ec7b9bcc0ff918d2ae09a0cc
4d0f72375244cab1fb407cd32354f75ab41b9478d4fff729b88c85f820ebb9a7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
850ebab175e20015432217d462b446fd904cc7e90ae8c0339212053481163969
8a64cd6928560026f3a4654979734888686e8fff9d046dc7ded48be269c67cad
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
f2fc6842cb55131be5bf600f992051965ce6c034787a0082fa4fd84c6177f2b2
f31059555878c3a2981eaa7467ea73eafd7ec68a15ac1363d2770bf893055ebd