www.webroot.com Open in urlscan Pro
69.25.154.83 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://go.mercatoradvisorygroup.com/e/38232/iceae-voice-php-mail-0emailurl/bhh56v/805694377/direct%40suncorp.com.au?h=18BKLzj-bYLLmS...
Effective URL:
https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
Submission: On May 08 via manual (May 8th 2019, 4:45:03 am UTC) from AU

Summary HTTP 88 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 27 IPs in 5 countries across 24 domains to perform 88 HTTP transactions. The main IP is 69.25.154.83, located in United States and belongs to INTERNAP-BLK5 - Internap Corporation, US. The main domain is www.webroot.com.
TLS certificate: Issued by GeoTrust EV RSA CA 2018 on January 25th 2018. Valid for: 2 years.

This is the only time www.webroot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.21.178.134 52.21.178.134	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1 36	69.25.154.83 69.25.154.83	19024 (INTERNAP-...) (INTERNAP-BLK5 - Internap Corporation)
2	2a00:1450:400... 2a00:1450:4001:817::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
2	143.204.214.98 143.204.214.98	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	52.219.20.32 52.219.20.32	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:819::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81a::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
5	2a00:1450:400... 2a00:1450:4001:81e::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
2	151.101.120.157 151.101.120.157	54113 (FASTLY) (FASTLY - Fastly)
1	147.75.83.1 147.75.83.1	54825 (PACKET) (PACKET - Packet Host)
1	2a00:1288:7c:... 2a00:1288:7c:800::4001	43428 (YAHOO-ULS) (YAHOO-ULS)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
2	23.43.119.71 23.43.119.71	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	104.111.239.158 104.111.239.158	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1 2	216.58.207.38 216.58.207.38	15169 (GOOGLE) (GOOGLE - Google LLC)
3	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER - Twitter Inc.)
1	188.125.66.33 188.125.66.33	34010 (YAHOO-IRD) (YAHOO-IRD)
1	192.28.144.124 192.28.144.124	53580 (MARKETO) (MARKETO - MARKETO)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
2	147.75.33.239 147.75.33.239	54825 (PACKET) (PACKET - Packet Host)
5	192.28.144.84 192.28.144.84	53580 (MARKETO) (MARKETO - MARKETO)
1 5	2a00:1450:400... 2a00:1450:4001:81d::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
3	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER - Twitter Inc.)
1	184.31.90.134 184.31.90.134	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	143.204.208.65 143.204.208.65	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
88	27

1 52.21.178.134 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: pi0-lba1-2-ue1.aws.pardot.com

go.mercatoradvisorygroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 69.25.154.83 (United States) 1 redirects

ASN19024 (INTERNAP-BLK5 - Internap Corporation, US)

www.webroot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.214.98 (Wilmington, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-214-98.fra53.r.cloudfront.net

www-cdn.webroot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.219.20.32 (San Jose, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-us-west-1-r-w.amazonaws.com

webroot-cms-cdn.s3-us-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81e::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.120.157 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.83.1 (Switzerland)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-23

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:7c:800::4001 (United Kingdom)

ASN43428 (YAHOO-ULS, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.43.119.71 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-43-119-71.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.111.239.158 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-239-158.deploy.static.akamaitechnologies.com

abrtp1-cdn.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtp-static.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.207.38 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s24-in-f6.1e100.net

8034235.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.42.5 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.125.66.33 (Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (San Mateo, United States)

ASN53580 (MARKETO - MARKETO, Inc., US)

557-fsi-195.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.33.239 (Switzerland)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-28

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 192.28.144.84 (San Mateo, United States)

ASN53580 (MARKETO - MARKETO, Inc., US)

abrtp1.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81d::200e (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:234:59:254c:406:2366:268c (United States) 1 redirects

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.42.195 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.31.90.134 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a184-31-90-134.deploy.static.akamaitechnologies.com

img.en25.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.208.65 (Wilmington, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-208-65.fra53.r.cloudfront.net

dnn506yrbagrg.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2004 (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	webroot.com 1 redirects www.webroot.com www-cdn.webroot.com	554 KB
10	marketo.com abrtp1-cdn.marketo.com rtp-static.marketo.com abrtp1.marketo.com	121 KB
5	google-analytics.com 1 redirects www.google-analytics.com	19 KB
5	gstatic.com fonts.gstatic.com	54 KB
4	twitter.com 1 redirects platform.twitter.com analytics.twitter.com	884 B
3	t.co t.co	456 B
3	doubleclick.net 2 redirects 8034235.fls.doubleclick.net stats.g.doubleclick.net	573 B
3	facebook.net connect.facebook.net	72 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	91 KB
2	facebook.com www.facebook.com	472 B
2	marketo.net munchkin.marketo.net	6 KB
2	bing.com bat.bing.com	7 KB
2	ads-twitter.com static.ads-twitter.com	4 KB
2	google.com 1 redirects apis.google.com www.google.com	17 KB
2	googleapis.com fonts.googleapis.com	1 KB
1	google.de www.google.de	110 B
1	cloudfront.net dnn506yrbagrg.cloudfront.net	481 B
1	en25.com img.en25.com	3 KB
1	mktoresp.com 557-fsi-195.mktoresp.com	272 B
1	yahoo.com sp.analytics.yahoo.com	452 B
1	yimg.com s.yimg.com	4 KB
1	googletagmanager.com www.googletagmanager.com	40 KB
1	amazonaws.com webroot-cms-cdn.s3-us-west-1.amazonaws.com	6 KB
1	mercatoradvisorygroup.com 1 redirects go.mercatoradvisorygroup.com	677 B
88	24

	Domain	Requested by
36	www.webroot.com	1 redirects www.webroot.com
5	www.google-analytics.com	1 redirects www.webroot.com www.google-analytics.com
5	abrtp1.marketo.com	abrtp1-cdn.marketo.com rtp-static.marketo.com
5	fonts.gstatic.com	www.webroot.com
4	rtp-static.marketo.com	abrtp1-cdn.marketo.com
3	analytics.twitter.com	static.ads-twitter.com
3	t.co	www.webroot.com static.ads-twitter.com
3	connect.facebook.net	www.webroot.com connect.facebook.net
2	www.facebook.com	www.webroot.com
2	8034235.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	munchkin.marketo.net	www.webroot.com munchkin.marketo.net
2	bat.bing.com	www.webroot.com
2	static.ads-twitter.com	www.googletagmanager.com www.webroot.com
2	www-cdn.webroot.com	www.webroot.com
2	fonts.googleapis.com	www.webroot.com
1	vars.hotjar.com	static.hotjar.com
1	www.google.de	www.webroot.com
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	dnn506yrbagrg.cloudfront.net	www.webroot.com
1	img.en25.com	www.webroot.com
1	platform.twitter.com	1 redirects
1	script.hotjar.com	static.hotjar.com
1	557-fsi-195.mktoresp.com	munchkin.marketo.net
1	sp.analytics.yahoo.com	s.yimg.com
1	abrtp1-cdn.marketo.com	www.webroot.com
1	s.yimg.com	www.webroot.com
1	static.hotjar.com	www.googletagmanager.com
1	www.googletagmanager.com	www.webroot.com
1	apis.google.com	www.webroot.com
1	webroot-cms-cdn.s3-us-west-1.amazonaws.com	www.webroot.com
1	go.mercatoradvisorygroup.com	1 redirects
88	32

This site contains links to these domains. Also see Links.

Domain
community.webroot.com
my.webrootanywhere.com
webroot.tiekinetix.net
www.brightcloud.com
bcws.brightcloud.com
www.youtube.com
twitter.com
www.facebook.com
www.linkedin.com
community.spiceworks.com

Subject Issuer	Validity	Valid
www.webroot.com GeoTrust EV RSA CA 2018	`2018-01-25` - `2020-01-25`	2 years	crt.sh
*.googleapis.com Google Internet Authority G3	`2019-04-16` - `2019-07-09`	3 months	crt.sh
www-cdn.webroot.com Amazon	`2019-01-21` - `2020-02-21`	a year	crt.sh
*.s3-us-west-1.amazonaws.com DigiCert Baltimore CA-2 G2	`2018-11-08` - `2019-11-06`	a year	crt.sh
*.apis.google.com Google Internet Authority G3	`2019-04-16` - `2019-07-09`	3 months	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-04-16` - `2019-07-09`	3 months	crt.sh
*.google.com Google Internet Authority G3	`2019-04-16` - `2019-07-09`	3 months	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2018-08-16` - `2019-08-21`	a year	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2019-04-09` - `2019-07-08`	3 months	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2019-04-22` - `2019-06-06`	a month	crt.sh
www.bing.com Microsoft IT TLS CA 5	`2017-07-20` - `2019-07-10`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-03-08` - `2019-06-06`	3 months	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2018-12-24` - `2020-03-24`	a year	crt.sh
*.marketo.com DigiCert SHA2 Secure Server CA	`2018-12-15` - `2020-03-15`	a year	crt.sh
*.doubleclick.net Google Internet Authority G3	`2019-04-16` - `2019-07-09`	3 months	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2019-03-07` - `2020-03-07`	a year	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2018-11-21` - `2019-05-20`	6 months	crt.sh
*.mktoresp.com GeoTrust RSA CA 2018	`2018-02-05` - `2020-02-05`	2 years	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2019-04-09` - `2019-07-08`	3 months	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-01-28` - `2020-01-28`	a year	crt.sh
*.en25.com DigiCert SHA2 Secure Server CA	`2018-04-25` - `2019-07-25`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2018-10-08` - `2019-10-09`	a year	crt.sh
www.google.de Google Internet Authority G3	`2019-04-16` - `2019-07-09`	3 months	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2019-04-09` - `2019-07-08`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
Frame ID: AF21962D38C88175EDA89337777A794C
Requests: 87 HTTP requests in this frame

Frame: https://8034235.fls.doubleclick.net/activityi;dc_pre=CK_gu_GPi-ICFVSIdwodiowLUg;src=8034235;type=remarket;cat=visit0;ord=6944511923092;gtm=2wg430;auiddc=2078893043.1557290686;u1=;u2=https%3A%2F%2Fwww.webroot.com%2Fus%2Fen%2Fresources%2Ftips-articles%2Fwhat-is-phishing;~oref=https%3A%2F%2Fwww.webroot.com%2Fus%2Fen%2Fresources%2Ftips-articles%2Fwhat-is-phishing
Frame ID: E8CAFFFEF1151B117299255FF8FEE316
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-90f3a29ef7448451db5af955688970d7.html
Frame ID: BED12D71B35370CC8BF31C406AE14557
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://go.mercatoradvisorygroup.com/e/38232/iceae-voice-php-mail-0emailurl/bhh56v/805694377/direct%40suncorp.com... HTTP 301
https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing Page URL

Detected technologies

Concrete5 (CMS) Expand

Overall confidence: 100%
Detected patterns

env /^CCM_IMAGE_PATH$/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

env /^CCM_IMAGE_PATH$/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Mustache (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

env /^Mustache$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^google_tag_manager$/i

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /^\/\/static\.hotjar\.com\/c\/hotjar-/i

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

env /^Munchkin$/i

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^moment$/i

YUI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^YAHOO$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Twitter Bootstrap () Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i

Page Statistics

88
Requests

100 %
HTTPS

43 %
IPv6

24
Domains

32
Subdomains

27
IPs

5
Countries

1001 kB
Transfer

3014 kB
Size

16
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://community.webroot.com/t5/Home/ct-p/consumer
Title: Home & Home Office

Search URL Search Domain Scan URL

URL: https://community.webroot.com/t5/Webroot-Business-Community/ct-p/ent0
Title: Business

Search URL Search Domain Scan URL

URL: https://my.webrootanywhere.com/default.asp
Title: My Account

Search URL Search Domain Scan URL

URL: https://community.webroot.com/
Title: Community

Search URL Search Domain Scan URL

URL: http://webroot.tiekinetix.net/portal/Login/tabid/587/language/en-US/Default.aspx?returnurl=%2fportal%2fen-us%2fcompanysettings.aspx
Title: Partner Portal Login

Search URL Search Domain Scan URL

URL: https://www.brightcloud.com/web-service/api-documentation
Title: BrightCloud Documentation

Search URL Search Domain Scan URL

URL: https://www.brightcloud.com/web-service/code-samples
Title: BrightCloud Code Samples

Search URL Search Domain Scan URL

URL: https://bcws.brightcloud.com/dashboard/index.php?route=account/login
Title: BrightCloud Web Services Login

Search URL Search Domain Scan URL

URL: https://www.brightcloud.com/tools/url-ip-lookup.php
Title: URL/IP Lookup

Search URL Search Domain Scan URL

URL: https://www.brightcloud.com/contact
Title: Contact Support

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=cOKG87ViZPs
Title: VIDEO: Working at Webroot

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.webroot.com%2Fus%2Fen%2Fresources%2Ftips-articles%2Fwhat-is-phishing&hashtags=webroot&lang=en

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.webroot.com%2Fus%2Fen%2Fresources%2Ftips-articles%2Fwhat-is-phishing

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.webroot.com%2Fus%2Fen%2Fresources%2Ftips-articles%2Fwhat-is-phishing&source=https%3A%2F%2Fwww.webroot.com%2Fus%2Fen%2F

Search URL Search Domain Scan URL

URL: https://community.webroot.com/t5/Business/ct-p/ent0
Title: Community

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Webroot
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/7434
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/Webroot
Title:

Search URL Search Domain Scan URL

URL: https://community.spiceworks.com/pages/webroot
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/WebrootSoftware?sub_confirmation=1
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://go.mercatoradvisorygroup.com/e/38232/iceae-voice-php-mail-0emailurl/bhh56v/805694377/direct%40suncorp.com.au?h=18BKLzj-bYLLmSuoW_iRc6w_2BruZ_lvXS97HI9W4Aw HTTP 301
https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://www.webroot.com/download_file/view/2363 HTTP 302
https://www-cdn.webroot.com/8215/2288/0828/schwab-email.png

Request Chain 50

https://8034235.fls.doubleclick.net/activityi;src=8034235;type=remarket;cat=visit0;ord=6944511923092;gtm=2wg430;auiddc=2078893043.1557290686;u1=;u2=https%3A%2F%2Fwww.webroot.com%2Fus%2Fen%2Fresources%2Ftips-articles%2Fwhat-is-phishing;~oref=https%3A%2F%2Fwww.webroot.com%2Fus%2Fen%2Fresources%2Ftips-articles%2Fwhat-is-phishing HTTP 302
https://8034235.fls.doubleclick.net/activityi;dc_pre=CK_gu_GPi-ICFVSIdwodiowLUg;src=8034235;type=remarket;cat=visit0;ord=6944511923092;gtm=2wg430;auiddc=2078893043.1557290686;u1=;u2=https%3A%2F%2Fwww.webroot.com%2Fus%2Fen%2Fresources%2Ftips-articles%2Fwhat-is-phishing;~oref=https%3A%2F%2Fwww.webroot.com%2Fus%2Fen%2Fresources%2Ftips-articles%2Fwhat-is-phishing

Request Chain 70

https://platform.twitter.com/oct.js?_=1557290686342 HTTP 301
https://static.ads-twitter.com/oct.js?_=1557290686342

Request Chain 77

https://www.google-analytics.com/r/collect?v=1&_v=j73&a=823235231&t=pageview&_s=1&dl=https%3A%2F%2Fwww.webroot.com%2Fus%2Fen%2Fresources%2Ftips-articles%2Fwhat-is-phishing&dp=%2Fus%2Fen%2Fresources%2Ftips-articles%2Fwhat-is-phishing&ul=en-us&de=UTF-8&dt=What%20is%20a%20Phishing%20Email%20and%20How%20Do%20I%20Spot%20the%20Scam%3F%20%7C%20Webroot&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGBAAAIhB~&jid=552105037&gjid=2110920663&cid=1228071805.1557290688&tid=UA-10678573-1&_gid=936105875.1557290688&_r=1&cd2=99999&z=908430439 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-10678573-1&cid=1228071805.1557290688&jid=552105037&_gid=936105875.1557290688&gjid=2110920663&_v=j73&z=908430439 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10678573-1&cid=1228071805.1557290688&jid=552105037&_v=j73&z=908430439 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10678573-1&cid=1228071805.1557290688&jid=552105037&_v=j73&z=908430439&slf_rd=1&random=1561275352

88 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set what-is-phishing Show response
www.webroot.com/us/en/resources/tips-articles/
Redirect Chain

http://go.mercatoradvisorygroup.com/e/38232/iceae-voice-php-mail-0emailurl/bhh56v/805694377/direct%40suncorp.com.au?h=18BKLzj-bYLLmSuoW_iRc6w_2BruZ_lvXS97HI9W4Aw
https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing

98 KB
16 KB

1485ms
985ms

Document
text/html

69.25.154.83
Internap Corporation

General

Check archive.org

Show headers Download Go to

Full URL

https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.25.154.83 , United States, ASN19024 (INTERNAP-BLK5 - Internap Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

099b412f4eddd7acec4d199e0161a57591a70407415e7132606fe5a7f86c7522

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: www.webroot.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 04:44:44 GMT
Server: Apache
Set-Cookie: SSLB=1; path=/; domain=.webroot.com; expires=Fri, 07-Jun-2019 04:49:43 GMT SSID=CABkxx22AAAAAAC7XtJcUcBBFLte0lwBAAAAAADn7Plcu17SXAAUgHKoAAF2_RQAu17SXAEAWKoAAQ9iFQC7XtJcAQB6pAABnUQUALte0lwBAHOjAAGvCxQAu17SXAEAdqUAAQFwFAC7XtJcAQCPqQAB4i8VALte0lwBAMegAAGAjhMAu17SXAEAmakAAYwwFQC7XtJcAQADowABa_YTALte0lwBAMabAAH-wRIAu17SXAEALqUAA1NkFAC7XtJcAQBdpQABfmkUALte0lwBAJ-iAAF25xMAu17SXAEA; path=/; domain=.webroot.com; expires=Thu, 07-May-2020 04:44:43 GMT SSSC=526.G6688512554190356561.1|39878.1229310:41159.1281664:41631.1304438:41731.1308267:41843.1313711:42106.1328285:42286.1336403:42333.1337726:42358.1339393:43122.1375606:43407.1388514:43417.1388684:43608.1401359; path=/; domain=.webroot.com SSRT=u17SXAABAA; path=/; domain=.webroot.com; expires=Thu, 07-May-2020 04:44:43 GMT CONCRETE5=ihl08la2l010v1fbetbr8cd1d1; path=/; HttpOnly
RTSS: 1-2-81
Cache-Control: private, max-age=0, proxy-revalidate, no-store, no-cache, must-revalidate
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Fri, 09 Nov 2018 03:21:02 GMT
X-Duration: D=689751
X-Client-IP: 185.220.70.222
Content-Type: text/html; charset=UTF-8
Pragma: no-cache
Content-Encoding: gzip
Content-Length: 15409
Keep-Alive: timeout=5, max=250
Connection: Keep-Alive

Redirect headers

Date: Wed, 08 May 2019 04:44:43 GMT
Set-Cookie: pardot=v1631fbp0rn0hkmrjf8mr6vt20; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Location: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
P3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 131
Content-Type: text/html; charset=UTF-8
X-Pardot-Route: 32427ff3465437d362f61c790f7d2406
Server: PardotServer
X-Pardot-LB: 7044ba9c794aba658bc1be2f8b8ad85c
Connection: keep-alive

GET
H/1.1 200
OK CookieConsentHelper.js Show response
www.webroot.com/application/javascript/framework/ 1 KB
1 KB 1268ms
299ms Script
application/javascript 69.25.154.83
Internap Corporation

General

Check archive.org

Show headers Download Go to

Full URL

https://www.webroot.com/application/javascript/framework/CookieConsentHelper.js

Requested by

Host: www.webroot.com
URL: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.25.154.83 , United States, ASN19024 (INTERNAP-BLK5 - Internap Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

9a8e3483ba5e12fb75231b870863b02499625b4f5ad037d254434e1dde93eb81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 04:44:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
RTSS: 1-2-106
Content-Length: 543
X-XSS-Protection: 1; mode=block
X-Client-IP: 185.220.70.222
Last-Modified: Thu, 28 Jun 2018 19:30:19 GMT
Server: Apache
ETag: "434-56fb8c2f428c0-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Vary: Accept-Encoding
Cache-Control: max-age=2592000
Accept-Ranges: bytes
X-Duration: D=526
Keep-Alive: timeout=5, max=248
Expires: Fri, 07 Jun 2019 04:44:46 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
612 B 22ms
16ms Stylesheet
text/css 2a00:1450:4001:817::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:200,300,400,600,700,900

Requested by

Host: www.webroot.com
URL: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

7a972ca8c0344be2ba579527f5183b5fb92b607681c9f665e470c788f4b9fd19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Wed, 08 May 2019 04:44:44 GMT
server: ESF
access-control-allow-origin: *
date: Wed, 08 May 2019 04:44:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Wed, 08 May 2019 04:44:44 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
760 B 22ms
16ms Stylesheet
text/css 2a00:1450:4001:817::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700

Requested by

Host: www.webroot.com
URL: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

e33fe473d0794912bbf3e51c3c6f35b0d23de97d8346392a81346995eff91cfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Wed, 08 May 2019 04:44:44 GMT
server: ESF
access-control-allow-origin: *
date: Wed, 08 May 2019 04:44:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Wed, 08 May 2019 04:44:44 GMT

GET
H/1.1 200
OK webroot.libraries.min.css
www.webroot.com/application/css/libraries/ 292 KB
44 KB 358ms
244ms Stylesheet
text/css 69.25.154.83
Internap Corporation

General

Check archive.org

Show headers Download Go to

Full URL

https://www.webroot.com/application/css/libraries/webroot.libraries.min.css

Requested by

Host: www.webroot.com
URL: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.25.154.83 , United States, ASN19024 (INTERNAP-BLK5 - Internap Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

a694e27004b47e48af71995950cb099127a16d69e861db41f4f8d7356900d229

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 04:44:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
RTSS: 1-2-81
Content-Length: 44422
X-XSS-Protection: 1; mode=block
X-Client-IP: 185.220.70.222
Last-Modified: Thu, 28 Jun 2018 19:30:19 GMT
Server: Apache
ETag: "48e5d-56fb8c2f428c0-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Vary: Accept-Encoding
Cache-Control: max-age=259200
Accept-Ranges: bytes
X-Duration: D=8371
Keep-Alive: timeout=5, max=249
Expires: Sat, 11 May 2019 04:44:45 GMT

GET
H/1.1 200
OK webroot.core.min.css
www.webroot.com/application/css/core/ 5 KB
2 KB 679ms
292ms Stylesheet
text/css 69.25.154.83
Internap Corporation

General

Check archive.org

Show headers Download Go to

Full URL

https://www.webroot.com/application/css/core/webroot.core.min.css

Requested by

Host: www.webroot.com
URL: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.25.154.83 , United States, ASN19024 (INTERNAP-BLK5 - Internap Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

b1bf7411e675831bcdc3721b7f9b35fe3ee987a37a0698434634d66230281021

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 04:44:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
RTSS: 1-2-106
Content-Length: 1309
X-XSS-Protection: 1; mode=block
X-Client-IP: 185.220.70.222
Last-Modified: Tue, 19 Mar 2019 20:30:19 GMT
Server: Apache
ETag: "1320-584785fa2ccc0-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Vary: Accept-Encoding
Cache-Control: max-age=259200
Accept-Ranges: bytes
X-Duration: D=714
Keep-Alive: timeout=5, max=250
Expires: Sat, 11 May 2019 04:44:45 GMT

GET
H/1.1 200
OK webroot.framework.min.css
www.webroot.com/application/css/framework/ 16 KB
4 KB 621ms
230ms Stylesheet
text/css 69.25.154.83
Internap Corporation

General

Check archive.org

Show headers Download Go to

Full URL

https://www.webroot.com/application/css/framework/webroot.framework.min.css

Requested by

Host: www.webroot.com
URL: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.25.154.83 , United States, ASN19024 (INTERNAP-BLK5 - Internap Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

8439f164e5614014d9232ebe206c571c32dd0207fa73e7f4b95b2e66af0110ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 04:44:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
RTSS: 1-2-106
Content-Length: 3155
X-XSS-Protection: 1; mode=block
X-Client-IP: 185.220.70.222
Last-Modified: Wed, 18 Jul 2018 17:15:18 GMT
Server: Apache
ETag: "3f2e-5714934ec3580-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Vary: Accept-Encoding
Cache-Control: max-age=259200
Accept-Ranges: bytes
X-Duration: D=713
Keep-Alive: timeout=5, max=250
Expires: Sat, 11 May 2019 04:44:45 GMT

GET
H/1.1 200
OK webroot.main.min.css
www.webroot.com/application/css/ 2 KB
1 KB 683ms
292ms Stylesheet
text/css 69.25.154.83
Internap Corporation

General

Check archive.org

Show headers Download Go to

Full URL

https://www.webroot.com/application/css/webroot.main.min.css

Requested by

Host: www.webroot.com
URL: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.25.154.83 , United States, ASN19024 (INTERNAP-BLK5 - Internap Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

1a21ae5ca033933b760bf5c22a2ae913c06c8134b2f6b77f72eb4b9198938c0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 04:44:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
RTSS: 1-2-106
Content-Length: 615
X-XSS-Protection: 1; mode=block
X-Client-IP: 185.220.70.222
Last-Modified: Mon, 09 Apr 2018 19:45:28 GMT
Server: Apache
ETag: "719-5696fa5d46600-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Vary: Accept-Encoding
Cache-Control: max-age=259200
Accept-Ranges: bytes
X-Duration: D=757
Keep-Alive: timeout=5, max=250
Expires: Sat, 11 May 2019 04:44:45 GMT

GET
H/1.1 200
OK webroot.business.min.css
www.webroot.com/packages/theme_webroot/themes/webroot_business/css/ 12 KB
3 KB 642ms
236ms Stylesheet
text/css 69.25.154.83
Internap Corporation

General

Check archive.org

Show headers Download Go to

Full URL

https://www.webroot.com/packages/theme_webroot/themes/webroot_business/css/webroot.business.min.css

Requested by

Host: www.webroot.com
URL: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.25.154.83 , United States, ASN19024 (INTERNAP-BLK5 - Internap Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

4dbc96bc726069edef6f919181acc6ef506e738d77506e2477c6f44b0184b167

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 04:44:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
RTSS: 1-2-106
Content-Length: 2759
X-XSS-Protection: 1; mode=block
X-Client-IP: 185.220.70.222
Last-Modified: Tue, 16 Oct 2018 21:45:20 GMT
Server: Apache
ETag: "31da-5785f785adc00-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Vary: Accept-Encoding
Cache-Control: max-age=259200
Accept-Ranges: bytes
X-Duration: D=735
Keep-Alive: timeout=5, max=250
Expires: Sat, 11 May 2019 04:44:45 GMT

GET
H/1.1 200
OK view.min.css
www.webroot.com/application/blocks/social_share_icons/ 387 B
760 B 733ms
305ms Stylesheet
text/css 69.25.154.83
Internap Corporation

General

Check archive.org

Show headers Download Go to

Full URL

https://www.webroot.com/application/blocks/social_share_icons/view.min.css

Requested by

Host: www.webroot.com
URL: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.25.154.83 , United States, ASN19024 (INTERNAP-BLK5 - Internap Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

23401a30e489fdd7a54551ad129c1b2e5eb0654df0095fde62d4ffdbe90149ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 04:44:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
RTSS: 1-2-106
Content-Length: 211
X-XSS-Protection: 1; mode=block
X-Client-IP: 185.220.70.222
Last-Modified: Thu, 08 Nov 2018 18:00:29 GMT
Server: Apache
ETag: "183-57a2b02942940-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Vary: Accept-Encoding
Cache-Control: max-age=259200
Accept-Ranges: bytes
X-Duration: D=509
Keep-Alive: timeout=5, max=250
Expires: Sat, 11 May 2019 04:44:45 GMT

GET
H/1.1 200
OK webroot_resource_manager.css
www.webroot.com/packages/webroot_resource_manager/css/ 6 KB
2 KB 888ms
295ms Stylesheet
text/css 69.25.154.83
Internap Corporation

General

Check archive.org

Show headers Download Go to

Full URL

https://www.webroot.com/packages/webroot_resource_manager/css/webroot_resource_manager.css

Requested by

Host: www.webroot.com
URL: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.25.154.83 , United States, ASN19024 (INTERNAP-BLK5 - Internap Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

de0b1503ddd684f4fcb8bfc3b5705e087e6e8088fb9295d0e6a6f6de54351079

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 04:44:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
RTSS: 1-2-81
Content-Length: 1167
X-XSS-Protection: 1; mode=block
X-Client-IP: 185.220.70.222
Last-Modified: Fri, 30 Mar 2018 17:30:08 GMT
Server: Apache
ETag: "1780-568a4976d4800-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Vary: Accept-Encoding
Cache-Control: max-age=259200
Accept-Ranges: bytes
X-Duration: D=727
Keep-Alive: timeout=5, max=248
Expires: Sat, 11 May 2019 04:44:45 GMT

GET
H/1.1 200
OK jquery.dataTables.min.css
www.webroot.com/packages/webroot_resource_manager/css/vendor/ 14 KB
3 KB 853ms
232ms Stylesheet
text/css 69.25.154.83
Internap Corporation

General

Check archive.org

Show headers Download Go to

Full URL

https://www.webroot.com/packages/webroot_resource_manager/css/vendor/jquery.dataTables.min.css

Requested by

Host: www.webroot.com
URL: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.25.154.83 , United States, ASN19024 (INTERNAP-BLK5 - Internap Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

57a9373976025f88c2d16374ab48d886a110a20410cfc3007904a03b84caab62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 04:44:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
RTSS: 1-2-106
Content-Length: 2106
X-XSS-Protection: 1; mode=block
X-Client-IP: 185.220.70.222
Last-Modified: Tue, 27 Feb 2018 20:45:08 GMT
Server: Apache
ETag: "364b-56637b3b87d00-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Vary: Accept-Encoding
Cache-Control: max-age=259200
Accept-Ranges: bytes
X-Duration: D=597
Keep-Alive: timeout=5, max=249
Expires: Sat, 11 May 2019 04:44:45 GMT

GET
H/1.1 200
OK dataTables.bootstrap.min.css
www.webroot.com/packages/webroot_resource_manager/css/vendor/ 4 KB
1 KB 965ms
301ms Stylesheet
text/css 69.25.154.83
Internap Corporation

General

Check archive.org

Show headers Download Go to

Full URL

https://www.webroot.com/packages/webroot_resource_manager/css/vendor/dataTables.bootstrap.min.css

Requested by

Host: www.webroot.com
URL: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.25.154.83 , United States, ASN19024 (INTERNAP-BLK5 - Internap Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

ecc5c7ae5698fab611d69e2378b236ded82251a9905729b61569a252392c1437

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 04:44:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
RTSS: 1-2-106
Content-Length: 942
X-XSS-Protection: 1; mode=block
X-Client-IP: 185.220.70.222
Last-Modified: Tue, 27 Feb 2018 20:45:08 GMT
Server: Apache
ETag: "1078-56637b3b87d00-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Vary: Accept-Encoding
Cache-Control: max-age=259200
Accept-Ranges: bytes
X-Duration: D=540
Keep-Alive: timeout=5, max=249
Expires: Sat, 11 May 2019 04:44:45 GMT

GET
H/1.1 200
OK dataTables.fontAwesome.css
www.webroot.com/packages/webroot_resource_manager/css/vendor/ 3 KB
1 KB 966ms
288ms Stylesheet
text/css 69.25.154.83
Internap Corporation

General

Check archive.org

Show headers Download Go to

Full URL

https://www.webroot.com/packages/webroot_resource_manager/css/vendor/dataTables.fontAwesome.css

Requested by

Host: www.webroot.com
URL: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.25.154.83 , United States, ASN19024 (INTERNAP-BLK5 - Internap Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

1312655859bfabbe6015291300f89771b4e6bc339d537e6dee471c78d92367e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 04:44:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
RTSS: 1-2-106
Content-Length: 752
X-XSS-Protection: 1; mode=block
X-Client-IP: 185.220.70.222
Last-Modified: Tue, 27 Feb 2018 20:45:08 GMT
Server: Apache
ETag: "d22-56637b3b87d00-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Vary: Accept-Encoding
Cache-Control: max-age=259200
Accept-Ranges: bytes
X-Duration: D=513
Keep-Alive: timeout=5, max=249
Expires: Sat, 11 May 2019 04:44:45 GMT

GET
H/1.1 200
OK view.min.css
www.webroot.com/application/blocks/heading/ 2 KB
920 B 972ms
290ms Stylesheet
text/css 69.25.154.83
Internap Corporation

General

Check archive.org

Show headers Download Go to

Full URL

https://www.webroot.com/application/blocks/heading/view.min.css

Requested by

Host: www.webroot.com
URL: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.25.154.83 , United States, ASN19024 (INTERNAP-BLK5 - Internap Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

632a028ee7dd17407ae946a2f87938d0c73bf59a4aa8a89d02088b916956a4f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 04:44:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
RTSS: 1-2-106
Content-Length: 371
X-XSS-Protection: 1; mode=block
X-Client-IP: 185.220.70.222
Last-Modified: Mon, 15 May 2017 14:15:18 GMT
Server: Apache
ETag: "610-54f90af456980-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Vary: Accept-Encoding
Cache-Control: max-age=259200
Accept-Ranges: bytes
X-Duration: D=356
Keep-Alive: timeout=5, max=249
Expires: Sat, 11 May 2019 04:44:45 GMT

GET
H/1.1 200
OK jquery.min.js Show response
www.webroot.com/application/javascript/libraries/jquery/ 84 KB
30 KB 1197ms
230ms Script
application/javascript 69.25.154.83
Internap Corporation

General

Check archive.org

Show headers Download Go to

Full URL

https://www.webroot.com/application/javascript/libraries/jquery/jquery.min.js

Requested by

Host: www.webroot.com
URL: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.25.154.83 , United States, ASN19024 (INTERNAP-BLK5 - Internap Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 04:44:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
RTSS: 1-2-106
Content-Length: 29822
X-XSS-Protection: 1; mode=block
X-Client-IP: 185.220.70.222
Last-Modified: Thu, 23 Feb 2017 20:34:49 GMT
Server: Apache
ETag: "14e4a-549388b61ec40-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Vary: Accept-Encoding
Cache-Control: max-age=2592000
Accept-Ranges: bytes
X-Duration: D=4711
Keep-Alive: timeout=5, max=248
Expires: Fri, 07 Jun 2019 04:44:46 GMT

GET
H/1.1 200
OK view.min.css
www.webroot.com/application/blocks/header_corporate/ 14 KB
4 KB 977ms
245ms Stylesheet
text/css 69.25.154.83
Internap Corporation

General

Check archive.org

Show headers Download Go to

Full URL

https://www.webroot.com/application/blocks/header_corporate/view.min.css

Requested by

Host: www.webroot.com
URL: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.25.154.83 , United States, ASN19024 (INTERNAP-BLK5 - Internap Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

01474ed2ca3ab19aa5470bb5966745b9219345c84961e02e518f40566a0be545

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 04:44:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
RTSS: 1-2-106
Content-Length: 3067
X-XSS-Protection: 1; mode=block
X-Client-IP: 185.220.70.222
Last-Modified: Fri, 01 Jun 2018 16:00:18 GMT
Server: Apache
ETag: "38b1-56d96ae290880-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Vary: Accept-Encoding
Cache-Control: max-age=259200
Accept-Ranges: bytes
X-Duration: D=776
Keep-Alive: timeout=5, max=249
Expires: Sat, 11 May 2019 04:44:45 GMT

GET
H/1.1 200
OK view.min.css
www.webroot.com/application/blocks/header_universal/ 15 KB
4 KB 1104ms
230ms Stylesheet
text/css 69.25.154.83
Internap Corporation

General

Check archive.org

Show headers Download Go to

Full URL

https://www.webroot.com/application/blocks/header_universal/view.min.css

Requested by

Host: www.webroot.com
URL: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.25.154.83 , United States, ASN19024 (INTERNAP-BLK5 - Internap Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

4421d8a29a6be8966ef3aa0dddc4f3f661fa795b5ed326aeb67d565bfdcb2aef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 04:44:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
RTSS: 1-2-106
Content-Length: 3151
X-XSS-Protection: 1; mode=block
X-Client-IP: 185.220.70.222
Last-Modified: Thu, 14 Mar 2019 21:15:39 GMT
Server: Apache
ETag: "3ad2-584146c8dd4c0-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Vary: Accept-Encoding
Cache-Control: max-age=259200
Accept-Ranges: bytes
X-Duration: D=846
Keep-Alive: timeout=5, max=248
Expires: Sat, 11 May 2019 04:44:45 GMT

GET
H/1.1 200
OK view.min.css
www.webroot.com/application/blocks/footer_business/ 8 KB
2 KB 1143ms
255ms Stylesheet
text/css 69.25.154.83
Internap Corporation

General

Check archive.org

Show headers Download Go to

Full URL

https://www.webroot.com/application/blocks/footer_business/view.min.css

Requested by

Host: www.webroot.com
URL: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.25.154.83 , United States, ASN19024 (INTERNAP-BLK5 - Internap Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

99d96f56766c694b4b0b851c67e1b8c5dc1cbd080cd1cca841bda87d28406727

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 04:44:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
RTSS: 1-2-81
Content-Length: 1682
X-XSS-Protection: 1; mode=block
X-Client-IP: 185.220.70.222
Last-Modified: Tue, 21 Aug 2018 19:45:08 GMT
Server: Apache
ETag: "20c3-573f7435f7900-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Vary: Accept-Encoding
Cache-Control: max-age=259200
Accept-Ranges: bytes
X-Duration: D=549
Keep-Alive: timeout=5, max=247
Expires: Sat, 11 May 2019 04:44:45 GMT

GET
H/1.1 200
OK core.js+ssdomvar.js+generic-adapter.js Show response
www.webroot.com/__ssobj/ 15 KB
6 KB 1090ms
119ms Script
application/javascript 69.25.154.83
Internap Corporation

General

Check archive.org

Show headers Download Go to

Full URL: https://www.webroot.com/__ssobj/core.js+ssdomvar.js+generic-adapter.js
Requested by: Host: www.webroot.com
URL: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.25.154.83 , United States, ASN19024 (INTERNAP-BLK5 - Internap Corporation, US),
Reverse DNS
Software: Apache /
Resource Hash: 7e27f222ece41004b3c4a5c9432715c22e1622a306fded6e389290ed6c9f5367

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 04:44:45 GMT
Content-Encoding: gzip
Last-Modified: Sun, 28 Apr 2019 00:00:00 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
SBSS: 1
Connection: Keep-Alive
Accept-Ranges: bytes
RTSS: 1-2-106
Content-Length: 5481
Keep-Alive: timeout=5, max=248
Expires: Thu, 09 May 2019 04:44:45 GMT

GET
H2 200 webroot-logo-corporate.svg
www-cdn.webroot.com/6114/9987/6454/ 14 KB
5 KB 110ms
15ms Image
image/svg+xml 143.204.214.98
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www-cdn.webroot.com/6114/9987/6454/webroot-logo-corporate.svg
Requested by: Host: www.webroot.com
URL: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.98 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-214-98.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1a91e0a02f091ba91cd4ed3ac451b81b5ac81cd2d4e9f004e730a539c64627fb

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 06 May 2019 10:53:09 GMT
content-encoding: gzip
last-modified: Wed, 28 Feb 2018 16:17:41 GMT
server: AmazonS3
age: 150697
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
status: 200
cache-control: max-age=259200
x-amz-cf-id: Fh0BL_IrkJziXAMlMr7ME-JbWJfxs5f4G4HUhF5SMW1rxecN3xpzbQ==
via: 1.1 befe3b8553d90339ecf78e5d7cefa60b.cloudfront.net (CloudFront)

GET
H/1.1 200
OK ard.png Show response
www.webroot.com/__ssobj/ 0
488 B 1108ms
132ms Script
text/javascript 69.25.154.83
Internap Corporation

General

Check archive.org

Show headers Download Go to

Full URL: https://www.webroot.com/__ssobj/ard.png?6688512554190356561_1-526-1557290683&n=1
Requested by: Host: www.webroot.com
URL: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.25.154.83 , United States, ASN19024 (INTERNAP-BLK5 - Internap Corporation, US),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 May 2019 04:44:45 GMT
Last-Modified: Wed, 31 Oct 2018 06:24:43 GMT
Server: Apache
Content-Type: text/javascript
Cache-Control: private, no-store, no-cache, max-age=0, must-revalidate, proxy-revalidate
SBSS: 1
Connection: Keep-Alive
Accept-Ranges: bytes
RTSS: 1-2-106
Content-Length: 0
Keep-Alive: timeout=5, max=248
Expires: -1

GET
H2

200

schwab-email.png
www-cdn.webroot.com/8215/2288/0828/
Redirect Chain

https://www.webroot.com/download_file/view/2363
https://www-cdn.webroot.com/8215/2288/0828/schwab-email.png

153 KB
154 KB

830ms
829ms

Image
image/png

143.204.214.98
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www-cdn.webroot.com/8215/2288/0828/schwab-email.png
Requested by: Host: www.webroot.com
URL: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.98 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-214-98.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 91957278207e69a228b931311ff6c48930aa1c9bdac7389c29516b6b0364e819

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 08 May 2019 04:44:48 GMT
via: 1.1 befe3b8553d90339ecf78e5d7cefa60b.cloudfront.net (CloudFront)
last-modified: Thu, 27 Sep 2018 14:23:10 GMT
server: AmazonS3
etag: "f43d54396aaf0df3eab332fa63de879e"
x-cache: Miss from cloudfront
content-type: image/png
status: 200
cache-control: max-age=259200
accept-ranges: bytes
content-length: 156909
x-amz-cf-id: TGzNrvTVH2b-2t1eOGiIOPBQoBbOb8klzJXzNP3M_sNWrW609Xjhag==

Redirect headers

Date: Wed, 08 May 2019 04:44:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
RTSS: 1-2-106
Content-Length: 362
X-XSS-Protection: 1; mode=block
X-Client-IP: 185.220.70.222
Pragma: no-cache
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Location: https://www-cdn.webroot.com/8215/2288/0828/schwab-email.png
Vary: Accept-Encoding
Cache-Control: private, max-age=0, proxy-revalidate, no-store, no-cache, must-revalidate
X-Duration: D=328254
Keep-Alive: timeout=5, max=247
Expires: Fri, 09 Nov 2018 03:20:26 GMT

GET
H/1.1 200
OK webroot-logo-simple-white.svg
webroot-cms-cdn.s3-us-west-1.amazonaws.com/9214/9987/6675/ 6 KB
6 KB 797ms
181ms Image
image/svg+xml 52.219.20.32
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webroot-cms-cdn.s3-us-west-1.amazonaws.com/9214/9987/6675/webroot-logo-simple-white.svg
Requested by: Host: www.webroot.com
URL: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.20.32 San Jose, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-us-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 29a3a6eff9a38e93e4f6d8a54916ab4676871317295abe962346569cec18dbee

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 04:44:46 GMT
Last-Modified: Wed, 12 Jul 2017 16:24:36 GMT
Server: AmazonS3
x-amz-request-id: A852813A1EDDDF76
ETag: "0694450d7464f15e507fef0792995e72"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 6107
x-amz-id-2: GS7Az+MGNdrZ30COgMmiBrGC5oSv1ZzpLQAMAC/ui7Ls4YZOrHKVBnQgIWPcPV69lIrxhtc6UgE=

GET
H/1.1 200
OK webroot.min.js Show response
www.webroot.com/application/javascript/ 448 KB
126 KB 252ms
252ms Script
application/javascript 69.25.154.83
Internap Corporation

General

Check archive.org

Show headers Download Go to

Full URL

https://www.webroot.com/application/javascript/webroot.min.js

Requested by

Host: www.webroot.com
URL: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.25.154.83 , United States, ASN19024 (INTERNAP-BLK5 - Internap Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

f9eb7ee77bd006e64c1e9d3e52cf0e5942786e2327a5c9d8911c1458c6bf7811

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 04:44:47 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: Keep-Alive
RTSS: 1-2-106
X-XSS-Protection: 1; mode=block
X-Client-IP: 185.220.70.222
Last-Modified: Wed, 24 Apr 2019 21:15:39 GMT
Server: Apache
ETag: "7013f-5874d340c34c0-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Vary: Accept-Encoding
Cache-Control: max-age=2592000
Accept-Ranges: bytes
X-Duration: D=9983
Keep-Alive: timeout=5, max=245
Expires: Fri, 07 Jun 2019 04:44:47 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 43 KB
17 KB 32ms
30ms Script
application/javascript 2a00:1450:4001:819::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: www.webroot.com
URL: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

a94bc012ed791638c8756d4555a099062b71e9aa7b7fda7a7c31df841e4462fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 08 May 2019 04:44:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: script-src 'report-sample' 'nonce-0Zp1Ss0uFTYTn6q/IYVmEA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
strict-transport-security: max-age=31536000
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "5656084779af01d8281c95a9fd7bc7f2"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin: *
expires: Wed, 08 May 2019 04:44:46 GMT

GET
H/1.1 200
OK jquery.dataTables.min.js Show response
www.webroot.com/packages/webroot_resource_manager/js/vendor/ 80 KB
28 KB 235ms
235ms Script
application/javascript 69.25.154.83
Internap Corporation

General

Check archive.org

Show headers Download Go to

Full URL

https://www.webroot.com/packages/webroot_resource_manager/js/vendor/jquery.dataTables.min.js

Requested by

Host: www.webroot.com
URL: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.25.154.83 , United States, ASN19024 (INTERNAP-BLK5 - Internap Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

85f678146ae3adb9ff438e5dacc864d5a9fac03eecf2cc957bb7849550adf076

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 04:44:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
RTSS: 1-2-106
Content-Length: 27842
X-XSS-Protection: 1; mode=block
X-Client-IP: 185.220.70.222
Last-Modified: Tue, 27 Feb 2018 20:45:08 GMT
Server: Apache
ETag: "13ff1-56637b3b87d00-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Vary: Accept-Encoding
Cache-Control: max-age=2592000
Accept-Ranges: bytes
X-Duration: D=4501
Keep-Alive: timeout=5, max=247
Expires: Fri, 07 Jun 2019 04:44:46 GMT

GET
H/1.1 200
OK dataTables.bootstrap.min.js Show response
www.webroot.com/packages/webroot_resource_manager/js/vendor/ 2 KB
2 KB 293ms
290ms Script
application/javascript 69.25.154.83
Internap Corporation

General

Check archive.org

Show headers Download Go to

Full URL

https://www.webroot.com/packages/webroot_resource_manager/js/vendor/dataTables.bootstrap.min.js

Requested by

Host: www.webroot.com
URL: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.25.154.83 , United States, ASN19024 (INTERNAP-BLK5 - Internap Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

f7462a9c7a26e23f0e85c110832508d888661984c13b9e0075c7f7603654f713

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 04:44:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
RTSS: 1-2-106
Content-Length: 1058
X-XSS-Protection: 1; mode=block
X-Client-IP: 185.220.70.222
Last-Modified: Tue, 27 Feb 2018 20:45:08 GMT
Server: Apache
ETag: "7a8-56637b3b87d00-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Vary: Accept-Encoding
Cache-Control: max-age=2592000
Accept-Ranges: bytes
X-Duration: D=537
Keep-Alive: timeout=5, max=247
Expires: Fri, 07 Jun 2019 04:44:46 GMT

GET
H/1.1 200
OK moment.min.js Show response
www.webroot.com/packages/webroot_resource_manager/js/vendor/ 57 KB
20 KB 240ms
238ms Script
application/javascript 69.25.154.83
Internap Corporation

General

Check archive.org

Show headers Download Go to

Full URL

https://www.webroot.com/packages/webroot_resource_manager/js/vendor/moment.min.js

Requested by

Host: www.webroot.com
URL: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.25.154.83 , United States, ASN19024 (INTERNAP-BLK5 - Internap Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

0defdc819a00920beaa312fdc89a49ccf1f2a335044c59d2bfb11019f416438a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 04:44:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
RTSS: 1-2-106
Content-Length: 20226
X-XSS-Protection: 1; mode=block
X-Client-IP: 185.220.70.222
Last-Modified: Tue, 27 Feb 2018 20:45:08 GMT
Server: Apache
ETag: "e53e-56637b3b87d00-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Vary: Accept-Encoding
Cache-Control: max-age=2592000
Accept-Ranges: bytes
X-Duration: D=3209
Keep-Alive: timeout=5, max=247
Expires: Fri, 07 Jun 2019 04:44:46 GMT

GET
H/1.1 200
OK webroot_resource_manager.index.web.js Show response
www.webroot.com/packages/webroot_resource_manager/js/ 4 KB
2 KB 297ms
294ms Script
application/javascript 69.25.154.83
Internap Corporation

General

Check archive.org

Show headers Download Go to

Full URL

https://www.webroot.com/packages/webroot_resource_manager/js/webroot_resource_manager.index.web.js

Requested by

Host: www.webroot.com
URL: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.25.154.83 , United States, ASN19024 (INTERNAP-BLK5 - Internap Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

34e15c93e89c4ad470214b034b8fd7657449bcdb56f4a25de75f691b8b33d77d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 04:44:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
RTSS: 1-2-81
Content-Length: 1203
X-XSS-Protection: 1; mode=block
X-Client-IP: 185.220.70.222
Last-Modified: Tue, 19 Jun 2018 16:00:29 GMT
Server: Apache
ETag: "e6a-56f00c7f5a140-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Vary: Accept-Encoding
Cache-Control: max-age=2592000
Accept-Ranges: bytes
X-Duration: D=637
Keep-Alive: timeout=5, max=246
Expires: Fri, 07 Jun 2019 04:44:46 GMT

GET
H/1.1 200
OK view.min.js Show response
www.webroot.com/application/blocks/social_share_icons/ 295 B
816 B 304ms
302ms Script
application/javascript 69.25.154.83
Internap Corporation

General

Check archive.org

Show headers Download Go to

Full URL

https://www.webroot.com/application/blocks/social_share_icons/view.min.js

Requested by

Host: www.webroot.com
URL: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.25.154.83 , United States, ASN19024 (INTERNAP-BLK5 - Internap Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

200fe8fd3d1ddf6454f7f90fe14c00093984a5509fabe65da8801689d44efb86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 04:44:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
RTSS: 1-2-106
Content-Length: 252
X-XSS-Protection: 1; mode=block
X-Client-IP: 185.220.70.222
Last-Modified: Wed, 09 May 2018 21:30:08 GMT
Server: Apache
ETag: "127-56bcc9b62d800-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Vary: Accept-Encoding
Cache-Control: max-age=2592000
Accept-Ranges: bytes
X-Duration: D=461
Keep-Alive: timeout=5, max=247
Expires: Fri, 07 Jun 2019 04:44:46 GMT

GET
H/1.1 200
OK mustache.min.js Show response
www.webroot.com/packages/webroot_resource_manager/js/vendor/ 9 KB
3 KB 244ms
243ms Script
application/javascript 69.25.154.83
Internap Corporation

General

Check archive.org

Show headers Download Go to

Full URL

https://www.webroot.com/packages/webroot_resource_manager/js/vendor/mustache.min.js

Requested by

Host: www.webroot.com
URL: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.25.154.83 , United States, ASN19024 (INTERNAP-BLK5 - Internap Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

3258bb61f5b69f33076dd0c91e13ddd2c7fe771882adff9345e90d4ab7c32426

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 04:44:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
RTSS: 1-2-106
Content-Length: 2808
X-XSS-Protection: 1; mode=block
X-Client-IP: 185.220.70.222
Last-Modified: Tue, 27 Feb 2018 20:45:08 GMT
Server: Apache
ETag: "2528-56637b3b87d00-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Vary: Accept-Encoding
Cache-Control: max-age=2592000
Accept-Ranges: bytes
X-Duration: D=835
Keep-Alive: timeout=5, max=246
Expires: Fri, 07 Jun 2019 04:44:46 GMT

GET
H/1.1 200
OK view.min.js Show response
www.webroot.com/application/blocks/header_corporate/ 934 B
1 KB 299ms
298ms Script
application/javascript 69.25.154.83
Internap Corporation

General

Check archive.org

Show headers Download Go to

Full URL

https://www.webroot.com/application/blocks/header_corporate/view.min.js

Requested by

Host: www.webroot.com
URL: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.25.154.83 , United States, ASN19024 (INTERNAP-BLK5 - Internap Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

817f218dd4fd9878e8e610e882535cbcb50e6923643c56413848ce9614ffff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 04:44:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
RTSS: 1-2-106
Content-Length: 543
X-XSS-Protection: 1; mode=block
X-Client-IP: 185.220.70.222
Last-Modified: Thu, 05 Apr 2018 15:00:18 GMT
Server: Apache
ETag: "3a6-5691b32a10480-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Vary: Accept-Encoding
Cache-Control: max-age=2592000
Accept-Ranges: bytes
X-Duration: D=598
Keep-Alive: timeout=5, max=246
Expires: Fri, 07 Jun 2019 04:44:46 GMT

GET
H/1.1 200
OK view.min.js Show response
www.webroot.com/application/blocks/header_universal/ 933 B
1 KB 293ms
292ms Script
application/javascript 69.25.154.83
Internap Corporation

General

Check archive.org

Show headers Download Go to

Full URL

https://www.webroot.com/application/blocks/header_universal/view.min.js

Requested by

Host: www.webroot.com
URL: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.25.154.83 , United States, ASN19024 (INTERNAP-BLK5 - Internap Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

fc41dadc589073682050d5057ca3166f99dc57b09ba5e3be872f7475ee7ee9da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 04:44:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
RTSS: 1-2-81
Content-Length: 545
X-XSS-Protection: 1; mode=block
X-Client-IP: 185.220.70.222
Last-Modified: Thu, 14 Mar 2019 21:15:39 GMT
Server: Apache
ETag: "3a5-584146c8dd4c0-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Vary: Accept-Encoding
Cache-Control: max-age=2592000
Accept-Ranges: bytes
X-Duration: D=532
Keep-Alive: timeout=5, max=244
Expires: Fri, 07 Jun 2019 04:44:46 GMT

GET
H/1.1 200
OK view.min.js Show response
www.webroot.com/application/blocks/footer_business/ 465 B
877 B 292ms
291ms Script
application/javascript 69.25.154.83
Internap Corporation

General

Check archive.org

Show headers Download Go to

Full URL

https://www.webroot.com/application/blocks/footer_business/view.min.js

Requested by

Host: www.webroot.com
URL: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.25.154.83 , United States, ASN19024 (INTERNAP-BLK5 - Internap Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

1f7f952cabbb5baf2c16260117fc909415f1f458744b3aa590e7b2498d811503

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 04:44:47 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
RTSS: 1-2-106
Content-Length: 313
X-XSS-Protection: 1; mode=block
X-Client-IP: 185.220.70.222
Last-Modified: Mon, 05 Mar 2018 16:00:28 GMT
Server: Apache
ETag: "1d1-566ac6cb89f00-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Vary: Accept-Encoding
Cache-Control: max-age=2592000
Accept-Ranges: bytes
X-Duration: D=556
Keep-Alive: timeout=5, max=245
Expires: Fri, 07 Jun 2019 04:44:47 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 227 KB
40 KB 19ms
17ms Script
application/javascript 2a00:1450:4001:81a::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NPDZV9

Requested by

Host: www.webroot.com
URL: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

26bbb55a86ad6edc61558972cd15a3aedca0d7ff63442df4618d1beaab04bbdf

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 08 May 2019 04:44:46 GMT
content-encoding: br
last-modified: Wed, 08 May 2019 01:24:50 GMT
server: Google Tag Manager (scaffolding)
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 40548
x-xss-protection: 0
expires: Wed, 08 May 2019 04:44:46 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Font
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0be47b23e82b69080ab149aefc5d747a8c9fb90d4f6d5e2d986e12b97d3ef1c5

Request headers

Origin: https://www.webroot.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: text/plain;charset=US-ASCII

GET
H/1.1 200
OK flag-sprite.png
www.webroot.com/application/css/less/blocks/headers/ 8 KB
8 KB 468ms
227ms Image
image/png 69.25.154.83
Internap Corporation

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.webroot.com/application/css/less/blocks/headers/flag-sprite.png

Requested by

Host: www.webroot.com
URL: https://www.webroot.com/application/javascript/libraries/jquery/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.25.154.83 , United States, ASN19024 (INTERNAP-BLK5 - Internap Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

e63541c9892f69940d2ce694692ffb7d9200eb0cf3ef90b604c21cde5369b23a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.webroot.com/application/blocks/header_corporate/view.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 04:44:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
RTSS: 1-2-106
Content-Length: 7906
X-XSS-Protection: 1; mode=block
X-Client-IP: 185.220.70.222
Last-Modified: Mon, 27 Aug 2018 15:45:29 GMT
Server: Apache
ETag: "1f00-5746c9d5d9840-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Vary: Accept-Encoding
Cache-Control: max-age=2592000
Accept-Ranges: bytes
X-Duration: D=1109
Keep-Alive: timeout=5, max=246
Expires: Fri, 07 Jun 2019 04:44:46 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v16/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:81e::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v16/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: www.webroot.com
URL: https://www.webroot.com/application/javascript/libraries/jquery/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Origin: https://www.webroot.com

Response headers

date: Mon, 25 Mar 2019 20:19:31 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:10:29 GMT
server: sffe
age: 3745515
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9132
x-xss-protection: 1; mode=block
expires: Tue, 24 Mar 2020 20:19:31 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v16/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:81e::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v16/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: www.webroot.com
URL: https://www.webroot.com/application/javascript/libraries/jquery/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Origin: https://www.webroot.com

Response headers

date: Mon, 25 Mar 2019 20:19:50 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:12:28 GMT
server: sffe
age: 3745496
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9080
x-xss-protection: 1; mode=block
expires: Tue, 24 Mar 2020 20:19:50 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
www.webroot.com/application/fonts/ 70 KB
71 KB 333ms
232ms Font
application/x-troff-man 69.25.154.83
Internap Corporation

General

Check archive.org

Show headers Download Go to

Full URL

https://www.webroot.com/application/fonts/fontawesome-webfont.woff2?v=4.6.3

Requested by

Host: www.webroot.com
URL: https://www.webroot.com/application/javascript/libraries/jquery/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.25.154.83 , United States, ASN19024 (INTERNAP-BLK5 - Internap Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.webroot.com/application/css/libraries/webroot.libraries.min.css
Origin: https://www.webroot.com

Response headers

Date: Wed, 08 May 2019 04:44:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: Keep-Alive
RTSS: 1-2-106
X-XSS-Protection: 1; mode=block
X-Client-IP: 185.220.70.222
Last-Modified: Wed, 21 Sep 2016 14:45:08 GMT
Server: Apache
ETag: "118d8-53d05976a2500"
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-troff-man
Vary: Accept-Encoding
Cache-Control: max-age=172800
Accept-Ranges: bytes
X-Duration: D=508
Keep-Alive: timeout=5, max=246
Expires: Fri, 10 May 2019 04:44:46 GMT

GET
H2 200 NaPDcZTIAOhVxoMyOr9n_E7ffBzCGItzY5abuWI.woff2
fonts.gstatic.com/s/titilliumweb/v7/ 12 KB
12 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81e::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v7/NaPDcZTIAOhVxoMyOr9n_E7ffBzCGItzY5abuWI.woff2

Requested by

Host: www.webroot.com
URL: https://www.webroot.com/application/javascript/libraries/jquery/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8658dcad983dacbb3bca7bc8217fd0b75f28df85bf9259bd0dccf69e58cb0ecd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Titillium+Web:200,300,400,600,700,900
Origin: https://www.webroot.com

Response headers

date: Sat, 09 Mar 2019 04:16:21 GMT
x-content-type-options: nosniff
last-modified: Tue, 19 Feb 2019 22:22:31 GMT
server: sffe
age: 5185705
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 12276
x-xss-protection: 1; mode=block
expires: Sun, 08 Mar 2020 04:16:21 GMT

GET
H2 200 NaPDcZTIAOhVxoMyOr9n_E7ffAzHGItzY5abuWI.woff2
fonts.gstatic.com/s/titilliumweb/v7/ 12 KB
12 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:81e::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v7/NaPDcZTIAOhVxoMyOr9n_E7ffAzHGItzY5abuWI.woff2

Requested by

Host: www.webroot.com
URL: https://www.webroot.com/application/javascript/libraries/jquery/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

f17a340f0388383e8d2a70632006d51e5d0e95f60f1cca3f774bd78b5d3dcd07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Titillium+Web:200,300,400,600,700,900
Origin: https://www.webroot.com

Response headers

date: Fri, 08 Mar 2019 23:31:50 GMT
x-content-type-options: nosniff
last-modified: Tue, 19 Feb 2019 22:23:16 GMT
server: sffe
age: 5202776
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 12260
x-xss-protection: 1; mode=block
expires: Sat, 07 Mar 2020 23:31:50 GMT

GET
H2 200 NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzY5abuWI.woff2
fonts.gstatic.com/s/titilliumweb/v7/ 11 KB
12 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:81e::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v7/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzY5abuWI.woff2

Requested by

Host: www.webroot.com
URL: https://www.webroot.com/application/javascript/libraries/jquery/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

cd6f4900abc2da200ad96c75852facfd8872610ce9dd259acf3cc82507490dd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Titillium+Web:200,300,400,600,700,900
Origin: https://www.webroot.com

Response headers

date: Sat, 09 Mar 2019 04:40:35 GMT
x-content-type-options: nosniff
last-modified: Tue, 19 Feb 2019 22:23:30 GMT
server: sffe
age: 5184251
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11744
x-xss-protection: 1; mode=block
expires: Sun, 08 Mar 2020 04:40:35 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 23ms
23ms Script
application/javascript 151.101.120.157
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPDZV9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.120.157 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 08 May 2019 04:44:46 GMT
content-encoding: gzip
age: 45422
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1954
x-served-by: cache-cdg20750-CDG
last-modified: Tue, 23 Jan 2018 19:05:33 GMT
x-timer: S1557290686.469376,VS0,VE0
etag: "b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

GET
H2 200 hotjar-437177.js Show response
static.hotjar.com/c/ 30 KB
5 KB 176ms
108ms Script
application/javascript 147.75.83.1
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-437177.js?sv=5

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPDZV9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.83.1 , Switzerland, ASN54825 (PACKET - Packet Host, Inc., US),

Reverse DNS

pkt-ams-k1-23

Software

openresty /

Resource Hash

ac199c94238f4c76544e155e5ef21d243429b35631584c9e6cef574b99a70569

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 08 May 2019 04:44:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript
section-io-tag: hotjar
age: 0
status: 200
access-control-max-age: 600
section-io-cache: Miss
x-cache-hit: 1
server: openresty
x-frame-options: SAMEORIGIN
etag: W/c2013b8d8560c242a14310c5ed34eee3
vary: Accept-Encoding
section-io-origin-status: 200
access-control-allow-origin: *
cache-control: max-age=60
section-io-origin-time-seconds: 0.069
accept-ranges: bytes
section-io-id: ed40505365888ebca771b1137c5973b8

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
4 KB 42ms
41ms Script
application/javascript 2a00:1288:7c:800::4001
YAHOO-ULS

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: www.webroot.com
URL: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

2a00:1288:7c:800::4001 , United Kingdom, ASN43428 (YAHOO-ULS, GB),

Reverse DNS

Software

ATS /

Resource Hash

bd999047408eaf20ae15ab916d344330d118fa72b0703fa1784deb648d36bb7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 08 May 2019 04:44:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
status: 200
vary: Accept-Encoding
content-length: 4111
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 18 Oct 2018 11:10:56 GMT
server: ATS
x-frame-options: DENY
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
content-type: application/javascript
public-key-pins-report-only: max-age=2592000; pin-sha256="2fRAUXyxl4A1/XHrKNBmc8bTkzA7y4FB/GLJuNAzCqY="; pin-sha256="I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o="; pin-sha256="Wd8xe/qfTwq3ylFNd3IpaqLHZbh2ZNCLluVzmeNkcpw="; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="i7WTqTvh0OioIruIfFR4kMPnBqrS2rdiVPl/s2uC/CY="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="uUwZgwDOxcBXrQcntwu+kYFpkiVkOaezL0WYEZ3anJc="; pin-sha256="dolnbtzEBnELx/9lOEQ22e6OZO/QNb6VSSX2XHA3E7A="; includeSubdomains; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-hpkp-report-only"
accept-ranges: bytes

GET
H2 200 bat.js Show response
bat.bing.com/ 22 KB
7 KB 85ms
47ms Script
application/javascript 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.webroot.com
URL: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: 06768ff08a78f24b60973b047561141c4413864fa2d3ac9292fb0b217a81f917

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 08 May 2019 04:44:46 GMT
content-encoding: gzip
last-modified: Fri, 08 Mar 2019 01:08:18 GMT
x-msedge-ref: Ref A: 16C8838CF9F6498BB72A0C22CF8CA36F Ref B: VIEEDGE0821 Ref C: 2019-05-08T04:44:46Z
access-control-allow-origin: *
etag: "0ed1a6a4bd5d41:0"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 7002

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 53 KB
15 KB 45ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.webroot.com
URL: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

fa59b1ed1b011e084474ad818b5f6986d84fc678e2f37fee9330eb52d86860b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 15397
x-xss-protection: 0
pragma: public
x-fb-debug: 1ug62XVFw7t4zNzJA2u1HP6neKcBoJQLdFu7M8gIFAhzOjv9v5fSbK6ROUiP6ZQuGk4v96GseAm/5Fa6gBYm3Q==
date: Wed, 08 May 2019 04:44:46 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 17ms
16ms Script
application/x-javascript 23.43.119.71
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.webroot.com
URL: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.43.119.71 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-43-119-71.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 66f7eaa7a45f696c332cd450771f4be48e110f6afbe1fe7b39c7a95518aeef76

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 04:44:46 GMT
Content-Encoding: gzip
Last-Modified: Fri, 05 Apr 2019 02:53:44 GMT
Server: Apache
ETag: "54520320df20b526337717d6d28181fc:1554432824"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 752

GET
H/1.1 200
OK rtp.js Show response
abrtp1-cdn.marketo.com/rtp-api/v1/ 148 KB
41 KB 267ms
154ms Script
application/x-javascript 104.111.239.158
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://abrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=webrootinc

Requested by

Host: www.webroot.com
URL: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.158 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-239-158.deploy.static.akamaitechnologies.com

Software

Jetty(7.3.1.v20110307) /

Resource Hash

7d7287b75b9adbcf19ecabaa69b6777e1f816cd396fc50489e194752caa498c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63113904
Content-Encoding: gzip
Last-Modified: Wed, 08 May 2019 01:30:24 GMT
Server: Jetty(7.3.1.v20110307)
Date: Wed, 08 May 2019 04:44:46 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=UTF-8
Cache-Control: public, max-age=172
Connection: keep-alive
Content-Length: 41412

GET
H2

200

activityi;dc_pre=CK_gu_GPi-ICFVSIdwodiowLUg;src=8034235;type=remarket;cat=visit0;ord=6944511923092;gtm=2wg430;auiddc=2078893043.1557290686;u1=;u2=https%3A%2F%2Fwww.webroot.com%2Fus%2Fen%2Fresources...
8034235.fls.doubleclick.net/ Frame E8CA
Redirect Chain

https://8034235.fls.doubleclick.net/activityi;src=8034235;type=remarket;cat=visit0;ord=6944511923092;gtm=2wg430;auiddc=2078893043.1557290686;u1=;u2=https%3A%2F%2Fwww.webroot.com%2Fus%2Fen%2Fresourc...
https://8034235.fls.doubleclick.net/activityi;dc_pre=CK_gu_GPi-ICFVSIdwodiowLUg;src=8034235;type=remarket;cat=visit0;ord=6944511923092;gtm=2wg430;auiddc=2078893043.1557290686;u1=;u2=https%3A%2F%2Fw...

0
0

60ms
60ms

Document
text/html

216.58.207.38
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://8034235.fls.doubleclick.net/activityi;dc_pre=CK_gu_GPi-ICFVSIdwodiowLUg;src=8034235;type=remarket;cat=visit0;ord=6944511923092;gtm=2wg430;auiddc=2078893043.1557290686;u1=;u2=https%3A%2F%2Fwww.webroot.com%2Fus%2Fen%2Fresources%2Ftips-articles%2Fwhat-is-phishing;~oref=https%3A%2F%2Fwww.webroot.com%2Fus%2Fen%2Fresources%2Ftips-articles%2Fwhat-is-phishing?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPDZV9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.38 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s24-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8034235.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CK_gu_GPi-ICFVSIdwodiowLUg;src=8034235;type=remarket;cat=visit0;ord=6944511923092;gtm=2wg430;auiddc=2078893043.1557290686;u1=;u2=https%3A%2F%2Fwww.webroot.com%2Fus%2Fen%2Fresources%2Ftips-articles%2Fwhat-is-phishing;~oref=https%3A%2F%2Fwww.webroot.com%2Fus%2Fen%2Fresources%2Ftips-articles%2Fwhat-is-phishing?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Wed, 08 May 2019 04:44:46 GMT
expires: Wed, 08 May 2019 04:44:46 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 373
x-xss-protection: 0
set-cookie: IDE=AHWqTUla_HBq1L9fpncUj9wPzcC8jbS5B4_Ap8mlL9IBWjIy5k-6eF4UgFRCZfoY; expires=Mon, 01-Jun-2020 04:44:46 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Wed, 08 May 2019 04:44:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8034235.fls.doubleclick.net/activityi;dc_pre=CK_gu_GPi-ICFVSIdwodiowLUg;src=8034235;type=remarket;cat=visit0;ord=6944511923092;gtm=2wg430;auiddc=2078893043.1557290686;u1=;u2=https%3A%2F%2Fwww.webroot.com%2Fus%2Fen%2Fresources%2Ftips-articles%2Fwhat-is-phishing;~oref=https%3A%2F%2Fwww.webroot.com%2Fus%2Fen%2Fresources%2Ftips-articles%2Fwhat-is-phishing?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 08-May-2019 04:59:46 GMT; path=/; domain=.doubleclick.net
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"

POST
H/1.1 200
OK asmt_update Show response
www.webroot.com/__ssobj/ 50 B
889 B 285ms
153ms XHR
application/json 69.25.154.83
Internap Corporation

General

Check archive.org

Show headers Download Go to

Full URL: https://www.webroot.com/__ssobj/asmt_update
Requested by: Host: www.webroot.com
URL: https://www.webroot.com/__ssobj/core.js+ssdomvar.js+generic-adapter.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.25.154.83 , United States, ASN19024 (INTERNAP-BLK5 - Internap Corporation, US),
Reverse DNS
Software: Apache /
Resource Hash: 85914d0ca0f15e7875d7147a3a417ddeb2b32ecef5359565436a861df599b722

Request headers

Context-Type: application/json;charset=UTF-8
Origin: https://www.webroot.com
Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 08 May 2019 04:44:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 Oct 2018 04:08:14 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/json
Cache-Control: private, no-store, no-cache, max-age=0, must-revalidate, proxy-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
RTSS: 1-2-81
Keep-Alive: timeout=5, max=245
Content-Length: 67
SBSS: 1
Expires: -1

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/155/ 9 KB
5 KB 16ms
15ms Script
application/x-javascript 23.43.119.71
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/155/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.43.119.71 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-43-119-71.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: efb6b9732bf508ee305363b10cf2a67ace474e06eb42642f2c3696b2442a5775

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 04:44:46 GMT
Content-Encoding: gzip
Last-Modified: Fri, 30 Nov 2018 03:18:20 GMT
Server: Apache
ETag: "c67dad42946949112916578f78706df8:1543547900"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 3923
Expires: Fri, 16 Aug 2019 04:44:46 GMT

GET
H2 200 adsct
t.co/i/ 43 B
168 B 150ms
146ms Image
image/gif 104.244.42.5
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nxlfo&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0

Requested by

Host: www.webroot.com
URL: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.5 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 08 May 2019 04:44:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=0
content-length: 65
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 116
pragma: no-cache
last-modified: Wed, 08 May 2019 04:44:46 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 562c79072c5de07be2b6e9a0ab70eb9b
x-transaction: 00582477008411fc
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 sp.pl Show response
sp.analytics.yahoo.com/ 0
452 B 142ms
41ms Script
application/x-javascript 188.125.66.33
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&jsonp=YAHOO.ywa.I13N.handleJSONResponse&d=Wed%2C%2008%20May%202019%2004%3A44%3A46%20GMT&n=0&b=What%20is%20a%20Phishing%20Email%20and%20How%20Do%20I%20Spot%20the%20Scam%3F%20%7C%20Webroot&.yp=33990&f=https%3A%2F%2Fwww.webroot.com%2Fus%2Fen%2Fresources%2Ftips-articles%2Fwhat-is-phishing&enc=UTF-8

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.125.66.33 , Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 08 May 2019 04:44:46 GMT
via: http/1.1 spdc0013.pbp.ir2.yahoo.com (ApacheTrafficServer)
x-content-type-options: nosniff
age: 0
status: 200
strict-transport-security: max-age=31536000
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: application/x-javascript
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
expires: Wed, 08 May 2019 04:44:46 GMT

GET
H/1.1 200
OK visitWebPage Show response
557-fsi-195.mktoresp.com/webevents/ 2 B
272 B 572ms
104ms XHR
text/plain 192.28.144.124
MARKETO

General

Check archive.org

Show headers Download Go to

Full URL: https://557-fsi-195.mktoresp.com/webevents/visitWebPage?_mchNc=1557290686542&_mchCn=&_mchId=557-FSI-195&_mchTk=_mch-webroot.com-1557290686541-59936&_mchWs=j1RQ&_mchHo=www.webroot.com&_mchPo=&_mchRu=%2Fus%2Fen%2Fresources%2Ftips-articles%2Fwhat-is-phishing&_mchPc=https%3A&_mchVr=155&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/155/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.28.144.124 San Mateo, United States, ASN53580 (MARKETO - MARKETO, Inc., US),
Reverse DNS
Software: spray-can/1.3.3 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
Origin: https://www.webroot.com

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 08 May 2019 04:44:47 GMT
Content-Encoding: gzip
Server: spray-can/1.3.3
Content-Length: 22
X-Request-Id: cae8a6fa-7a7c-4f88-a199-9737018a2774
Content-Type: text/plain; charset=UTF-8

GET
H2 200 1066169613516123 Show response
connect.facebook.net/signals/config/ 207 KB
55 KB 57ms
56ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1066169613516123?v=2.8.47&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

5077eddfc578b6126639f9622a12c5667784c8ca8f9fe8e82c21ac6057d4cd00

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
x-xss-protection: 0
pragma: public
x-fb-debug: l0NuSajAsrMNXm+wEobl2lvuV4OlqY+WFf2jw3l9DSfvDfi5yKgtgwmqXn7nD9AvL7al9UW9ioKJNlDCImzyuQ==
date: Wed, 08 May 2019 04:44:46 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
148 B 47ms
47ms Image
text/plain 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=4012154&Ver=2&mid=947f8e38-cd0d-e2b6-c96a-16b09719b97d&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=What%20is%20a%20Phishing%20Email%20and%20How%20Do%20I%20Spot%20the%20Scam%3F%20%7C%20Webroot&p=https%3A%2F%2Fwww.webroot.com%2Fus%2Fen%2Fresources%2Ftips-articles%2Fwhat-is-phishing&r=&evt=pageLoad&msclkid=N&rn=792526
Requested by: Host: www.webroot.com
URL: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Wed, 08 May 2019 04:44:46 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 612002FE78664B3684EA96A9AD6E60FB Ref B: VIEEDGE0821 Ref C: 2019-05-08T04:44:46Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 inferredEvents.js Show response
connect.facebook.net/signals/plugins/ 1 KB
1 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.8.47

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 772
x-xss-protection: 0
pragma: public
x-fb-debug: hwbABYPBJdRAbXNVSXwM9N/crnCiJYDPXOmMnsxf520dL/4TSVbmDoqLm3slBDjZNXgOgGpZtkMI6OgQsHCgYA==
date: Wed, 08 May 2019 04:44:46 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
325 B 39ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1066169613516123&ev=PageView&dl=https%3A%2F%2Fwww.webroot.com%2Fus%2Fen%2Fresources%2Ftips-articles%2Fwhat-is-phishing&rl=&if=false&ts=1557290686636&sw=1600&sh=1200&v=2.8.47&r=stable&ec=0&o=30&fbp=fb.1.1557290686635.412822669&it=1557290686547&coo=false&rqm=GET

Requested by

Host: www.webroot.com
URL: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 08 May 2019 04:44:46 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Wed, 08 May 2019 04:44:46 GMT

GET
H2 200 modules.20591e59ba683b85feca.js Show response
script.hotjar.com/ 415 KB
86 KB 97ms
26ms Script
application/javascript 147.75.33.239
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.20591e59ba683b85feca.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-437177.js?sv=5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.33.239 , Switzerland, ASN54825 (PACKET - Packet Host, Inc., US),

Reverse DNS

pkt-ams-k1-28

Software

Resource Hash

8c83f82584ec6030ef5c520ca0abc95f3bb943e92da32d82ea4dbffbc8169d58

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 08 May 2019 04:44:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 07 May 2019 16:29:30 GMT
access-control-allow-origin: *
etag: W/"c375891bda8c50b24b732f75b0f29fea"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.029
section-io-origin-status: 200
accept-ranges: bytes
section-io-id: e96acd5e01c095e8b70da7d65026abdd
content-length: 87834

GET
H/1.1 200
OK jquery-ui-insightera-custom-1.9.6.css
rtp-static.marketo.com/rtp/libs/ 22 KB
4 KB 97ms
26ms Stylesheet
text/css 104.111.239.158
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/jquery-ui-insightera-custom-1.9.6.css
Requested by: Host: abrtp1-cdn.marketo.com
URL: https://abrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=webrootinc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.239.158 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-239-158.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 339b2b60e94b6dc169fd9e5b68ac16b1ca08ef6a4968e98a0f43c2add405e79a

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 04:44:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Nov 2017 08:57:42 GMT
Server: Apache
ETag: "7f5b0bee9b1f7af8413b351cbceca223:1510045062"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 3752

GET
H/1.1 200
OK trw Show response
abrtp1.marketo.com/gw1/ 0
435 B 576ms
105ms Script
application/x-javascript 192.28.144.84
MARKETO

General

Check archive.org

Show headers Download Go to

Full URL

https://abrtp1.marketo.com/gw1/trw?aid=webrootinc&trwv.uid=webrootinc-1557290686796-16f93c6b&trwv.vc=1&trwsa.sid=webrootinc-1557290686797-4fd8c165&trwsb.cpv=1&ctzo=-00:00&uri=https%3A%2F%2Fwww.webroot.com%2Fus%2Fen%2Fresources%2Ftips-articles%2Fwhat-is-phishing&ma=id%3A557-FSI-195%26token%3A_mch-webroot.com-1557290686541-59936&pm=&viewedTypes=&rts=1557290686800

Requested by

Host: abrtp1-cdn.marketo.com
URL: https://abrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=webrootinc

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.28.144.84 San Mateo, United States, ASN53580 (MARKETO - MARKETO, Inc., US),

Reverse DNS

Software

Jetty(7.3.1.v20110307) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 04:44:47 GMT
Cache-Control: no-cache
Server: Jetty(7.3.1.v20110307)
Connection: close
Content-Length: 0
Strict-Transport-Security: max-age=63113904
Content-Type: application/x-javascript; charset=UTF-8

GET
H/1.1 200
OK ga-integration-2.0.2.js Show response
rtp-static.marketo.com/rtp/libs/ 15 KB
5 KB 109ms
33ms Script
application/x-javascript 104.111.239.158
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/ga-integration-2.0.2.js
Requested by: Host: abrtp1-cdn.marketo.com
URL: https://abrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=webrootinc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.239.158 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-239-158.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7fb58f6c6c2c3b61909e3b4bb9e199d95d5e2a4e39b58f25d1a9894971ed16b9

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 04:44:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 03 Jul 2018 13:42:27 GMT
Server: Apache
ETag: "52b7a5deba12e7e1147fcebaa9fd9691:1530625347"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 4977

GET
H/1.1 200
OK msg Show response
abrtp1.marketo.com/gw1/ 0
494 B 526ms
106ms Script
text/javascript 192.28.144.84
MARKETO

General

Check archive.org

Show headers Download Go to

Full URL

https://abrtp1.marketo.com/gw1/msg?a=2&sid=webrootinc-1557290686797-4fd8c165&aid=webrootinc&ma=id%3A557-FSI-195%26token%3A_mch-webroot.com-1557290686541-59936&viewedTypes=&0.14305946227930932&rts=1557290686852

Requested by

Host: abrtp1-cdn.marketo.com
URL: https://abrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=webrootinc

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.28.144.84 San Mateo, United States, ASN53580 (MARKETO - MARKETO, Inc., US),

Reverse DNS

Software

Jetty(7.3.1.v20110307) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 04:44:47 GMT
Content-Encoding: gzip
Server: Jetty(7.3.1.v20110307)
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63113904
Content-Type: text/javascript; charset=UTF-8
Cache-Control: no-cache
Connection: close

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 7ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1066169613516123&ev=Microdata&dl=https%3A%2F%2Fwww.webroot.com%2Fus%2Fen%2Fresources%2Ftips-articles%2Fwhat-is-phishing&rl=&if=false&ts=1557290687140&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.webroot.com%2Fus%2Fen%2Fresources%2Ftips-articles%2Fwhat-is-phishing%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Atitle%22%3A%22What%20is%20a%20Phishing%20Email%20and%20How%20Do%20I%22%2C%22og%3Adescription%22%3A%22Phishing%20is%20a%20type%20of%20online%20scam%20where%20criminals%20send%20an%20email%20that%20appears%20to%20be%20from%20a%20legitimate%20company%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww-cdn.webroot.com%2F8815%2F3972%2F0467%2FSocialBackground.png%22%7D&cd[Meta]=%7B%22title%22%3A%22What%20is%20a%20Phishing%20Email%20and%20How%20Do%20I%20Spot%20the%20Scam%3F%20%7C%20Webroot%22%2C%22meta%3Adescription%22%3A%22Phishing%20is%20a%20type%20of%20online%20scam%20where%20criminals%20send%20an%20email%20that%20appears%20to%20be%20from%20a%20legitimate%20company%20asking%20you%20to%20provide%20sensitive%20information.%20Here%20are%20some%20of%20the%20ways%20to%20identify%20phishing%20scams%20and%20how%20to%20protect%20yourself%20from%20being%20scammed.%22%7D&cd[DataLayer]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebSite%22%2C%22name%22%3A%22Webroot%22%2C%22url%22%3A%22https%3A%2F%2Fwww.webroot.com%2Fus%2Fen%2Fresources%2Ftips-articles%2Fwhat-is-phishing%22%7D%5D&sw=1600&sh=1200&v=2.8.47&r=stable&ec=1&o=30&fbp=fb.1.1557290686635.412822669&it=1557290686547&coo=false&es=automatic&rqm=GET

Requested by

Host: www.webroot.com
URL: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 08 May 2019 04:44:47 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Wed, 08 May 2019 04:44:47 GMT

GET
H/1.1 200
OK msg Show response
abrtp1.marketo.com/gw1/ 0
494 B 177ms
102ms Script
text/javascript 192.28.144.84
MARKETO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: abrtp1-cdn.marketo.com
URL: https://abrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=webrootinc

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.28.144.84 San Mateo, United States, ASN53580 (MARKETO - MARKETO, Inc., US),

Reverse DNS

Software

Jetty(7.3.1.v20110307) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 04:44:47 GMT
Content-Encoding: gzip
Server: Jetty(7.3.1.v20110307)
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63113904
Content-Type: text/javascript; charset=UTF-8
Cache-Control: no-cache
Connection: close

GET
H/1.1 200
OK cookieConsent.json Show response
www.webroot.com/application/data/ajax/ 9 KB
2 KB 324ms
323ms XHR
application/json 69.25.154.83
Internap Corporation

General

Check archive.org

Show headers Download Go to

Full URL

https://www.webroot.com/application/data/ajax/cookieConsent.json

Requested by

Host: www.webroot.com
URL: https://www.webroot.com/application/javascript/libraries/jquery/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.25.154.83 , United States, ASN19024 (INTERNAP-BLK5 - Internap Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

9f8ecfeb077434fb23bc7da99514c49032456df504e851d00acc2b08b6175f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 04:44:47 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
RTSS: 1-2-106
Content-Length: 1785
X-XSS-Protection: 1; mode=block
X-Client-IP: 185.220.70.222
Pragma: no-cache
Last-Modified: Thu, 11 Apr 2019 14:45:09 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/json
Cache-Control: must-revalidate, proxy-revalidate, max-age=0
Accept-Ranges: bytes
X-Duration: D=656
Keep-Alive: timeout=5, max=244
Expires: Thu, 11 Apr 2019 14:45:09 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81d::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.webroot.com
URL: https://www.webroot.com/application/javascript/webroot.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Jan 2019 20:01:45 GMT
server: Golfe2
age: 4338
date: Wed, 08 May 2019 03:32:29 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 17543
expires: Wed, 08 May 2019 05:32:29 GMT

GET
H/1.1 200
OK googleAnalyticsConfig.json Show response
www.webroot.com/application/data/ajax/ 2 KB
931 B 352ms
351ms XHR
application/json 69.25.154.83
Internap Corporation

General

Check archive.org

Show headers Download Go to

Full URL

https://www.webroot.com/application/data/ajax/googleAnalyticsConfig.json

Requested by

Host: www.webroot.com
URL: https://www.webroot.com/application/javascript/libraries/jquery/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.25.154.83 , United States, ASN19024 (INTERNAP-BLK5 - Internap Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

6e2d699b6b2fd0a0a9b5615934598ffc8849416582d252856aef345dc8d45f56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 04:44:47 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
RTSS: 1-2-106
Content-Length: 358
X-XSS-Protection: 1; mode=block
X-Client-IP: 185.220.70.222
Pragma: no-cache
Last-Modified: Fri, 20 May 2016 18:15:32 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/json
Cache-Control: must-revalidate, proxy-revalidate, max-age=0
Accept-Ranges: bytes
X-Duration: D=533
Keep-Alive: timeout=5, max=244
Expires: Fri, 20 May 2016 18:15:32 GMT

GET
H2

200

oct.js Show response
static.ads-twitter.com/
Redirect Chain

https://platform.twitter.com/oct.js?_=1557290686342
https://static.ads-twitter.com/oct.js?_=1557290686342

5 KB
2 KB

23ms
23ms

Script
application/javascript

151.101.120.157
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/oct.js?_=1557290686342
Requested by: Host: www.webroot.com
URL: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.120.157 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 08 May 2019 04:44:47 GMT
content-encoding: gzip
age: 48054
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1954
x-served-by: cache-cdg20750-CDG
last-modified: Tue, 23 Jan 2018 19:05:33 GMT
x-timer: S1557290688.784954,VS0,VE0
etag: "b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

Redirect headers

Access-Control-Allow-Origin: *
Date: Wed, 08 May 2019 04:44:47 GMT
Server: ECS (fcn/40FC)
Content-Length: 0
Location: https://static.ads-twitter.com/oct.js?_=1557290686342
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK yahooPixelConfig.json Show response
www.webroot.com/application/data/ajax/ 1 KB
940 B 343ms
342ms XHR
application/json 69.25.154.83
Internap Corporation

General

Check archive.org

Show headers Download Go to

Full URL

https://www.webroot.com/application/data/ajax/yahooPixelConfig.json

Requested by

Host: www.webroot.com
URL: https://www.webroot.com/application/javascript/libraries/jquery/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.25.154.83 , United States, ASN19024 (INTERNAP-BLK5 - Internap Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

b75bf892017e3533657fd8c0322297ebd295860236cc06a9536a64b787d2bc6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 04:44:47 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
RTSS: 1-2-81
Content-Length: 368
X-XSS-Protection: 1; mode=block
X-Client-IP: 185.220.70.222
Pragma: no-cache
Last-Modified: Fri, 20 May 2016 18:15:32 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/json
Cache-Control: must-revalidate, proxy-revalidate, max-age=0
Accept-Ranges: bytes
X-Duration: D=451
Keep-Alive: timeout=5, max=243
Expires: Fri, 20 May 2016 18:15:32 GMT

GET
H/1.1 200
OK jquery.min.js Show response
rtp-static.marketo.com/rtp/libs/jquery/1.8.3/ 91 KB
33 KB 38ms
38ms Script
application/x-javascript 104.111.239.158
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/jquery/1.8.3/jquery.min.js
Requested by: Host: abrtp1-cdn.marketo.com
URL: https://abrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=webrootinc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.239.158 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-239-158.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 04:44:47 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Sep 2015 11:20:15 GMT
Server: Apache
ETag: "3576a6e73c9dccdbbc4a2cf8ff544ad7:1441624815"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 33467

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
264 B 151ms
150ms Script
application/javascript 104.244.42.195
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nxlfo&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.webroot.com%2Fus%2Fen%2Fresources%2Ftips-articles%2Fwhat-is-phishing

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.195 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_f /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 08 May 2019 04:44:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 120
pragma: no-cache
last-modified: Wed, 08 May 2019 04:44:47 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 3445ccf8171977216fc40192083ab4b5
x-transaction: 009edb300068006e
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 200
OK elqCfg.min.js Show response
img.en25.com/i/ 6 KB
3 KB 17ms
17ms Script
application/x-javascript 184.31.90.134
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://img.en25.com/i/elqCfg.min.js

Requested by

Host: www.webroot.com
URL: https://www.webroot.com/application/javascript/webroot.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.90.134 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-31-90-134.deploy.static.akamaitechnologies.com

Software

Resource Hash

6b4ebd6049c806e3eef1bd770b2d8b4fdd75803861ead3584ee753e41988efae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Jan 2019 15:12:33 GMT
ETag: "fd43e839aeb8d41:0"
Vary: Accept-Encoding
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-cache, no-store
Date: Wed, 08 May 2019 04:44:47 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 2115
Expires: Wed, 08 May 2019 04:44:47 GMT

GET
H/1.1 200
OK 1464.js Show response
dnn506yrbagrg.cloudfront.net/pages/scripts/0021/ 0
481 B 77ms
14ms Script
application/x-javascript 143.204.208.65
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://dnn506yrbagrg.cloudfront.net/pages/scripts/0021/1464.js?432580
Requested by: Host: www.webroot.com
URL: https://www.webroot.com/application/javascript/webroot.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.208.65 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-208-65.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 00:02:04 GMT
Via: 1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
Last-Modified: Tue, 07 Mar 2017 20:52:39 GMT
Server: AmazonS3
Age: 16964
ETag: "d41d8cd98f00b204e9800998ecf8427e"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Cache-Control: max-age=28800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0
X-Amz-Cf-Id: alosfJB220xhGXxrXVEJuQ9z1Sus0y-0ZF1Go6WaD6CnSqcoQEoB-g==

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1000 B 6ms
6ms Script
text/javascript 2a00:1450:4001:81d::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 08 May 2019 04:08:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 21 Apr 2016 03:17:22 GMT
server: sffe
age: 2157
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 856
x-xss-protection: 0
expires: Wed, 08 May 2019 05:08:50 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j73&a=823235231&t=pageview&_s=1&dl=https%3A%2F%2Fwww.webroot.com%2Fus%2Fen%2Fresources%2Ftips-articles%2Fwhat-is-phishing&dp=%2Fus%2Fen%2Fresources...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-10678573-1&cid=1228071805.1557290688&jid=552105037&_gid=936105875.1557290688&gjid=2110920663&_v=j73&z=908430439
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10678573-1&cid=1228071805.1557290688&jid=552105037&_v=j73&z=908430439
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10678573-1&cid=1228071805.1557290688&jid=552105037&_v=j73&z=908430439&slf_rd=1&random=1561275352

42 B
110 B

17ms
17ms

Image
image/gif

2a00:1450:4001:81c::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10678573-1&cid=1228071805.1557290688&jid=552105037&_v=j73&z=908430439&slf_rd=1&random=1561275352

Requested by

Host: www.webroot.com
URL: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 May 2019 04:44:47 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 08 May 2019 04:44:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10678573-1&cid=1228071805.1557290688&jid=552105037&_v=j73&z=908430439&slf_rd=1&random=1561275352
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-90f3a29ef7448451db5af955688970d7.html
vars.hotjar.com/ Frame BED1 0
0 95ms
25ms Document
text/html 147.75.33.239
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-90f3a29ef7448451db5af955688970d7.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-437177.js?sv=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.33.239 , Switzerland, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS: pkt-ams-k1-28
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-90f3a29ef7448451db5af955688970d7.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing

Response headers

status: 200
date: Wed, 08 May 2019 04:44:47 GMT
content-type: text/html
content-length: 967
cache-control: max-age=31536000
last-modified: Tue, 30 Apr 2019 14:57:42 GMT
section-io-origin-status: 200
section-io-origin-time-seconds: 0.024
etag: W/"90f3a29ef7448451db5af955688970d7"
content-encoding: gzip
vary: Accept-Encoding
accept-ranges: bytes
section-io-id: 00cca54522f02a46fa85a8f005bf7779

GET
H/1.1 200
OK jquery-custom-ui.min.js Show response
rtp-static.marketo.com/rtp/libs/jqueryui/1.9.2f/ 126 KB
35 KB 43ms
43ms Script
application/x-javascript 104.111.239.158
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/jqueryui/1.9.2f/jquery-custom-ui.min.js
Requested by: Host: abrtp1-cdn.marketo.com
URL: https://abrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=webrootinc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.239.158 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-239-158.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 35f273e01e70db780ae423347dffecfc27cc348ba4abbd6099331559a7c5cd31

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 04:44:47 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Jan 2018 12:54:21 GMT
Server: Apache
ETag: "5a9f8dd85d85afd20544bd437a505338:1515502461"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 35484

GET
H2 200 adsct
t.co/i/ 43 B
169 B 145ms
145ms Image
image/gif 104.244.42.5
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=l4o39&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0

Requested by

Host: www.webroot.com
URL: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.5 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 08 May 2019 04:44:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=0
content-length: 65
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 116
pragma: no-cache
last-modified: Wed, 08 May 2019 04:44:47 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 562c79072c5de07be2b6e9a0ab70eb9b
x-transaction: 005f166100c9434b
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
119 B 147ms
147ms Image
image/gif 104.244.42.5
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nxlfo&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/oct.js?_=1557290686342

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.5 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 08 May 2019 04:44:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=0
content-length: 65
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 117
pragma: no-cache
last-modified: Wed, 08 May 2019 04:44:47 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 562c79072c5de07be2b6e9a0ab70eb9b
x-transaction: 0071c35100ad35d0
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 200
OK visitor Show response
abrtp1.marketo.com/gw1/rtp/api/v1_1/ 210 B
876 B 434ms
106ms XHR
application/json 192.28.144.84
MARKETO

General

Check archive.org

Show headers Download Go to

Full URL

https://abrtp1.marketo.com/gw1/rtp/api/v1_1/visitor?sid=webrootinc-1557290686797-4fd8c165&aid=webrootinc&1557290687963

Requested by

Host: rtp-static.marketo.com
URL: https://rtp-static.marketo.com/rtp/libs/ga-integration-2.0.2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.28.144.84 San Mateo, United States, ASN53580 (MARKETO - MARKETO, Inc., US),

Reverse DNS

Software

Jetty(7.3.1.v20110307) /

Resource Hash

8790543309afff5fde9a3c522cae940b7cc3b40f5d024605dddff38c34e8cba1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
Origin: https://www.webroot.com

Response headers

Pragma: no-cache
Date: Wed, 08 May 2019 04:44:48 GMT
Content-Encoding: gzip
Last-Modified: Tue May 07 23:44:48 CDT 2019
Server: Jetty(7.3.1.v20110307)
Strict-Transport-Security: max-age=63113904
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.webroot.com
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Transfer-Encoding: chunked
Connection: close
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sgm Show response
abrtp1.marketo.com/gw1/ga/ 48 B
500 B 432ms
105ms XHR
text/json 192.28.144.84
MARKETO

General

Check archive.org

Show headers Download Go to

Full URL

https://abrtp1.marketo.com/gw1/ga/sgm?sid=webrootinc-1557290686797-4fd8c165&1557290687964

Requested by

Host: rtp-static.marketo.com
URL: https://rtp-static.marketo.com/rtp/libs/ga-integration-2.0.2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.28.144.84 San Mateo, United States, ASN53580 (MARKETO - MARKETO, Inc., US),

Reverse DNS

Software

Jetty(7.3.1.v20110307) /

Resource Hash

25b4e974dc91d718d1b66bf120388c20da6dfd3a886ec8401af1c269dd169a44

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
Origin: https://www.webroot.com

Response headers

Date: Wed, 08 May 2019 04:44:48 GMT
Server: Jetty(7.3.1.v20110307)
Strict-Transport-Security: max-age=63113904
Content-Type: text/json;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: close
Content-Length: 48

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
118 B 156ms
155ms Script
application/javascript 104.244.42.195
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=l4o39&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.webroot.com%2Fus%2Fen%2Fresources%2Ftips-articles%2Fwhat-is-phishing

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/oct.js?_=1557290686342

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.195 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_f /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 08 May 2019 04:44:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 124
pragma: no-cache
last-modified: Wed, 08 May 2019 04:44:48 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 3445ccf8171977216fc40192083ab4b5
x-transaction: 00419dd9009bb19a
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
165 B 145ms
145ms Script
application/javascript 104.244.42.195
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/oct.js?_=1557290686342

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.195 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_f /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 08 May 2019 04:44:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 114
pragma: no-cache
last-modified: Wed, 08 May 2019 04:44:48 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 3445ccf8171977216fc40192083ab4b5
x-transaction: 008dde11008508a4
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
107 B 6ms
6ms Image
image/gif 2a00:1450:4001:81d::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j73&a=823235231&t=timing&_s=2&dl=https%3A%2F%2Fwww.webroot.com%2Fus%2Fen%2Fresources%2Ftips-articles%2Fwhat-is-phishing&ul=en-us&de=UTF-8&dt=What%20is%20a%20Phishing%20Email%20and%20How%20Do%20I%20Spot%20the%20Scam%3F%20%7C%20Webroot&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&plt=4832&pdt=119&dns=30&rrt=287&srt=984&tcp=469&dit=4030&clt=4595&_gst=4589&_gbt=4622&_u=aHBAAAIhB~&jid=&gjid=&cid=1228071805.1557290688&tid=UA-10678573-1&_gid=936105875.1557290688&cd2=99999&z=976074463

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Mar 2019 03:43:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 5187673
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
107 B 6ms
6ms Image
image/gif 2a00:1450:4001:81d::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j73&a=823235231&t=event&ni=1&_s=3&dl=https%3A%2F%2Fwww.webroot.com%2Fus%2Fen%2Fresources%2Ftips-articles%2Fwhat-is-phishing&ul=en-us&de=UTF-8&dt=What%20is%20a%20Phishing%20Email%20and%20How%20Do%20I%20Spot%20the%20Scam%3F%20%7C%20Webroot&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=RTP&ea=Organization&el=M247%20Europe%20SRL&_u=aHBAAAIhB~&jid=&gjid=&cid=1228071805.1557290688&tid=UA-10678573-1&_gid=936105875.1557290688&cd2=99999&cd63=M247%20Europe%20SRL&z=1684156015

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Mar 2019 03:43:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 5187674
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

159 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 09:56:26	Name: IDE Value: AHWqTUla_HBq1L9fpncUj9wPzcC8jbS5B4_Ap8mlL9IBWjIy5k-6eF4UgFRCZfoY
.webroot.com/	1970-01-19 00:34:50	Name: _gat Value: 1
.webroot.com/	1970-01-19 18:06:02	Name: _ga Value: GA1.2.1228071805.1557290688
.webroot.com/	1970-01-19 00:44:55	Name: rc Value: 99999
.webroot.com/	1970-01-19 18:06:02	Name: trwv.uid Value: webrootinc-1557290686796-16f93c6b%3A1
.webroot.com/	1970-01-19 00:34:52	Name: trwsa.sid Value: webrootinc-1557290686797-4fd8c165%3A1
.webroot.com/	1970-01-19 09:20:26	Name: SSID Value: CADKnh22AAAAAAC7XtJcUcBBFLte0lwBAAAAAADn7Plcu17SXAAUgJ-iAAF25xMAu17SXAEALqUAA1NkFAC7XtJcAQBdpQADfmkUALte0lwBAAOjAAFr9hMAu17SXAEAxpsAAf7BEgC7XtJcAQDHoAABgI4TALte0lwBAJmpAAGMMBUAu17SXAEAj6kAAeIvFQC7XtJcAQB2pQABAXAUALte0lwBAHOjAAGvCxQAu17SXAEAWKoAAQ9iFQC7XtJcAQB6pAABnUQUALte0lwBAHKoAAF2_RQAu17SXAEA
.webroot.com/	1970-01-19 00:36:17	Name: _gid Value: GA1.2.936105875.1557290688
.webroot.com/	1970-01-19 02:44:26	Name: _fbp Value: fb.1.1557290686635.412822669
.webroot.com/	1970-01-19 02:44:26	Name: _gcl_au Value: 1.1.2078893043.1557290686
www.webroot.com/	1969-12-31 23:59:59	Name: CONCRETE5 Value: ihl08la2l010v1fbetbr8cd1d1
.webroot.com/	1969-12-31 23:59:59	Name: SSSC Value: 526.G6688512554190356561.1\|39878.1229310:41159.1281664:41631.1304438:41731.1308267:41843.1313711:42106.1328285:42286.1336403:42333.1337726:42358.1339393:43122.1375606:43407.1388514:43417.1388684:43608.1401359
.webroot.com/	1970-01-19 00:44:55	Name: rc_track Value: eyJwX3JjIjoiOTk5OTkiLCJ0cnhfcmMiOiI5OTk5OSJ9
.webroot.com/	1970-01-19 09:20:26	Name: SSRT Value: vV7SXAADAA
.webroot.com/	1970-01-19 18:06:02	Name: _mkto_trk Value: id:557-FSI-195&token:_mch-webroot.com-1557290686541-59936
.webroot.com/	1970-01-19 01:18:02	Name: SSLB Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

557-fsi-195.mktoresp.com
8034235.fls.doubleclick.net
abrtp1-cdn.marketo.com
abrtp1.marketo.com
analytics.twitter.com
apis.google.com
bat.bing.com
connect.facebook.net
dnn506yrbagrg.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
go.mercatoradvisorygroup.com
img.en25.com
munchkin.marketo.net
platform.twitter.com
rtp-static.marketo.com
s.yimg.com
script.hotjar.com
sp.analytics.yahoo.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
t.co
vars.hotjar.com
webroot-cms-cdn.s3-us-west-1.amazonaws.com
www-cdn.webroot.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.webroot.com
104.111.239.158
104.244.42.195
104.244.42.5
143.204.208.65
143.204.214.98
147.75.33.239
147.75.83.1
151.101.120.157
184.31.90.134
188.125.66.33
192.28.144.124
192.28.144.84
216.58.207.38
23.43.119.71
2606:2800:234:59:254c:406:2366:268c
2620:1ec:c11::200
2a00:1288:7c:800::4001
2a00:1450:4001:806::2004
2a00:1450:4001:817::200a
2a00:1450:4001:819::200e
2a00:1450:4001:81a::2008
2a00:1450:4001:81c::2003
2a00:1450:4001:81d::200e
2a00:1450:4001:81e::2003
2a00:1450:400c:c00::9d
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
52.21.178.134
52.219.20.32
69.25.154.83
01474ed2ca3ab19aa5470bb5966745b9219345c84961e02e518f40566a0be545
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
06768ff08a78f24b60973b047561141c4413864fa2d3ac9292fb0b217a81f917
099b412f4eddd7acec4d199e0161a57591a70407415e7132606fe5a7f86c7522
0be47b23e82b69080ab149aefc5d747a8c9fb90d4f6d5e2d986e12b97d3ef1c5
0defdc819a00920beaa312fdc89a49ccf1f2a335044c59d2bfb11019f416438a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1312655859bfabbe6015291300f89771b4e6bc339d537e6dee471c78d92367e8
1a21ae5ca033933b760bf5c22a2ae913c06c8134b2f6b77f72eb4b9198938c0f
1a91e0a02f091ba91cd4ed3ac451b81b5ac81cd2d4e9f004e730a539c64627fb
1f7f952cabbb5baf2c16260117fc909415f1f458744b3aa590e7b2498d811503
200fe8fd3d1ddf6454f7f90fe14c00093984a5509fabe65da8801689d44efb86
23401a30e489fdd7a54551ad129c1b2e5eb0654df0095fde62d4ffdbe90149ec
25b4e974dc91d718d1b66bf120388c20da6dfd3a886ec8401af1c269dd169a44
26bbb55a86ad6edc61558972cd15a3aedca0d7ff63442df4618d1beaab04bbdf
29a3a6eff9a38e93e4f6d8a54916ab4676871317295abe962346569cec18dbee
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
3258bb61f5b69f33076dd0c91e13ddd2c7fe771882adff9345e90d4ab7c32426
339b2b60e94b6dc169fd9e5b68ac16b1ca08ef6a4968e98a0f43c2add405e79a
34e15c93e89c4ad470214b034b8fd7657449bcdb56f4a25de75f691b8b33d77d
35f273e01e70db780ae423347dffecfc27cc348ba4abbd6099331559a7c5cd31
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
4421d8a29a6be8966ef3aa0dddc4f3f661fa795b5ed326aeb67d565bfdcb2aef
4dbc96bc726069edef6f919181acc6ef506e738d77506e2477c6f44b0184b167
5077eddfc578b6126639f9622a12c5667784c8ca8f9fe8e82c21ac6057d4cd00
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57a9373976025f88c2d16374ab48d886a110a20410cfc3007904a03b84caab62
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
632a028ee7dd17407ae946a2f87938d0c73bf59a4aa8a89d02088b916956a4f6
66f7eaa7a45f696c332cd450771f4be48e110f6afbe1fe7b39c7a95518aeef76
6b4ebd6049c806e3eef1bd770b2d8b4fdd75803861ead3584ee753e41988efae
6e2d699b6b2fd0a0a9b5615934598ffc8849416582d252856aef345dc8d45f56
7a972ca8c0344be2ba579527f5183b5fb92b607681c9f665e470c788f4b9fd19
7d7287b75b9adbcf19ecabaa69b6777e1f816cd396fc50489e194752caa498c3
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7e27f222ece41004b3c4a5c9432715c22e1622a306fded6e389290ed6c9f5367
7fb58f6c6c2c3b61909e3b4bb9e199d95d5e2a4e39b58f25d1a9894971ed16b9
817f218dd4fd9878e8e610e882535cbcb50e6923643c56413848ce9614ffff8a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8439f164e5614014d9232ebe206c571c32dd0207fa73e7f4b95b2e66af0110ca
85914d0ca0f15e7875d7147a3a417ddeb2b32ecef5359565436a861df599b722
85f678146ae3adb9ff438e5dacc864d5a9fac03eecf2cc957bb7849550adf076
8658dcad983dacbb3bca7bc8217fd0b75f28df85bf9259bd0dccf69e58cb0ecd
8790543309afff5fde9a3c522cae940b7cc3b40f5d024605dddff38c34e8cba1
8c83f82584ec6030ef5c520ca0abc95f3bb943e92da32d82ea4dbffbc8169d58
91957278207e69a228b931311ff6c48930aa1c9bdac7389c29516b6b0364e819
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
99d96f56766c694b4b0b851c67e1b8c5dc1cbd080cd1cca841bda87d28406727
9a8e3483ba5e12fb75231b870863b02499625b4f5ad037d254434e1dde93eb81
9f8ecfeb077434fb23bc7da99514c49032456df504e851d00acc2b08b6175f73
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a694e27004b47e48af71995950cb099127a16d69e861db41f4f8d7356900d229
a94bc012ed791638c8756d4555a099062b71e9aa7b7fda7a7c31df841e4462fe
ac199c94238f4c76544e155e5ef21d243429b35631584c9e6cef574b99a70569
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b1bf7411e675831bcdc3721b7f9b35fe3ee987a37a0698434634d66230281021
b75bf892017e3533657fd8c0322297ebd295860236cc06a9536a64b787d2bc6a
bd999047408eaf20ae15ab916d344330d118fa72b0703fa1784deb648d36bb7a
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
cd6f4900abc2da200ad96c75852facfd8872610ce9dd259acf3cc82507490dd3
de0b1503ddd684f4fcb8bfc3b5705e087e6e8088fb9295d0e6a6f6de54351079
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e33fe473d0794912bbf3e51c3c6f35b0d23de97d8346392a81346995eff91cfa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e63541c9892f69940d2ce694692ffb7d9200eb0cf3ef90b604c21cde5369b23a
ecc5c7ae5698fab611d69e2378b236ded82251a9905729b61569a252392c1437
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb6b9732bf508ee305363b10cf2a67ace474e06eb42642f2c3696b2442a5775
f17a340f0388383e8d2a70632006d51e5d0e95f60f1cca3f774bd78b5d3dcd07
f7462a9c7a26e23f0e85c110832508d888661984c13b9e0075c7f7603654f713
f9eb7ee77bd006e64c1e9d3e52cf0e5942786e2327a5c9d8911c1458c6bf7811
fa59b1ed1b011e084474ad818b5f6986d84fc678e2f37fee9330eb52d86860b3
fc41dadc589073682050d5057ca3166f99dc57b09ba5e3be872f7475ee7ee9da

www.webroot.com Open in urlscan Pro 69.25.154.83 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

88 Requests

100 %HTTPS

43 %IPv6

24 Domains

32 Subdomains

27 IPs

5 Countries

1001 kBTransfer

3014 kBSize

16 Cookies

20 Outgoing links

Page URL History

Redirected requests

88 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.webroot.com Open in urlscan Pro
69.25.154.83 Public Scan

Screenshot
Live screenshot

Full Image

88
Requests

100 %
HTTPS

43 %
IPv6

24
Domains

32
Subdomains

27
IPs

5
Countries

1001 kB
Transfer

3014 kB
Size

16
Cookies

88 HTTP transactions
1 data transactions