securefileshares.com Open in urlscan Pro
52.5.232.69 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://urldefense.proofpoint.com/v2/url?u=http-3A__securefileshares.com_98711298_5e3579_-3Flogin-5Fid-3D890a9075-2D8ef1-2D4d46-2D...
Effective URL:
http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
Submission: On May 24 via manual (May 24th 2017, 7:21:08 pm UTC) from US

Summary HTTP 36 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 36 HTTP transactions. The main IP is 52.5.232.69, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is securefileshares.com.

This is the only time securefileshares.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	52.5.232.69 52.5.232.69	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
23	52.72.149.139 52.72.149.139	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:814::200a	15169 (GOOGLE) (GOOGLE - Google Inc.)
2	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	151.101.12.207 151.101.12.207	54113 (FASTLY) (FASTLY - Fastly)
2	162.247.242.20 162.247.242.20	23467 (NEWRELIC-...) (NEWRELIC-AS-1 - New Relic)
36	6

7 52.5.232.69 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-5-232-69.compute-1.amazonaws.com

securefileshares.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 52.72.149.139 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-72-149-139.compute-1.amazonaws.com

securefileshares.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::200a (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::2003 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.207 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.242.20 (United States)

ASN23467 (NEWRELIC-AS-1 - New Relic, US)
PTR: bam-8.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	securefileshares.com securefileshares.com	2 MB
2	nr-data.net bam.nr-data.net	57 B
2	gstatic.com fonts.gstatic.com	30 KB
1	newrelic.com js-agent.newrelic.com	9 KB
1	googleapis.com fonts.googleapis.com	499 B
36	5

	Domain	Requested by
30	securefileshares.com	securefileshares.com
2	bam.nr-data.net	js-agent.newrelic.com securefileshares.com
2	fonts.gstatic.com	securefileshares.com
1	js-agent.newrelic.com	securefileshares.com
1	fonts.googleapis.com	securefileshares.com
36	5

This site contains no links.

Subject Issuer	Validity	Valid
*.googleapis.com Google Internet Authority G2	`2017-05-18` - `2017-08-10`	3 months	crt.sh
*.google.com Google Internet Authority G2	`2017-05-18` - `2017-08-10`	3 months	crt.sh
*.d.ssl.fastly.net GlobalSign Organization Validation CA - SHA256 - G2	`2017-04-11` - `2017-12-21`	8 months	crt.sh
*.nr-data.net GeoTrust SSL CA - G3	`2016-03-17` - `2018-03-17`	2 years	crt.sh

This page contains 1 frames:

Primary Page: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
Frame ID: 17931.1
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

36
Requests

17 %
HTTPS

33 %
IPv6

5
Domains

5
Subdomains

6
IPs

2
Countries

2106 kB
Transfer

2700 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
securefileshares.com/98711298/5e3579/
Redirect Chain

https://urldefense.proofpoint.com/v2/url?u=http-3A__securefileshares.com_98711298_5e3579_-3Flogin-5Fid-3D890a9075-2D8ef1-2D4d46-2D956c-2Dd558a0abce96&d=DwMFaQ&c=2jpuOek3j4P5cpE4ozX__g&r=4rNPyO6P1Fa...
http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96

101 KB
30 KB

391ms
145ms

Document
text/html

52.5.232.69
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96

Protocol

HTTP/1.1

Server

52.5.232.69 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-5-232-69.compute-1.amazonaws.com

Software

Apache /

Resource Hash

2cdbb2cd91e845f48e3af17e3f54e06e951c528f9f232538bc2dd7a133697f3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: securefileshares.com
Accept-Language: en-US,en;q=0.8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Cache-Control: no-cache
Connection: keep-alive
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Wed, 24 May 2017 19:20:56 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff nosniff
Access-Control-Allow-Origin: http://landing.phishme.com
Status: 200 OK
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 30788
X-XSS-Protection: 1; mode=block 1; mode=block
X-Request-Id: 3624f6c0-b1bf-4a67-9aeb-22d5f3f64298
X-Runtime: 0.038680
Server: Apache
X-Download-Options: noopen
X-Frame-Options: DENY
Content-Type: text/html; charset=utf-8
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Set-Cookie: _phishme.com_session_id=a04606cb65f76d4d040f99d9dcc99c76; path=/; HttpOnly
Expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
Date: Wed, 24 May 2017 19:20:56 GMT
Server: openresty
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK jquery-1.4.4.min.js Show response
securefileshares.com/javascripts/ 77 KB
26 KB 204ms
104ms Script
application/javascript 52.72.149.139
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

http://securefileshares.com/javascripts/jquery-1.4.4.min.js

Requested by

Host: securefileshares.com
URL: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96

Protocol

HTTP/1.1

Server

52.72.149.139 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-72-149-139.compute-1.amazonaws.com

Software

Apache /

Resource Hash

517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: securefileshares.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
Cookie: _phishme.com_session_id=a04606cb65f76d4d040f99d9dcc99c76
Connection: keep-alive
Cache-Control: no-cache
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Wed, 24 May 2017 19:20:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 27073
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 17 May 2017 18:44:08 GMT
Server: Apache
ETag: "1469fb-13309-54fbcac606e00"
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: http://landing.phishme.com
Cache-Control: max-age=0
Accept-Ranges: bytes
Expires: Wed, 24 May 2017 19:20:57 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
499 B 31ms
15ms Stylesheet
text/css 2a00:1450:4001:814::200a
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700

Requested by

Host: securefileshares.com
URL: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:814::200a , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

ESF /

Resource Hash

d96431e9ad5b11965655d3675ae3079a0b8fc1b8c2051b02348221662b417733

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /css?family=Montserrat:400,700
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: fonts.googleapis.com
referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
:scheme: https
x-client-data: CIi2yQEIpLbJAQ==
:method: GET
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Wed, 24 May 2017 19:20:57 GMT
content-encoding: br
last-modified: Wed, 24 May 2017 19:20:57 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="37,36,35"
x-xss-protection: 1; mode=block
expires: Wed, 24 May 2017 19:20:57 GMT

GET
H/1.1 200
OK animate.css
securefileshares.com/system/content_files/uploads/805/cb9/6e-/original/ 62 KB
4 KB 197ms
102ms Stylesheet
text/css 52.5.232.69
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

http://securefileshares.com/system/content_files/uploads/805/cb9/6e-/original/animate.css

Requested by

Host: securefileshares.com
URL: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96

Protocol

HTTP/1.1

Server

52.5.232.69 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-5-232-69.compute-1.amazonaws.com

Software

Apache /

Resource Hash

69dca97fc9843ea3758862d874916b6d782b6a7cb6d16181c4d7e2e851581342

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: securefileshares.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
Cookie: _phishme.com_session_id=a04606cb65f76d4d040f99d9dcc99c76
Connection: keep-alive
Cache-Control: no-cache
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Wed, 24 May 2017 19:20:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 4049
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 07 Jun 2016 12:27:39 GMT
Server: Apache
ETag: "1c29e1-f8c9-534af508ea4c0"
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: http://landing.phishme.com
Cache-Control: max-age=0
Accept-Ranges: bytes
Expires: Wed, 24 May 2017 19:20:57 GMT

GET
H/1.1 200
OK jquery.periodicalupdater.js Show response
securefileshares.com/javascripts/ 7 KB
2 KB 200ms
101ms Script
application/javascript 52.72.149.139
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

http://securefileshares.com/javascripts/jquery.periodicalupdater.js

Requested by

Host: securefileshares.com
URL: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96

Protocol

HTTP/1.1

Server

52.72.149.139 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-72-149-139.compute-1.amazonaws.com

Software

Apache /

Resource Hash

850ebab175e20015432217d462b446fd904cc7e90ae8c0339212053481163969

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: securefileshares.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
Cookie: _phishme.com_session_id=a04606cb65f76d4d040f99d9dcc99c76
Connection: keep-alive
Cache-Control: no-cache
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Wed, 24 May 2017 19:20:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 2221
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 17 May 2017 18:44:08 GMT
Server: Apache
ETag: "a88de-1a02-54fbcac606e00"
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: http://landing.phishme.com
Cache-Control: max-age=0
Accept-Ranges: bytes
Expires: Wed, 24 May 2017 19:20:57 GMT

GET
H/1.1 200
OK pm_logo_notm.png
securefileshares.com/system/content_images/uploads/d5b/73d/9d-/original/ 17 KB
17 KB 184ms
101ms Image
image/png 52.72.149.139
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://securefileshares.com/system/content_images/uploads/d5b/73d/9d-/original/pm_logo_notm.png

Requested by

Host: securefileshares.com
URL: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96

Protocol

HTTP/1.1

Server

52.72.149.139 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-72-149-139.compute-1.amazonaws.com

Software

Apache /

Resource Hash

43669a7066fcce2aa7d1f2b21196031b1c2720d0ec333fa07ef89bb7e336f063

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: securefileshares.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
Cookie: _phishme.com_session_id=a04606cb65f76d4d040f99d9dcc99c76
Connection: keep-alive
Cache-Control: no-cache
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Wed, 24 May 2017 19:20:57 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 09 Feb 2016 15:01:08 GMT
Server: Apache
ETag: "1c2b6c-42dc-52b5796573500"
X-Download-Options: noopen
Content-Type: image/png
Access-Control-Allow-Origin: http://landing.phishme.com
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17116
X-XSS-Protection: 1; mode=block
Expires: Wed, 24 May 2017 19:20:57 GMT

GET
H/1.1 200
OK spear_phishing_reporting_an_email.gif
securefileshares.com/system/content_images/uploads/5d9/418/21-/original/ 191 KB
191 KB 103ms
103ms Image
image/gif 52.5.232.69
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://securefileshares.com/system/content_images/uploads/5d9/418/21-/original/spear_phishing_reporting_an_email.gif

Requested by

Host: securefileshares.com
URL: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96

Protocol

HTTP/1.1

Server

52.5.232.69 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-5-232-69.compute-1.amazonaws.com

Software

Apache /

Resource Hash

a37691987ae1881a935b06723347f4a36e55ae7f0e7d36ee8ec4f73c1169314f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: securefileshares.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
Cookie: _phishme.com_session_id=a04606cb65f76d4d040f99d9dcc99c76
Connection: keep-alive
Cache-Control: no-cache
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Wed, 24 May 2017 19:20:57 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 11 Jan 2017 09:29:16 GMT
Server: Apache
ETag: "c01bb-2fa41-545ce3c039300"
X-Download-Options: noopen
Content-Type: image/gif
Access-Control-Allow-Origin: http://landing.phishme.com
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 195137
X-XSS-Protection: 1; mode=block
Expires: Wed, 24 May 2017 19:20:57 GMT

GET
H/1.1 200
OK spear_phishing_spam_email.gif
securefileshares.com/system/content_images/uploads/a8a/8bb/79-/original/ 167 KB
167 KB 101ms
101ms Image
image/gif 52.72.149.139
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://securefileshares.com/system/content_images/uploads/a8a/8bb/79-/original/spear_phishing_spam_email.gif

Requested by

Host: securefileshares.com
URL: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96

Protocol

HTTP/1.1

Server

52.72.149.139 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-72-149-139.compute-1.amazonaws.com

Software

Apache /

Resource Hash

eba4fcfbc641c3bd2c1f90093cb775f01836c68d07b40d8bf3619272f4a9691e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: securefileshares.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
Cookie: _phishme.com_session_id=a04606cb65f76d4d040f99d9dcc99c76
Connection: keep-alive
Cache-Control: no-cache
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Wed, 24 May 2017 19:20:57 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 11 Jan 2017 09:30:08 GMT
Server: Apache
ETag: "18306a-29c1c-545ce3f1d0800"
X-Download-Options: noopen
Content-Type: image/gif
Access-Control-Allow-Origin: http://landing.phishme.com
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 171036
X-XSS-Protection: 1; mode=block
Expires: Wed, 24 May 2017 19:20:57 GMT

GET
H/1.1 200
OK spear_phishing_phishing_email.gif
securefileshares.com/system/content_images/uploads/5e9/1ae/27-/original/ 383 KB
383 KB 102ms
102ms Image
image/gif 52.72.149.139
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://securefileshares.com/system/content_images/uploads/5e9/1ae/27-/original/spear_phishing_phishing_email.gif

Requested by

Host: securefileshares.com
URL: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96

Protocol

HTTP/1.1

Server

52.72.149.139 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-72-149-139.compute-1.amazonaws.com

Software

Apache /

Resource Hash

f6f2ea0b43cb7643d64f8bde7b7ec6e5ad27374af93b841c09ff59d18375522b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: securefileshares.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
Cookie: _phishme.com_session_id=a04606cb65f76d4d040f99d9dcc99c76
Connection: keep-alive
Cache-Control: no-cache
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Wed, 24 May 2017 19:20:57 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 11 Jan 2017 09:21:20 GMT
Server: Apache
ETag: "c01c2-5fbc5-545ce1fa46400"
X-Download-Options: noopen
Content-Type: image/gif
Access-Control-Allow-Origin: http://landing.phishme.com
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 392133
X-XSS-Protection: 1; mode=block
Expires: Wed, 24 May 2017 19:20:57 GMT

GET
H/1.1 200
OK spear_phishing_email.gif
securefileshares.com/system/content_images/uploads/266/ec7/02-/original/ 127 KB
127 KB 101ms
101ms Image
image/gif 52.72.149.139
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://securefileshares.com/system/content_images/uploads/266/ec7/02-/original/spear_phishing_email.gif

Requested by

Host: securefileshares.com
URL: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96

Protocol

HTTP/1.1

Server

52.72.149.139 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-72-149-139.compute-1.amazonaws.com

Software

Apache /

Resource Hash

d56ac9213a7f4ff9d5c99145d8322603ca2756c93011a29c4f50ad38fa03a9cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: securefileshares.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
Cookie: _phishme.com_session_id=a04606cb65f76d4d040f99d9dcc99c76
Connection: keep-alive
Cache-Control: no-cache
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Wed, 24 May 2017 19:20:57 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 11 Jan 2017 09:30:06 GMT
Server: Apache
ETag: "163572-1fca6-545ce3efe8380"
X-Download-Options: noopen
Content-Type: image/gif
Access-Control-Allow-Origin: http://landing.phishme.com
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 130214
X-XSS-Protection: 1; mode=block
Expires: Wed, 24 May 2017 19:20:57 GMT

GET
H/1.1 200
OK spear_phishing_research.gif
securefileshares.com/system/content_images/uploads/22c/f25/cd-/original/ 347 KB
347 KB 101ms
101ms Image
image/gif 52.72.149.139
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://securefileshares.com/system/content_images/uploads/22c/f25/cd-/original/spear_phishing_research.gif

Requested by

Host: securefileshares.com
URL: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96

Protocol

HTTP/1.1

Server

52.72.149.139 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-72-149-139.compute-1.amazonaws.com

Software

Apache /

Resource Hash

13586ed727097149e97e224ba97fb3ba026fa2371f4a4bd6ccd3f5fc3dbb08c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: securefileshares.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
Cookie: _phishme.com_session_id=a04606cb65f76d4d040f99d9dcc99c76
Connection: keep-alive
Cache-Control: no-cache
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Wed, 24 May 2017 19:20:57 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 11 Jan 2017 09:29:34 GMT
Server: Apache
ETag: "c01a7-56c51-545ce3d163b80"
X-Download-Options: noopen
Content-Type: image/gif
Access-Control-Allow-Origin: http://landing.phishme.com
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 355409
X-XSS-Protection: 1; mode=block
Expires: Wed, 24 May 2017 19:20:57 GMT

GET
H/1.1 200
OK spear_phishing_desktop_link_dark.gif
securefileshares.com/system/content_images/uploads/c43/fac/f3-/original/ 56 KB
56 KB 102ms
102ms Image
image/gif 52.72.149.139
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://securefileshares.com/system/content_images/uploads/c43/fac/f3-/original/spear_phishing_desktop_link_dark.gif

Requested by

Host: securefileshares.com
URL: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96

Protocol

HTTP/1.1

Server

52.72.149.139 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-72-149-139.compute-1.amazonaws.com

Software

Apache /

Resource Hash

8e7e8a9ae09b90ae3ea9f030a3ca597dde9bc0087e43d528dcc9938bb6c77f3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: securefileshares.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
Cookie: _phishme.com_session_id=a04606cb65f76d4d040f99d9dcc99c76
Connection: keep-alive
Cache-Control: no-cache
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Wed, 24 May 2017 19:20:57 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 11 Jan 2017 09:19:13 GMT
Server: Apache
ETag: "c0199-e11f-545ce18128640"
X-Download-Options: noopen
Content-Type: image/gif
Access-Control-Allow-Origin: http://landing.phishme.com
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 57631
X-XSS-Protection: 1; mode=block
Expires: Wed, 24 May 2017 19:20:57 GMT

GET
H/1.1 200
OK spear_phishing_mobile_link_dark.gif
securefileshares.com/system/content_images/uploads/1bf/403/0a-/original/ 99 KB
99 KB 101ms
101ms Image
image/gif 52.5.232.69
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://securefileshares.com/system/content_images/uploads/1bf/403/0a-/original/spear_phishing_mobile_link_dark.gif

Requested by

Host: securefileshares.com
URL: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96

Protocol

HTTP/1.1

Server

52.5.232.69 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-5-232-69.compute-1.amazonaws.com

Software

Apache /

Resource Hash

2c80dc6f15fe5fa531f4f914aa4eb55eae8ded7bd267436d68f09108d07e0abd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: securefileshares.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
Cookie: _phishme.com_session_id=a04606cb65f76d4d040f99d9dcc99c76
Connection: keep-alive
Cache-Control: no-cache
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Wed, 24 May 2017 19:20:57 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 11 Jan 2017 09:19:48 GMT
Server: Apache
ETag: "c0192-18a3a-545ce1a289500"
X-Download-Options: noopen
Content-Type: image/gif
Access-Control-Allow-Origin: http://landing.phishme.com
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 100922
X-XSS-Protection: 1; mode=block
Expires: Wed, 24 May 2017 19:20:57 GMT

GET
H/1.1 200
OK spear_phishing_icon_think_twice.gif
securefileshares.com/system/content_images/uploads/fa9/4c8/57-/original/ 58 KB
58 KB 101ms
101ms Image
image/gif 52.72.149.139
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://securefileshares.com/system/content_images/uploads/fa9/4c8/57-/original/spear_phishing_icon_think_twice.gif

Requested by

Host: securefileshares.com
URL: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96

Protocol

HTTP/1.1

Server

52.72.149.139 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-72-149-139.compute-1.amazonaws.com

Software

Apache /

Resource Hash

2941e92b16e15240361edc85ff772b9f46cc4d72a4280eeca127ca13d2254f22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: securefileshares.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
Cookie: _phishme.com_session_id=a04606cb65f76d4d040f99d9dcc99c76
Connection: keep-alive
Cache-Control: no-cache
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Wed, 24 May 2017 19:20:57 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 11 Jan 2017 09:24:08 GMT
Server: Apache
ETag: "c01f3-e9f5-545ce29a7de00"
X-Download-Options: noopen
Content-Type: image/gif
Access-Control-Allow-Origin: http://landing.phishme.com
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 59893
X-XSS-Protection: 1; mode=block
Expires: Wed, 24 May 2017 19:20:57 GMT

GET
H/1.1 200
OK spear_phishing_icon_always_verify.gif
securefileshares.com/system/content_images/uploads/f60/1d0/f4-/original/ 180 KB
180 KB 102ms
102ms Image
image/gif 52.72.149.139
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://securefileshares.com/system/content_images/uploads/f60/1d0/f4-/original/spear_phishing_icon_always_verify.gif

Requested by

Host: securefileshares.com
URL: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96

Protocol

HTTP/1.1

Server

52.72.149.139 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-72-149-139.compute-1.amazonaws.com

Software

Apache /

Resource Hash

157b318ea982bb18b401a23c4061ec92e416f286a787117d4c445c08c286878a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: securefileshares.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
Cookie: _phishme.com_session_id=a04606cb65f76d4d040f99d9dcc99c76
Connection: keep-alive
Cache-Control: no-cache
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Wed, 24 May 2017 19:20:57 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 11 Jan 2017 09:30:09 GMT
Server: Apache
ETag: "183835-2cf01-545ce3f2c4a40"
X-Download-Options: noopen
Content-Type: image/gif
Access-Control-Allow-Origin: http://landing.phishme.com
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 184065
X-XSS-Protection: 1; mode=block
Expires: Wed, 24 May 2017 19:20:57 GMT

GET
H/1.1 200
OK spear_phishing_icon_domain_name.gif
securefileshares.com/system/content_images/uploads/14c/434/68-/original/ 36 KB
36 KB 102ms
101ms Image
image/gif 52.5.232.69
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://securefileshares.com/system/content_images/uploads/14c/434/68-/original/spear_phishing_icon_domain_name.gif

Requested by

Host: securefileshares.com
URL: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96

Protocol

HTTP/1.1

Server

52.5.232.69 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-5-232-69.compute-1.amazonaws.com

Software

Apache /

Resource Hash

07b5c01ccd65fa2bb08ac49c098ab3984d50d0746129566abed085bc84ba1d45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: securefileshares.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
Cookie: _phishme.com_session_id=a04606cb65f76d4d040f99d9dcc99c76
Connection: keep-alive
Cache-Control: no-cache
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Wed, 24 May 2017 19:20:57 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 11 Jan 2017 09:23:37 GMT
Server: Apache
ETag: "c01a0-9118-545ce27ced840"
X-Download-Options: noopen
Content-Type: image/gif
Access-Control-Allow-Origin: http://landing.phishme.com
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37144
X-XSS-Protection: 1; mode=block
Expires: Wed, 24 May 2017 19:20:57 GMT

GET
H/1.1 200
OK spear_phishing_icon_emotions.gif
securefileshares.com/system/content_images/uploads/82c/d26/48-/original/ 70 KB
70 KB 102ms
102ms Image
image/gif 52.72.149.139
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://securefileshares.com/system/content_images/uploads/82c/d26/48-/original/spear_phishing_icon_emotions.gif

Requested by

Host: securefileshares.com
URL: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96

Protocol

HTTP/1.1

Server

52.72.149.139 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-72-149-139.compute-1.amazonaws.com

Software

Apache /

Resource Hash

f3480f5a9f5982bd692fe66f20c15b451be6eec80d773e29b3775c37e460c893

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: securefileshares.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
Cookie: _phishme.com_session_id=a04606cb65f76d4d040f99d9dcc99c76
Connection: keep-alive
Cache-Control: no-cache
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Wed, 24 May 2017 19:20:57 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 11 Jan 2017 09:23:53 GMT
Server: Apache
ETag: "c01d0-1180a-545ce28c2fc40"
X-Download-Options: noopen
Content-Type: image/gif
Access-Control-Allow-Origin: http://landing.phishme.com
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 71690
X-XSS-Protection: 1; mode=block
Expires: Wed, 24 May 2017 19:20:57 GMT

GET
H/1.1 200
OK jquery-2.1.1.js Show response
securefileshares.com/system/content_files/uploads/9b5/f4f/f4-/original/ 242 KB
72 KB 119ms
118ms Script
application/javascript 52.72.149.139
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

http://securefileshares.com/system/content_files/uploads/9b5/f4f/f4-/original/jquery-2.1.1.js

Requested by

Host: securefileshares.com
URL: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96

Protocol

HTTP/1.1

Server

52.72.149.139 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-72-149-139.compute-1.amazonaws.com

Software

Apache /

Resource Hash

140ff438eaaede046f1ceba27579d16dc980595709391873fa9bf74d7dbe53ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: securefileshares.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
Cookie: _phishme.com_session_id=a04606cb65f76d4d040f99d9dcc99c76
Connection: keep-alive
Cache-Control: no-cache
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Wed, 24 May 2017 19:20:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
transfer-encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 10 Jun 2016 16:30:38 GMT
Server: Apache
ETag: "1c2a42-3c637-534ef0f0ea780"
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: http://landing.phishme.com
Cache-Control: max-age=0
Accept-Ranges: bytes
Expires: Wed, 24 May 2017 19:20:57 GMT

GET
H/1.1 200
OK TweenMax.min.js Show response
securefileshares.com/system/content_files/uploads/94e/a04/6e-/original/ 108 KB
36 KB 108ms
108ms Script
application/javascript 52.72.149.139
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

http://securefileshares.com/system/content_files/uploads/94e/a04/6e-/original/TweenMax.min.js

Requested by

Host: securefileshares.com
URL: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96

Protocol

HTTP/1.1

Server

52.72.149.139 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-72-149-139.compute-1.amazonaws.com

Software

Apache /

Resource Hash

97982680a892d29f743ce32b99fb340cc4a186769e56380998145868781f4ebe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: securefileshares.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
Cookie: _phishme.com_session_id=a04606cb65f76d4d040f99d9dcc99c76
Connection: keep-alive
Cache-Control: no-cache
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Wed, 24 May 2017 19:20:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 36848
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 18 Oct 2016 19:30:13 GMT
Server: Apache
ETag: "106561-1aeba-53f28b8aadb40"
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: http://landing.phishme.com
Cache-Control: max-age=0
Accept-Ranges: bytes
Expires: Wed, 24 May 2017 19:20:57 GMT

GET
H/1.1 200
OK jquery.scrollmagic.js Show response
securefileshares.com/system/content_files/uploads/158/5db/61-/original/ 96 KB
22 KB 106ms
106ms Script
application/javascript 52.5.232.69
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

http://securefileshares.com/system/content_files/uploads/158/5db/61-/original/jquery.scrollmagic.js

Requested by

Host: securefileshares.com
URL: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96

Protocol

HTTP/1.1

Server

52.5.232.69 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-5-232-69.compute-1.amazonaws.com

Software

Apache /

Resource Hash

737d4bc9a0711a4f48ba658e5fb0b01edf759b06f3c5b4c3f5e20dea57c096a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: securefileshares.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
Cookie: _phishme.com_session_id=a04606cb65f76d4d040f99d9dcc99c76
Connection: keep-alive
Cache-Control: no-cache
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Wed, 24 May 2017 19:20:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 22868
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 10 Nov 2016 13:44:27 GMT
Server: Apache
ETag: "2028c7-180be-540f29275a4c0"
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: http://landing.phishme.com
Cache-Control: max-age=0
Accept-Ranges: bytes
Expires: Wed, 24 May 2017 19:20:57 GMT

GET
H/1.1 200
OK jquery.scrollmagic.debug.js Show response
securefileshares.com/system/content_files/uploads/033/c80/aa-/original/ 9 KB
3 KB 102ms
102ms Script
application/javascript 52.72.149.139
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

http://securefileshares.com/system/content_files/uploads/033/c80/aa-/original/jquery.scrollmagic.debug.js

Requested by

Host: securefileshares.com
URL: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96

Protocol

HTTP/1.1

Server

52.72.149.139 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-72-149-139.compute-1.amazonaws.com

Software

Apache /

Resource Hash

6f7d450163a86d89e7ee83a135fab2301917786087adc5dc30437163f9f15724

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: securefileshares.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
Cookie: _phishme.com_session_id=a04606cb65f76d4d040f99d9dcc99c76
Connection: keep-alive
Cache-Control: no-cache
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Wed, 24 May 2017 19:20:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 2805
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 10 Nov 2016 13:44:47 GMT
Server: Apache
ETag: "2028c2-2269-540f293a6d1c0"
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: http://landing.phishme.com
Cache-Control: max-age=0
Accept-Ranges: bytes
Expires: Wed, 24 May 2017 19:20:57 GMT

GET
H/1.1 200
OK interactive-education-ui-functions.js Show response
securefileshares.com/system/content_files/uploads/763/db1/0d-/original/ 2 KB
552 B 201ms
102ms Script
application/javascript 52.72.149.139
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

http://securefileshares.com/system/content_files/uploads/763/db1/0d-/original/interactive-education-ui-functions.js

Requested by

Host: securefileshares.com
URL: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96

Protocol

HTTP/1.1

Server

52.72.149.139 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-72-149-139.compute-1.amazonaws.com

Software

Apache /

Resource Hash

499b607d354f7776ce30e97526e9cddd5efd8625bcff6909b1b19c019d67054c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: securefileshares.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
Cookie: _phishme.com_session_id=a04606cb65f76d4d040f99d9dcc99c76
Connection: keep-alive
Cache-Control: no-cache
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Wed, 24 May 2017 19:20:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 552
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 18 Oct 2016 19:30:11 GMT
Server: Apache
ETag: "e60d7-6e9-53f28b88c56c0"
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: http://landing.phishme.com
Cache-Control: max-age=0
Accept-Ranges: bytes
Expires: Wed, 24 May 2017 19:20:57 GMT

GET
H/1.1 200
OK ransomware-interactive-education-animations.js Show response
securefileshares.com/system/content_files/uploads/a08/e00/1c-/original/ 2 KB
622 B 204ms
101ms Script
application/javascript 52.72.149.139
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

http://securefileshares.com/system/content_files/uploads/a08/e00/1c-/original/ransomware-interactive-education-animations.js

Requested by

Host: securefileshares.com
URL: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96

Protocol

HTTP/1.1

Server

52.72.149.139 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-72-149-139.compute-1.amazonaws.com

Software

Apache /

Resource Hash

c6691461bd66bf66f4ad761c943958d29028a0ac0b30fb7a6b9e4e84c152b5ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: securefileshares.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
Cookie: _phishme.com_session_id=a04606cb65f76d4d040f99d9dcc99c76
Connection: keep-alive
Cache-Control: no-cache
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Wed, 24 May 2017 19:20:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 622
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 20 Mar 2017 10:10:06 GMT
Server: Apache
ETag: "1c2a4c-7c1-54b26bb411b80"
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: http://landing.phishme.com
Cache-Control: max-age=0
Accept-Ranges: bytes
Expires: Wed, 24 May 2017 19:20:57 GMT

GET
H2 200 IQHow_FEYlDC4Gzy_m8fcoWiMMZ7xLd792ULpGE4W_Y.woff2
fonts.gstatic.com/s/montserrat/v10/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v10/IQHow_FEYlDC4Gzy_m8fcoWiMMZ7xLd792ULpGE4W_Y.woff2

Requested by

Host: securefileshares.com
URL: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:814::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

b05251dbacb6ca01270596e851efad6fe9469e44df1d8472c33eb4c3d7e2cc0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /s/montserrat/v10/IQHow_FEYlDC4Gzy_m8fcoWiMMZ7xLd792ULpGE4W_Y.woff2
pragma: no-cache
origin: http://securefileshares.com
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: fonts.gstatic.com
referer: https://fonts.googleapis.com/css?family=Montserrat:400,700
:scheme: https
x-client-data: CIi2yQEIpLbJAQ==
:method: GET
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,700
Origin: http://securefileshares.com

Response headers

date: Wed, 17 May 2017 15:27:52 GMT
x-content-type-options: nosniff
last-modified: Thu, 09 Feb 2017 01:14:07 GMT
server: sffe
age: 618785
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="37,36,35"
content-length: 15328
x-xss-protection: 1; mode=block
expires: Thu, 17 May 2018 15:27:52 GMT

GET
H2 200 zhcz-_WihjSQC0oHJ9TCYPk_vArhqVIZ0nv9q090hN8.woff2
fonts.gstatic.com/s/montserrat/v10/ 15 KB
15 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:814::2003
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v10/zhcz-_WihjSQC0oHJ9TCYPk_vArhqVIZ0nv9q090hN8.woff2

Requested by

Host: securefileshares.com
URL: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:814::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

e7907501c0d4588fa7529b23d8c6d5b9cdc3e35c656c1d96d704a406704bac01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /s/montserrat/v10/zhcz-_WihjSQC0oHJ9TCYPk_vArhqVIZ0nv9q090hN8.woff2
pragma: no-cache
origin: http://securefileshares.com
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: fonts.gstatic.com
referer: https://fonts.googleapis.com/css?family=Montserrat:400,700
:scheme: https
x-client-data: CIi2yQEIpLbJAQ==
:method: GET
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,700
Origin: http://securefileshares.com

Response headers

date: Wed, 17 May 2017 15:27:52 GMT
x-content-type-options: nosniff
last-modified: Thu, 09 Feb 2017 01:12:56 GMT
server: sffe
age: 618785
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="37,36,35"
content-length: 15148
x-xss-protection: 1; mode=block
expires: Thu, 17 May 2018 15:27:52 GMT

GET
H/1.1 200
OK envelope.gif
securefileshares.com/system/content_images/uploads/65b/71f/23-/original/ 4 KB
4 KB 101ms
101ms Image
image/gif 52.72.149.139
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://securefileshares.com/system/content_images/uploads/65b/71f/23-/original/envelope.gif

Requested by

Host: securefileshares.com
URL: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96

Protocol

HTTP/1.1

Server

52.72.149.139 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-72-149-139.compute-1.amazonaws.com

Software

Apache /

Resource Hash

ca6edf4c8589c3441b429fcca0899b5fb45a1b79c911d0760dd448bcdf52a12c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: securefileshares.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
Cookie: _phishme.com_session_id=a04606cb65f76d4d040f99d9dcc99c76
Connection: keep-alive
Cache-Control: no-cache
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Wed, 24 May 2017 19:20:57 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 13 Jan 2017 17:00:08 GMT
Server: Apache
ETag: "163bba-ea4-545fcc41f1600"
X-Download-Options: noopen
Content-Type: image/gif
Access-Control-Allow-Origin: http://landing.phishme.com
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3748
X-XSS-Protection: 1; mode=block
Expires: Wed, 24 May 2017 19:20:57 GMT

GET
H/1.1 200
OK envelope_fear_hover.gif
securefileshares.com/system/content_images/uploads/a40/72c/8a-/original/ 21 KB
21 KB 104ms
103ms Image
image/gif 52.5.232.69
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://securefileshares.com/system/content_images/uploads/a40/72c/8a-/original/envelope_fear_hover.gif

Requested by

Host: securefileshares.com
URL: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96

Protocol

HTTP/1.1

Server

52.5.232.69 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-5-232-69.compute-1.amazonaws.com

Software

Apache /

Resource Hash

066c7991284c3b9adb2ec024cfd2a0dbef89ef3c793054f3187e259b9eb8afef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: securefileshares.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
Cookie: _phishme.com_session_id=a04606cb65f76d4d040f99d9dcc99c76
Connection: keep-alive
Cache-Control: no-cache
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Wed, 24 May 2017 19:20:57 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 13 Jan 2017 16:54:47 GMT
Server: Apache
ETag: "c0218-5212-545fcb0fd03c0"
X-Download-Options: noopen
Content-Type: image/gif
Access-Control-Allow-Origin: http://landing.phishme.com
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21010
X-XSS-Protection: 1; mode=block
Expires: Wed, 24 May 2017 19:20:57 GMT

GET
H/1.1 200
OK envelope_urgency_hover.gif
securefileshares.com/system/content_images/uploads/6b2/945/7d-/original/ 21 KB
21 KB 101ms
100ms Image
image/gif 52.72.149.139
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://securefileshares.com/system/content_images/uploads/6b2/945/7d-/original/envelope_urgency_hover.gif

Requested by

Host: securefileshares.com
URL: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96

Protocol

HTTP/1.1

Server

52.72.149.139 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-72-149-139.compute-1.amazonaws.com

Software

Apache /

Resource Hash

8a8bf9e70d962d288869428c2318ee6d3f08ff21f4c80955e1e65f3213ac1506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: securefileshares.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
Cookie: _phishme.com_session_id=a04606cb65f76d4d040f99d9dcc99c76
Connection: keep-alive
Cache-Control: no-cache
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Wed, 24 May 2017 19:20:57 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 13 Jan 2017 17:00:08 GMT
Server: Apache
ETag: "163c62-533a-545fcc41f1600"
X-Download-Options: noopen
Content-Type: image/gif
Access-Control-Allow-Origin: http://landing.phishme.com
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21306
X-XSS-Protection: 1; mode=block
Expires: Wed, 24 May 2017 19:20:57 GMT

GET
H/1.1 200
OK envelope_curiosity_hover.gif
securefileshares.com/system/content_images/uploads/399/8f4/80-/original/ 21 KB
21 KB 101ms
101ms Image
image/gif 52.72.149.139
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://securefileshares.com/system/content_images/uploads/399/8f4/80-/original/envelope_curiosity_hover.gif

Requested by

Host: securefileshares.com
URL: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96

Protocol

HTTP/1.1

Server

52.72.149.139 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-72-149-139.compute-1.amazonaws.com

Software

Apache /

Resource Hash

20c1f86adffd443874a7fd3c23c544605acaf67c0baafcf1dce185912bec84fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: securefileshares.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
Cookie: _phishme.com_session_id=a04606cb65f76d4d040f99d9dcc99c76
Connection: keep-alive
Cache-Control: no-cache
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Wed, 24 May 2017 19:20:58 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 13 Jan 2017 16:54:38 GMT
Server: Apache
ETag: "c020a-54f1-545fcb073af80"
X-Download-Options: noopen
Content-Type: image/gif
Access-Control-Allow-Origin: http://landing.phishme.com
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21745
X-XSS-Protection: 1; mode=block
Expires: Wed, 24 May 2017 19:20:58 GMT

GET
H/1.1 200
OK envelope_opportunity_hover.gif
securefileshares.com/system/content_images/uploads/31c/a34/ed-/original/ 22 KB
22 KB 103ms
103ms Image
image/gif 52.72.149.139
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://securefileshares.com/system/content_images/uploads/31c/a34/ed-/original/envelope_opportunity_hover.gif

Requested by

Host: securefileshares.com
URL: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96

Protocol

HTTP/1.1

Server

52.72.149.139 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-72-149-139.compute-1.amazonaws.com

Software

Apache /

Resource Hash

7900677521c10b71a7edaaea24d3e931289eb5e64c0512a5b8097f3198506471

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: securefileshares.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
Cookie: _phishme.com_session_id=a04606cb65f76d4d040f99d9dcc99c76
Connection: keep-alive
Cache-Control: no-cache
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Wed, 24 May 2017 19:20:58 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 13 Jan 2017 16:55:02 GMT
Server: Apache
ETag: "203d50-583a-545fcb1e1e580"
X-Download-Options: noopen
Content-Type: image/gif
Access-Control-Allow-Origin: http://landing.phishme.com
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22586
X-XSS-Protection: 1; mode=block
Expires: Wed, 24 May 2017 19:20:58 GMT

GET
H/1.1 200
OK envelope_recognition_hover.gif
securefileshares.com/system/content_images/uploads/c6d/5a0/03-/original/ 21 KB
21 KB 102ms
102ms Image
image/gif 52.72.149.139
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://securefileshares.com/system/content_images/uploads/c6d/5a0/03-/original/envelope_recognition_hover.gif

Requested by

Host: securefileshares.com
URL: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96

Protocol

HTTP/1.1

Server

52.72.149.139 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-72-149-139.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b525a2ceaa84a95c15f0c88777a1f712a80495d2775f73933f1515f01780f92b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: securefileshares.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
Cookie: _phishme.com_session_id=a04606cb65f76d4d040f99d9dcc99c76
Connection: keep-alive
Cache-Control: no-cache
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Wed, 24 May 2017 19:20:58 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 13 Jan 2017 17:00:10 GMT
Server: Apache
ETag: "1832fa-547d-545fcc43d9a80"
X-Download-Options: noopen
Content-Type: image/gif
Access-Control-Allow-Origin: http://landing.phishme.com
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21629
X-XSS-Protection: 1; mode=block
Expires: Wed, 24 May 2017 19:20:58 GMT

POST
H/1.1 200
OK plugin_surveys Show response
securefileshares.com/ 0
0 190ms
159ms XHR
text/plain 52.72.149.139
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

http://securefileshares.com/plugin_surveys

Requested by

Host: securefileshares.com
URL: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96

Protocol

HTTP/1.1

Server

52.72.149.139 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-72-149-139.compute-1.amazonaws.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Pragma: no-cache
X-NewRelic-ID: VQcPVVdXDRABV1FSAwIOVw==
Origin: http://securefileshares.com
Accept-Encoding: gzip, deflate
Host: securefileshares.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Content-Type: application/json; charset=UTF-8
Accept: application/json, text/javascript, */*; q=0.01
Cache-Control: no-cache
X-Requested-With: XMLHttpRequest
Cookie: _phishme.com_session_id=a04606cb65f76d4d040f99d9dcc99c76
Connection: keep-alive
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
Content-Length: 165
Accept: application/json, text/javascript, */*; q=0.01
X-NewRelic-ID: VQcPVVdXDRABV1FSAwIOVw==
Origin: http://securefileshares.com
X-Requested-With: XMLHttpRequest
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Wed, 24 May 2017 19:20:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff nosniff
Access-Control-Allow-Origin: http://landing.phishme.com
Status: 200 OK
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 20
X-XSS-Protection: 1; mode=block 1; mode=block
X-Request-Id: feb50e94-f820-42e5-9192-88d232ce899f
X-Runtime: 0.055204
X-NewRelic-App-Data: PxQGUF5XCQcFR1BRBwEDVV0AFB9AJQwMRBBXDlRdRh1DCUwGWA9sERFEQQQfEBdQQgEAFlITG1ZKARoDTFZWVwBRC1sKCgULBlEKVQRWH09VGhUAUlRdAwVTVFoCVFZXUQICET8=
Server: Apache
X-Download-Options: noopen
X-Frame-Options: DENY
Content-Type: text/plain; charset=utf-8
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK nr-1026.min.js Show response
js-agent.newrelic.com/ 22 KB
9 KB 28ms
6ms Script
application/javascript 151.101.12.207
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1026.min.js
Requested by: Host: securefileshares.com
URL: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.207 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2d10816bada4d94734c1cb7e191ffb89ea7d9bb5c11b3e680f6b00c3a28d4e41

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: js-agent.newrelic.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
Connection: keep-alive
Cache-Control: no-cache
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Wed, 24 May 2017 19:20:58 GMT
Content-Encoding: gzip
x-amz-request-id: 0914FEC784ABF006
X-Cache: HIT
Connection: keep-alive
Content-Length: 8844
x-amz-id-2: yAwOE3oXgEDy8s2JBtuuoSl6Ifmhqzhj1gKcSITArOYW8yYr7LDFBjP+b2t5AK7i8yvzo8xWP6g=
X-Served-By: cache-fra1243-FRA
Last-Modified: Mon, 06 Mar 2017 21:10:03 GMT
Server: AmazonS3
X-Timer: S1495653658.153909,VS0,VE0
ETag: "230c916aaa9194e21891a639a9c2b8eb"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 varnish
Cache-Control: public, max-age=7200, stale-if-error=604800
Accept-Ranges: bytes
X-Cache-Hits: 17079

GET
H/1.1 200
OK favicon.ico
securefileshares.com/ 101 KB
30 KB 140ms
140ms Other
text/html 52.72.149.139
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

http://securefileshares.com/favicon.ico

Protocol

HTTP/1.1

Server

52.72.149.139 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-72-149-139.compute-1.amazonaws.com

Software

Apache /

Resource Hash

189e1e9323ac0df17cb53fdccd1c00387bf13d7e3fef06e44ee2af1781cf352c

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: securefileshares.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
Cookie: _phishme.com_session_id=a04606cb65f76d4d040f99d9dcc99c76
Connection: keep-alive
Cache-Control: no-cache
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Wed, 24 May 2017 19:20:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff nosniff
Access-Control-Allow-Origin: http://landing.phishme.com
Status: 200 OK
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 30788
X-XSS-Protection: 1; mode=block 1; mode=block
X-Request-Id: be354045-4bbe-4c48-a0c7-520622aed608
X-Runtime: 0.031472
Server: Apache
X-Download-Options: noopen
X-Frame-Options: DENY
Content-Type: text/html; charset=utf-8
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Cookie set 73bf9a7a36 Show response
bam.nr-data.net/1/ 57 B
57 B 431ms
107ms Script
text/javascript 162.247.242.20
New Relic

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/73bf9a7a36?a=13004391&v=1026.7a27a3e&to=IVgNERBXXg9cShpEXhZSTBMLXUU8VVlbU14MUDwVA19X&rst=2259&ref=http://securefileshares.com/98711298/5e3579/&ap=28&be=1091&fe=2223&dc=1676&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1495653655907,%22n%22:0,%22f%22:689,%22dn%22:689,%22dne%22:837,%22c%22:837,%22ce%22:935,%22rq%22:935,%22rp%22:1080,%22rpe%22:1178,%22dl%22:1081,%22di%22:1676,%22ds%22:1676,%22de%22:1708,%22dc%22:2222,%22l%22:2222,%22le%22:2224%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1026.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 162.247.242.20 , United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US),
Reverse DNS: bam-8.nr-data.net
Software: /
Resource Hash: d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: bam.nr-data.net
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
Connection: keep-alive
Cache-Control: no-cache
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Set-Cookie: JSESSIONID=d2e05ba5ea48ae54;Path=/;Domain=.nr-data.net;Secure
Content-Type: text/javascript;charset=ISO-8859-1
Content-Length: 57
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK 73bf9a7a36 Show response
bam.nr-data.net/resources/1/ 0
0 213ms
213ms XHR
text/plain 162.247.242.20
New Relic

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/resources/1/73bf9a7a36?a=13004391&v=1026.7a27a3e&to=IVgNERBXXg9cShpEXhZSTBMLXUU8VVlbU14MUDwVA19X&rst=2695&ref=http://securefileshares.com/98711298/5e3579/&st=1495653655907
Requested by: Host: securefileshares.com
URL: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 162.247.242.20 , United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US),
Reverse DNS: bam-8.nr-data.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Origin: http://securefileshares.com
Accept-Encoding: gzip, deflate, br
Host: bam.nr-data.net
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
content-type: text/plain
Accept: */*
Cache-Control: no-cache
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
Cookie: JSESSIONID=d2e05ba5ea48ae54
Connection: keep-alive
Content-Length: 6180
Referer: http://securefileshares.com/98711298/5e3579/?login_id=890a9075-8ef1-4d46-956c-d558a0abce96
Origin: http://securefileshares.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: http://securefileshares.com
Access-Control-Allow-Credentials: true
Content-Length: 0
Content-Type: text/plain

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			securefileshares.com/	1970-01-01 00:00:00	Name: _phishme.com_session_id Value: a04606cb65f76d4d040f99d9dcc99c76

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
securefileshares.com
151.101.12.207
162.247.242.20
2a00:1450:4001:814::2003
2a00:1450:4001:814::200a
52.5.232.69
52.72.149.139
066c7991284c3b9adb2ec024cfd2a0dbef89ef3c793054f3187e259b9eb8afef
07b5c01ccd65fa2bb08ac49c098ab3984d50d0746129566abed085bc84ba1d45
13586ed727097149e97e224ba97fb3ba026fa2371f4a4bd6ccd3f5fc3dbb08c8
140ff438eaaede046f1ceba27579d16dc980595709391873fa9bf74d7dbe53ac
157b318ea982bb18b401a23c4061ec92e416f286a787117d4c445c08c286878a
189e1e9323ac0df17cb53fdccd1c00387bf13d7e3fef06e44ee2af1781cf352c
20c1f86adffd443874a7fd3c23c544605acaf67c0baafcf1dce185912bec84fb
2941e92b16e15240361edc85ff772b9f46cc4d72a4280eeca127ca13d2254f22
2c80dc6f15fe5fa531f4f914aa4eb55eae8ded7bd267436d68f09108d07e0abd
2cdbb2cd91e845f48e3af17e3f54e06e951c528f9f232538bc2dd7a133697f3f
2d10816bada4d94734c1cb7e191ffb89ea7d9bb5c11b3e680f6b00c3a28d4e41
43669a7066fcce2aa7d1f2b21196031b1c2720d0ec333fa07ef89bb7e336f063
499b607d354f7776ce30e97526e9cddd5efd8625bcff6909b1b19c019d67054c
517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c
69dca97fc9843ea3758862d874916b6d782b6a7cb6d16181c4d7e2e851581342
6f7d450163a86d89e7ee83a135fab2301917786087adc5dc30437163f9f15724
737d4bc9a0711a4f48ba658e5fb0b01edf759b06f3c5b4c3f5e20dea57c096a8
7900677521c10b71a7edaaea24d3e931289eb5e64c0512a5b8097f3198506471
850ebab175e20015432217d462b446fd904cc7e90ae8c0339212053481163969
8a8bf9e70d962d288869428c2318ee6d3f08ff21f4c80955e1e65f3213ac1506
8e7e8a9ae09b90ae3ea9f030a3ca597dde9bc0087e43d528dcc9938bb6c77f3d
97982680a892d29f743ce32b99fb340cc4a186769e56380998145868781f4ebe
a37691987ae1881a935b06723347f4a36e55ae7f0e7d36ee8ec4f73c1169314f
b05251dbacb6ca01270596e851efad6fe9469e44df1d8472c33eb4c3d7e2cc0c
b525a2ceaa84a95c15f0c88777a1f712a80495d2775f73933f1515f01780f92b
c6691461bd66bf66f4ad761c943958d29028a0ac0b30fb7a6b9e4e84c152b5ef
ca6edf4c8589c3441b429fcca0899b5fb45a1b79c911d0760dd448bcdf52a12c
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
d56ac9213a7f4ff9d5c99145d8322603ca2756c93011a29c4f50ad38fa03a9cb
d96431e9ad5b11965655d3675ae3079a0b8fc1b8c2051b02348221662b417733
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7907501c0d4588fa7529b23d8c6d5b9cdc3e35c656c1d96d704a406704bac01
eba4fcfbc641c3bd2c1f90093cb775f01836c68d07b40d8bf3619272f4a9691e
f3480f5a9f5982bd692fe66f20c15b451be6eec80d773e29b3775c37e460c893
f6f2ea0b43cb7643d64f8bde7b7ec6e5ad27374af93b841c09ff59d18375522b

securefileshares.com Open in urlscan Pro 52.5.232.69 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

36 Requests

17 %HTTPS

33 %IPv6

5 Domains

5 Subdomains

6 IPs

2 Countries

2106 kBTransfer

2700 kBSize

1 Cookies

0 Outgoing links

Redirected requests

36 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

securefileshares.com Open in urlscan Pro
52.5.232.69 Public Scan

Screenshot
Live screenshot

Full Image

36
Requests

17 %
HTTPS

33 %
IPv6

5
Domains

5
Subdomains

6
IPs

2
Countries

2106 kB
Transfer

2700 kB
Size

1
Cookies

36 HTTP transactions
0 data transactions