Submitted URL: https://urldefense.proofpoint.com/v2/url?u=https-3A__secure-2Dcomms.net_pct_pt_get_Crwn64GfWfqpBpUK42G7PQ&d=DwMFaQ&c=tmh68fGhvYqZe...
Effective URL: https://secure-comms.net/pct/pt/get/Crwn64GfWfqpBpUK42G7PQ
Submission: On August 30 via manual from PE

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 10 HTTP transactions. The main IP is 34.238.74.96, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is secure-comms.net.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on December 6th 2017. Valid for: a year.
This is the only time secure-comms.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.231.154.66 22843 (PROOFPOIN...)
1 34.238.74.96 14618 (AMAZON-AES)
9 143.204.208.26 16509 (AMAZON-02)
10 2
Domain Requested by
9 d3f8g76rhaidzk.cloudfront.net secure-comms.net
1 secure-comms.net
1 urldefense.proofpoint.com 1 redirects
10 3

This site contains no links.

Subject Issuer Validity Valid
phishshield.org
Go Daddy Secure Certificate Authority - G2
2017-12-06 -
2018-12-06
a year crt.sh
*.cloudfront.net
DigiCert Global CA G2
2017-11-22 -
2018-11-21
a year crt.sh

This page contains 1 frames:

Primary Page: https://secure-comms.net/pct/pt/get/Crwn64GfWfqpBpUK42G7PQ
Frame ID: 2F1C8F7DFA4775E885D776FC0653B8D6
Requests: 10 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://urldefense.proofpoint.com/v2/url?u=https-3A__secure-2Dcomms.net_pct_pt_get_Crwn64GfWfqpBpUK42G7PQ&d=Dw... HTTP 302
    https://secure-comms.net/pct/pt/get/Crwn64GfWfqpBpUK42G7PQ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

116 kB
Transfer

112 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://urldefense.proofpoint.com/v2/url?u=https-3A__secure-2Dcomms.net_pct_pt_get_Crwn64GfWfqpBpUK42G7PQ&d=DwMFaQ&c=tmh68fGhvYqZefO02qmwIQ&r=KLyODIaxHE2HByH2brjQ1xMT44qrYSSD6Jciowgj68k&m=omSXwWc6F3j5DKXXuVXYqn3_4rTOt7kICwek4sHStqo&s=woT7nGow5t2JPsKRFzUEJ7RwD8sHlp8FZfATxEQbzUM&e= HTTP 302
    https://secure-comms.net/pct/pt/get/Crwn64GfWfqpBpUK42G7PQ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Crwn64GfWfqpBpUK42G7PQ
secure-comms.net/pct/pt/get/
Redirect Chain
  • https://urldefense.proofpoint.com/v2/url?u=https-3A__secure-2Dcomms.net_pct_pt_get_Crwn64GfWfqpBpUK42G7PQ&d=DwMFaQ&c=tmh68fGhvYqZefO02qmwIQ&r=KLyODIaxHE2HByH2brjQ1xMT44qrYSSD6Jciowgj68k&m=omSXwWc6F...
  • https://secure-comms.net/pct/pt/get/Crwn64GfWfqpBpUK42G7PQ
9 KB
9 KB
Document
General
Full URL
https://secure-comms.net/pct/pt/get/Crwn64GfWfqpBpUK42G7PQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.238.74.96 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-238-74-96.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
62e38260823262ea6a64797cb59c5395afd4fa8bfd3d803485ee39392338bf45
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Host
secure-comms.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
2F1C8F7DFA4775E885D776FC0653B8D6

Response headers

Server
nginx/1.12.1
Date
Thu, 30 Aug 2018 18:36:39 GMT
Content-Type
text/html;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Strict-Transport-Security
max-age=15768000

Redirect headers

Date
Thu, 30 Aug 2018 18:36:39 GMT
Content-Length
0
Connection
keep-alive
Location
https://secure-comms.net/pct/pt/get/Crwn64GfWfqpBpUK42G7PQ
Phising_Header_Edugraphics_2018.jpg
d3f8g76rhaidzk.cloudfront.net/Expedia+Only/
32 KB
33 KB
Image
General
Full URL
https://d3f8g76rhaidzk.cloudfront.net/Expedia+Only/Phising_Header_Edugraphics_2018.jpg
Requested by
Host: secure-comms.net
URL: https://secure-comms.net/pct/pt/get/Crwn64GfWfqpBpUK42G7PQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.208.26 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
65b59c8c4108216cd1f5ced0db369cf28010ae60f3aec06ea0a1cb58fc554911

Request headers

Referer
https://secure-comms.net/pct/pt/get/Crwn64GfWfqpBpUK42G7PQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 28 Aug 2018 07:25:41 GMT
Via
1.1 bc44333126502b410c97fe54a495ac36.cloudfront.net (CloudFront)
Last-Modified
Thu, 19 Apr 2018 15:09:19 GMT
Server
AmazonS3
Age
10215
ETag
"d2ee06966126d7bacc9bfe7f696fe648"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
32895
X-Amz-Cf-Id
_mj67ksTyYP8JTU0SL-xTBUOlByBavtvqWr7zAu6DefLfv3p5_6WHA==
sendersaddress.png
d3f8g76rhaidzk.cloudfront.net/Edugraphics/2018_images/URL/
639 B
1 KB
Image
General
Full URL
https://d3f8g76rhaidzk.cloudfront.net/Edugraphics/2018_images/URL/sendersaddress.png
Requested by
Host: secure-comms.net
URL: https://secure-comms.net/pct/pt/get/Crwn64GfWfqpBpUK42G7PQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.208.26 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5ac7d0438e7560b02257ebd24229129ed62706f7751dcbd365d1cac3564b5707

Request headers

Referer
https://secure-comms.net/pct/pt/get/Crwn64GfWfqpBpUK42G7PQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 30 Aug 2018 15:46:26 GMT
Via
1.1 110641d379117242a91443ac729d6def.cloudfront.net (CloudFront)
Last-Modified
Mon, 09 Oct 2017 19:56:50 GMT
Server
AmazonS3
Age
10215
ETag
"b379517e7c99151e841bad7c926ee75b"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
639
X-Amz-Cf-Id
c0VbZLMHZc30j7j9CoUq1KU9a7PSpTYQGkC85Qa4c99qWdYbWhPMOg==
unknown2.png
d3f8g76rhaidzk.cloudfront.net/Edugraphics/2018_images/URL/
2 KB
3 KB
Image
General
Full URL
https://d3f8g76rhaidzk.cloudfront.net/Edugraphics/2018_images/URL/unknown2.png
Requested by
Host: secure-comms.net
URL: https://secure-comms.net/pct/pt/get/Crwn64GfWfqpBpUK42G7PQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.208.26 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
535db5d5984b71e63ba78079e6ca7a74a978284b0c3c44f0f02a112df34a25c6

Request headers

Referer
https://secure-comms.net/pct/pt/get/Crwn64GfWfqpBpUK42G7PQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 28 Aug 2018 07:25:41 GMT
Via
1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
Last-Modified
Mon, 09 Oct 2017 20:21:50 GMT
Server
AmazonS3
Age
10215
ETag
"b984101691f54f8acebaf37b1a056248"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2544
X-Amz-Cf-Id
Zob9ppovIVsx03WK6tgnGP-AIqPeo7oFxlPOvpvrRYqiVoHW2uge_A==
unexpected.png
d3f8g76rhaidzk.cloudfront.net/Edugraphics/2018_images/URL/
872 B
1 KB
Image
General
Full URL
https://d3f8g76rhaidzk.cloudfront.net/Edugraphics/2018_images/URL/unexpected.png
Requested by
Host: secure-comms.net
URL: https://secure-comms.net/pct/pt/get/Crwn64GfWfqpBpUK42G7PQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.208.26 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
edc9821928c17791b038f0fc9f2d053f9367c4edacad58eaaa137b84defa0b40

Request headers

Referer
https://secure-comms.net/pct/pt/get/Crwn64GfWfqpBpUK42G7PQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 30 Aug 2018 15:46:27 GMT
Via
1.1 960a66a5b9d832814160983d391e997c.cloudfront.net (CloudFront)
Last-Modified
Mon, 09 Oct 2017 19:56:49 GMT
Server
AmazonS3
Age
10214
ETag
"1ff414ed61737a67508b7ae52743f0f0"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
872
X-Amz-Cf-Id
iVW-27ZE3869hKp8Xz7njbC4xTpYvyavms8mMa2CWRRwUZX3LBUhBw==
threatening.png
d3f8g76rhaidzk.cloudfront.net/Edugraphics/2018_images/URL/
566 B
1004 B
Image
General
Full URL
https://d3f8g76rhaidzk.cloudfront.net/Edugraphics/2018_images/URL/threatening.png
Requested by
Host: secure-comms.net
URL: https://secure-comms.net/pct/pt/get/Crwn64GfWfqpBpUK42G7PQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.208.26 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d7c869d9e148d5f680d83d963f79286afef75c8cc999891ccdb8fb39c6474b08

Request headers

Referer
https://secure-comms.net/pct/pt/get/Crwn64GfWfqpBpUK42G7PQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 30 Aug 2018 15:46:27 GMT
Via
1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
Last-Modified
Mon, 09 Oct 2017 19:58:36 GMT
Server
AmazonS3
Age
10214
ETag
"b55a3af5bab0959317d18f1f4fa06197"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
566
X-Amz-Cf-Id
TVELJL1-1SzUmWZwG00XX6JKF9wNVLGPO4Q3GaaxnUFVOpj5yCwX_g==
heated.png
d3f8g76rhaidzk.cloudfront.net/Edugraphics/2018_images/URL/
3 KB
3 KB
Image
General
Full URL
https://d3f8g76rhaidzk.cloudfront.net/Edugraphics/2018_images/URL/heated.png
Requested by
Host: secure-comms.net
URL: https://secure-comms.net/pct/pt/get/Crwn64GfWfqpBpUK42G7PQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.208.26 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0074cb44179d64b888613670fd2de4cdeaa3fb6f186e7d7f43e0bdadad991b3b

Request headers

Referer
https://secure-comms.net/pct/pt/get/Crwn64GfWfqpBpUK42G7PQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 28 Aug 2018 07:25:42 GMT
Via
1.1 110641d379117242a91443ac729d6def.cloudfront.net (CloudFront)
Last-Modified
Tue, 10 Oct 2017 15:18:21 GMT
Server
AmazonS3
Age
10214
ETag
"93ccaae0efb1fc5713ae2416da2d2957"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2941
X-Amz-Cf-Id
qHWNAzrMTX8KaYqDC8yGyaC4FRG7mCfhTJUSk6b7NhHxftYph2NS4Q==
unfamaliarlinks.png
d3f8g76rhaidzk.cloudfront.net/Edugraphics/2018_images/URL/
587 B
1 KB
Image
General
Full URL
https://d3f8g76rhaidzk.cloudfront.net/Edugraphics/2018_images/URL/unfamaliarlinks.png
Requested by
Host: secure-comms.net
URL: https://secure-comms.net/pct/pt/get/Crwn64GfWfqpBpUK42G7PQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.208.26 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f635198f31b68aa89e717e0295ed71d560aea7f8c165dd6fcc444ecc09acd0c2

Request headers

Referer
https://secure-comms.net/pct/pt/get/Crwn64GfWfqpBpUK42G7PQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 30 Aug 2018 15:46:26 GMT
Via
1.1 960a66a5b9d832814160983d391e997c.cloudfront.net (CloudFront)
Last-Modified
Mon, 09 Oct 2017 19:56:50 GMT
Server
AmazonS3
Age
10215
ETag
"f6be0aa29b23198a0e3695eb6b3058b7"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
587
X-Amz-Cf-Id
-dE9BypuVGIUPqoakF1uDnNxz6DmuiD70J6gTpkZ7ykgRSaXUeXkRQ==
bookmark.png
d3f8g76rhaidzk.cloudfront.net/Edugraphics/2018_images/URL/
2 KB
2 KB
Image
General
Full URL
https://d3f8g76rhaidzk.cloudfront.net/Edugraphics/2018_images/URL/bookmark.png
Requested by
Host: secure-comms.net
URL: https://secure-comms.net/pct/pt/get/Crwn64GfWfqpBpUK42G7PQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.208.26 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a0e7bebbff321f419b5c5a4ed4abffa26001c568b872338e263d5f5b787fb785

Request headers

Referer
https://secure-comms.net/pct/pt/get/Crwn64GfWfqpBpUK42G7PQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 30 Aug 2018 15:46:26 GMT
Via
1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
Last-Modified
Tue, 10 Oct 2017 15:18:20 GMT
Server
AmazonS3
Age
10215
ETag
"6101517aae743e0de6e92654bc33afbe"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1829
X-Amz-Cf-Id
TvUeaJPll3X2h_ZGbypWbUywFXhsgjMhpIlSQpa4ZEzgB35-aZvlhw==
20180417_EG_ERS_E-mail+Header+Gray_Original+Size.png
d3f8g76rhaidzk.cloudfront.net/Expedia+Only/
62 KB
62 KB
Image
General
Full URL
https://d3f8g76rhaidzk.cloudfront.net/Expedia+Only/20180417_EG_ERS_E-mail+Header+Gray_Original+Size.png
Requested by
Host: secure-comms.net
URL: https://secure-comms.net/pct/pt/get/Crwn64GfWfqpBpUK42G7PQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.208.26 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b838b41abbe9dcba08a8a2c5b94940d27e6cc6d84232908f810b3f5e178c8206

Request headers

Referer
https://secure-comms.net/pct/pt/get/Crwn64GfWfqpBpUK42G7PQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 28 Aug 2018 07:25:41 GMT
Via
1.1 e7377cc861b31102786678df3616bf69.cloudfront.net (CloudFront)
Last-Modified
Wed, 18 Apr 2018 18:10:39 GMT
Server
AmazonS3
Age
10215
ETag
"714e49f551f82ca33a89f75c8b15c3da"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
63061
X-Amz-Cf-Id
TMQb9JlTBJc36BHbHwpMHmYvIo00pp8z85Pdfsb-46_KwS_EvQzmRQ==

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000