login.phishlabs.com Open in urlscan Pro
54.205.54.115 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://protect-us.mimecast.com/s/c_lrCQWmDrfXxDyvMUxZx8C?domain=my.phishlabs.com|https://my.phishlabs.com/pages/myprofile|https...
Effective URL:
https://login.phishlabs.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DClientPortalReactUI%26re...
Submission: On December 28 via api (December 28th 2022, 9:04:18 pm UTC) from US — Scanned from US

Summary HTTP 30 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 1 countries across 6 domains to perform 30 HTTP transactions. The main IP is 54.205.54.115, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is login.phishlabs.com.
TLS certificate: Issued by R3 on October 30th 2022. Valid for: 3 months.

This is the only time login.phishlabs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	205.139.111.113 205.139.111.113	3561 (CENTURYLI...) (CENTURYLINK-LEGACY-SAVVIS)
8	3.91.119.191 3.91.119.191	14618 (AMAZON-AES) (AMAZON-AES)
2	2607:f8b0:400... 2607:f8b0:4006:81f::200e	15169 (GOOGLE) (GOOGLE)
1 15	54.205.54.115 54.205.54.115	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:400... 2607:f8b0:4006:809::2008	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81d::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:809::2003	15169 (GOOGLE) (GOOGLE)
30	7

2 205.139.111.113 (United States) 2 redirects

ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US)
PTR: us-api.mimecast.com

protect-us.mimecast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 3.91.119.191 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-91-119-191.compute-1.amazonaws.com

my.phishlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81f::200e (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 54.205.54.115 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-54-115.compute-1.amazonaws.com

login.phishlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:809::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81d::200a (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:809::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	phishlabs.com 1 redirects my.phishlabs.com — Cisco Umbrella Rank: 512785 login.phishlabs.com	2 MB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 127	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 103	20 KB
2	mimecast.com 2 redirects protect-us.mimecast.com — Cisco Umbrella Rank: 22274	2 KB
1	gstatic.com fonts.gstatic.com	31 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 123	75 KB
30	6

	Domain	Requested by
15	login.phishlabs.com	1 redirects my.phishlabs.com login.phishlabs.com
8	my.phishlabs.com	my.phishlabs.com
2	fonts.googleapis.com	login.phishlabs.com
2	www.google-analytics.com	my.phishlabs.com www.google-analytics.com www.googletagmanager.com
2	protect-us.mimecast.com	2 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	www.googletagmanager.com	my.phishlabs.com
30	7

This site contains no links.

Subject Issuer	Validity	Valid
my.phishlabs.com R3	`2022-10-30` - `2023-01-28`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
login.phishlabs.com R3	`2022-10-30` - `2023-01-28`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://login.phishlabs.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DClientPortalReactUI%26redirect_uri%3Dhttps%253A%252F%252Fmy.phishlabs.com%252Fcallback%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520identity.client%2520client.portal.api%2520client.portal.api.preferences%26state%3Dbda43590ecd944f689b04f4d6734d99d%26code_challenge%3DbA4NCspHC3de1q4DgrsV5p4XVLf4D_w9Skmsixd8k4A%26code_challenge_method%3DS256%26response_mode%3Dquery
Frame ID: DA994F137606DB2211F5863338E8B7FC
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Log in

Page URL History Show full URLs

https://protect-us.mimecast.com/s/c_lrCQWmDrfXxDyvMUxZx8C?domain=my.phishlabs.com|https://my.phishlabs.com/p... HTTP 307
https://protect-us.mimecast.com/r/kZzelOBBr-jQR2NIUfwvJLRfdgKaLTkLj2DcjrAbmuPFP8YmVbXz__sAwdL15ZAJFZAfXZUll3... HTTP 307
https://my.phishlabs.com/pages/incidents/426/BA/6/797475889 Page URL
https://login.phishlabs.com/connect/authorize?client_id=ClientPortalReactUI&redirect_uri=https%3A%2F%2Fm... HTTP 302
https://login.phishlabs.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DClie... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

30
Requests

93 %
HTTPS

57 %
IPv6

6
Domains

7
Subdomains

7
IPs

1
Countries

1731 kB
Transfer

5643 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://protect-us.mimecast.com/s/c_lrCQWmDrfXxDyvMUxZx8C?domain=my.phishlabs.com|https://my.phishlabs.com/pages/myprofile|https://protect-us.mimecast.com/s/QCt1CR6nEvtGVKz4jINirce?domain=my.phishlabs.com HTTP 307
https://protect-us.mimecast.com/r/kZzelOBBr-jQR2NIUfwvJLRfdgKaLTkLj2DcjrAbmuPFP8YmVbXz__sAwdL15ZAJFZAfXZUll3BVfBg7Z1_mSH9L8N-ULsBULj1RP-EDI33t8ItjlXOnZy2cZr_60C7bflGbOYczZEw7p-pyJFKOhvcLk7EuJmpans14zf2H9Sv9l2t_pHCOy1JWLNciFtUyQxblyxhw-OL7BwoZb7FRaBcSc_0UqfCo1lxrPEyLyGipD1IHyx-FVYd-0d1gUz45G3S5pk7OtlIM6292zXfvuTrvvXSqBzXoCa7dc8MLQ6qgSblFHKYwYby_TAsTZjJqniJZFAahjpKoAhhe9bPoIz6rghwkur29mcnK1C8ez7m1e3XcbQ7gPLig0Z2QCkflcGltvvC-46TBnjtiEou2aHWNFY6astFpEKWaVmBPCdBxQ_6yzmwGMLJA3Ayq2wrUEvIRQlj4ySiLSC_OZujdZ3pIseh29fRaZB0ldd4_SlYY6R6vMUsnNXDKcAEQyycxP9MDQMScmZWqr0Ui7tHor5qaZzSsB0emcvfP7F6A06uazpatGbVLkgyYdfwAMym8VSyaLadj3W0b9bA9JleyqEN-QXnNMY9V7HubzrZ8RNZ6BKs0qe7wacSlWSfzEyJv5FpXaTIQzbOO7TsO_q_xfj1wr2d9BvEGPygX2TDYYmkd5wD7DU_2zx-ktW4KnFKYH6yVqVs8wtmk81AiSWr5SDmo0JMMpd-nbUa-hqhL8dm9MqRlSZ3YhHYWz9DsHcB2WT40JhrDiYL6GX0-B88AYtsHmFRp5GBV6yb25fJ3Rb5seo3dT3Lh1H-oK0BHNNSnRfkUado03AOxm6f21MUwZGHPjF2Fk-zFR0Azy7S0Vzph9ZwAYeS8espjBkRJn817uAwKeJ2aAI73LZQCn5E7HU1FHo-QzdizCzVmoUHMzrPc7nbWiGXUYQX6Oe2u9CKMHV9lW1AUklxfI3fxSQBxU9J27FY4O5OUBm3jCiYEE44I8fCt1eZctpRZAMh0hX7BmX9xyH1n6znD823C7_z7Gr62G3tR7zB_ldxL5OtURtDYhoy4DkCibhpwfe6G7v__KNWnMBAuqEmoZMPV41rgPcfpU3bKrqm5QMVZqWnyLlSTuMy9I1hLfyuA5ONzv0ORywD5yjHqCHd_XU-uQwUREEkdS9HUygVL9j7KHTzypQ2Wh4-dr81zHppCS8tiq6YrSWuh-0ORX4P_5bCaq6WBuNnSDSyCKT5m0dbcvAykRve3M6dr7bFipdUMVVP33Mj7o7f0_eA_VRJqMAVaww5xfBcJx1tFHC11Nc0xa3fKmzry61OIT6JTjIXTVSydAzDztJBMoG_sXvdTGtJs3xYLx2ZPaEupJsWcPA7tHJ5VQAQ7RrlAimbm4JR35akgGhs31j40d2_v6mIIEdpW2vgM07xNsjxQjquSvFmTu6bENU5VkbUUhWueeUbqaviftEh_yEz-PPDJxH_rw3hD4pRXbi7tlxiPkcGjmw6LYTWuzTvg1W6kwtwpwX0Mi5Jqmc8pm5A_n5kTDrqxd-hWdjL4dwtQM1cVva8dGQprK_5qT3A HTTP 307
https://my.phishlabs.com/pages/incidents/426/BA/6/797475889 Page URL
https://login.phishlabs.com/connect/authorize?client_id=ClientPortalReactUI&redirect_uri=https%3A%2F%2Fmy.phishlabs.com%2Fcallback&response_type=code&scope=openid%20profile%20identity.client%20client.portal.api%20client.portal.api.preferences&state=bda43590ecd944f689b04f4d6734d99d&code_challenge=bA4NCspHC3de1q4DgrsV5p4XVLf4D_w9Skmsixd8k4A&code_challenge_method=S256&response_mode=query HTTP 302
https://login.phishlabs.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DClientPortalReactUI%26redirect_uri%3Dhttps%253A%252F%252Fmy.phishlabs.com%252Fcallback%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520identity.client%2520client.portal.api%2520client.portal.api.preferences%26state%3Dbda43590ecd944f689b04f4d6734d99d%26code_challenge%3DbA4NCspHC3de1q4DgrsV5p4XVLf4D_w9Skmsixd8k4A%26code_challenge_method%3DS256%26response_mode%3Dquery Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://protect-us.mimecast.com/s/c_lrCQWmDrfXxDyvMUxZx8C?domain=my.phishlabs.com|https://my.phishlabs.com/pages/myprofile|https://protect-us.mimecast.com/s/QCt1CR6nEvtGVKz4jINirce?domain=my.phishlabs.com HTTP 307
https://protect-us.mimecast.com/r/kZzelOBBr-jQR2NIUfwvJLRfdgKaLTkLj2DcjrAbmuPFP8YmVbXz__sAwdL15ZAJFZAfXZUll3BVfBg7Z1_mSH9L8N-ULsBULj1RP-EDI33t8ItjlXOnZy2cZr_60C7bflGbOYczZEw7p-pyJFKOhvcLk7EuJmpans14zf2H9Sv9l2t_pHCOy1JWLNciFtUyQxblyxhw-OL7BwoZb7FRaBcSc_0UqfCo1lxrPEyLyGipD1IHyx-FVYd-0d1gUz45G3S5pk7OtlIM6292zXfvuTrvvXSqBzXoCa7dc8MLQ6qgSblFHKYwYby_TAsTZjJqniJZFAahjpKoAhhe9bPoIz6rghwkur29mcnK1C8ez7m1e3XcbQ7gPLig0Z2QCkflcGltvvC-46TBnjtiEou2aHWNFY6astFpEKWaVmBPCdBxQ_6yzmwGMLJA3Ayq2wrUEvIRQlj4ySiLSC_OZujdZ3pIseh29fRaZB0ldd4_SlYY6R6vMUsnNXDKcAEQyycxP9MDQMScmZWqr0Ui7tHor5qaZzSsB0emcvfP7F6A06uazpatGbVLkgyYdfwAMym8VSyaLadj3W0b9bA9JleyqEN-QXnNMY9V7HubzrZ8RNZ6BKs0qe7wacSlWSfzEyJv5FpXaTIQzbOO7TsO_q_xfj1wr2d9BvEGPygX2TDYYmkd5wD7DU_2zx-ktW4KnFKYH6yVqVs8wtmk81AiSWr5SDmo0JMMpd-nbUa-hqhL8dm9MqRlSZ3YhHYWz9DsHcB2WT40JhrDiYL6GX0-B88AYtsHmFRp5GBV6yb25fJ3Rb5seo3dT3Lh1H-oK0BHNNSnRfkUado03AOxm6f21MUwZGHPjF2Fk-zFR0Azy7S0Vzph9ZwAYeS8espjBkRJn817uAwKeJ2aAI73LZQCn5E7HU1FHo-QzdizCzVmoUHMzrPc7nbWiGXUYQX6Oe2u9CKMHV9lW1AUklxfI3fxSQBxU9J27FY4O5OUBm3jCiYEE44I8fCt1eZctpRZAMh0hX7BmX9xyH1n6znD823C7_z7Gr62G3tR7zB_ldxL5OtURtDYhoy4DkCibhpwfe6G7v__KNWnMBAuqEmoZMPV41rgPcfpU3bKrqm5QMVZqWnyLlSTuMy9I1hLfyuA5ONzv0ORywD5yjHqCHd_XU-uQwUREEkdS9HUygVL9j7KHTzypQ2Wh4-dr81zHppCS8tiq6YrSWuh-0ORX4P_5bCaq6WBuNnSDSyCKT5m0dbcvAykRve3M6dr7bFipdUMVVP33Mj7o7f0_eA_VRJqMAVaww5xfBcJx1tFHC11Nc0xa3fKmzry61OIT6JTjIXTVSydAzDztJBMoG_sXvdTGtJs3xYLx2ZPaEupJsWcPA7tHJ5VQAQ7RrlAimbm4JR35akgGhs31j40d2_v6mIIEdpW2vgM07xNsjxQjquSvFmTu6bENU5VkbUUhWueeUbqaviftEh_yEz-PPDJxH_rw3hD4pRXbi7tlxiPkcGjmw6LYTWuzTvg1W6kwtwpwX0Mi5Jqmc8pm5A_n5kTDrqxd-hWdjL4dwtQM1cVva8dGQprK_5qT3A HTTP 307
https://my.phishlabs.com/pages/incidents/426/BA/6/797475889

30 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

797475889 Show response
my.phishlabs.com/pages/incidents/426/BA/6/
Redirect Chain

https://protect-us.mimecast.com/s/c_lrCQWmDrfXxDyvMUxZx8C?domain=my.phishlabs.com|https://my.phishlabs.com/pages/myprofile|https://protect-us.mimecast.com/s/QCt1CR6nEvtGVKz4jINirce?domain=my.phishl...
https://protect-us.mimecast.com/r/kZzelOBBr-jQR2NIUfwvJLRfdgKaLTkLj2DcjrAbmuPFP8YmVbXz__sAwdL15ZAJFZAfXZUll3BVfBg7Z1_mSH9L8N-ULsBULj1RP-EDI33t8ItjlXOnZy2cZr_60C7bflGbOYczZEw7p-pyJFKOhvcLk7EuJmpans1...
https://my.phishlabs.com/pages/incidents/426/BA/6/797475889

3 KB
2 KB

154ms
47ms

Document
text/html

3.91.119.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://my.phishlabs.com/pages/incidents/426/BA/6/797475889

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.91.119.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-91-119-191.compute-1.amazonaws.com

Software

envoy /

Resource Hash

065b47b78e0dc3bd01e8e5e14bdc1a424632636ec5abdb8c41c3cfdbfc57aba5

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline'; object-src 'none'; font-src 'self' https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline'; img-src .local .phishlabs.com *.s3.amazonaws.com https://www.google-analytics.com data:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-security-policy: default-src https: 'unsafe-inline'; object-src 'none'; font-src 'self' https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline'; img-src *.local *.phishlabs.com *.s3.amazonaws.com https://www.google-analytics.com data:
content-type: text/html
date: Wed, 28 Dec 2022 21:04:12 GMT
last-modified: Tue, 09 Aug 2022 16:53:23 GMT
permissions-policy: geolocation=(self "https://my.phishlabs.com")
referrer-policy: no-referrer
server: envoy
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 0
x-frame-options: SAMEORIGIN

Redirect headers

Cache-control: no-store
Connection: keep-alive
Content-Length: 0
Date: Wed, 28 Dec 2022 21:04:12 GMT
Location: https://my.phishlabs.com/pages/incidents/426/BA/6/797475889
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Robots-Tag: noindex, nofollow

GET
H2 200 icon-font.min.css
my.phishlabs.com/css/ 7 KB
2 KB 485ms
483ms Stylesheet
text/css 3.91.119.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://my.phishlabs.com/css/icon-font.min.css

Requested by

Host: my.phishlabs.com
URL: https://my.phishlabs.com/pages/incidents/426/BA/6/797475889

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.91.119.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-91-119-191.compute-1.amazonaws.com

Software

envoy /

Resource Hash

9ec52556568755bb361797c88f750addedcb624c8fa69bdb03c11c0e7974ab7f

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline'; object-src 'none'; font-src 'self' https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline'; img-src .local .phishlabs.com *.s3.amazonaws.com https://www.google-analytics.com data:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:04:13 GMT
content-security-policy: default-src https: 'unsafe-inline'; object-src 'none'; font-src 'self' https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline'; img-src *.local *.phishlabs.com *.s3.amazonaws.com https://www.google-analytics.com data:
referrer-policy: no-referrer
strict-transport-security: max-age=31536000
last-modified: Tue, 09 Aug 2022 16:52:19 GMT
server: envoy
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
x-envoy-upstream-service-time: 136
permissions-policy: geolocation=(self "https://my.phishlabs.com")
accept-ranges: bytes

GET
H2 200 font-awesome.min.css
my.phishlabs.com/css/ 30 KB
7 KB 250ms
248ms Stylesheet
text/css 3.91.119.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://my.phishlabs.com/css/font-awesome.min.css

Requested by

Host: my.phishlabs.com
URL: https://my.phishlabs.com/pages/incidents/426/BA/6/797475889

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.91.119.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-91-119-191.compute-1.amazonaws.com

Software

envoy /

Resource Hash

30c5a5bf4b4912d3bd02c725b2976efa43c170fcc3fbae9493c2850374745c2b

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline'; object-src 'none'; font-src 'self' https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline'; img-src .local .phishlabs.com *.s3.amazonaws.com https://www.google-analytics.com data:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:04:13 GMT
content-security-policy: default-src https: 'unsafe-inline'; object-src 'none'; font-src 'self' https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline'; img-src *.local *.phishlabs.com *.s3.amazonaws.com https://www.google-analytics.com data:
referrer-policy: no-referrer
strict-transport-security: max-age=31536000
last-modified: Tue, 09 Aug 2022 16:52:19 GMT
server: envoy
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
x-envoy-upstream-service-time: 12
permissions-policy: geolocation=(self "https://my.phishlabs.com")
accept-ranges: bytes

GET
H2 200 2.8a29a550.chunk.css
my.phishlabs.com/static/css/ 180 KB
33 KB 252ms
250ms Stylesheet
text/css 3.91.119.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://my.phishlabs.com/static/css/2.8a29a550.chunk.css

Requested by

Host: my.phishlabs.com
URL: https://my.phishlabs.com/pages/incidents/426/BA/6/797475889

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.91.119.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-91-119-191.compute-1.amazonaws.com

Software

envoy /

Resource Hash

0e62402e78da5189ff92124a1bf1174e5324bff7411731cda61c0ab692af377d

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline'; object-src 'none'; font-src 'self' https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline'; img-src .local .phishlabs.com *.s3.amazonaws.com https://www.google-analytics.com data:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:04:13 GMT
content-security-policy: default-src https: 'unsafe-inline'; object-src 'none'; font-src 'self' https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline'; img-src *.local *.phishlabs.com *.s3.amazonaws.com https://www.google-analytics.com data:
referrer-policy: no-referrer
strict-transport-security: max-age=31536000
last-modified: Tue, 09 Aug 2022 16:53:23 GMT
server: envoy
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
x-envoy-upstream-service-time: 19
permissions-policy: geolocation=(self "https://my.phishlabs.com")
accept-ranges: bytes

GET
H2 200 main.27789cbb.chunk.css
my.phishlabs.com/static/css/ 391 KB
63 KB 296ms
295ms Stylesheet
text/css 3.91.119.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://my.phishlabs.com/static/css/main.27789cbb.chunk.css

Requested by

Host: my.phishlabs.com
URL: https://my.phishlabs.com/pages/incidents/426/BA/6/797475889

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.91.119.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-91-119-191.compute-1.amazonaws.com

Software

envoy /

Resource Hash

d374d2063cf41522fa89203f846197a9b6ce0dfee2526a76b52ee085e417ce71

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline'; object-src 'none'; font-src 'self' https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline'; img-src .local .phishlabs.com *.s3.amazonaws.com https://www.google-analytics.com data:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:04:13 GMT
content-security-policy: default-src https: 'unsafe-inline'; object-src 'none'; font-src 'self' https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline'; img-src *.local *.phishlabs.com *.s3.amazonaws.com https://www.google-analytics.com data:
referrer-policy: no-referrer
strict-transport-security: max-age=31536000
last-modified: Tue, 09 Aug 2022 16:53:23 GMT
server: envoy
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
x-envoy-upstream-service-time: 35
permissions-policy: geolocation=(self "https://my.phishlabs.com")
accept-ranges: bytes

GET
H2 200 2.943a4cf7.chunk.js Show response
my.phishlabs.com/static/js/ 4 MB
1 MB 344ms
343ms Script
application/javascript 3.91.119.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://my.phishlabs.com/static/js/2.943a4cf7.chunk.js

Requested by

Host: my.phishlabs.com
URL: https://my.phishlabs.com/pages/incidents/426/BA/6/797475889

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.91.119.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-91-119-191.compute-1.amazonaws.com

Software

envoy /

Resource Hash

493c4a14816b9963fd2968a6004f2600c69d92d7865a565250fe2fb3aa221e7c

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline'; object-src 'none'; font-src 'self' https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline'; img-src .local .phishlabs.com *.s3.amazonaws.com https://www.google-analytics.com data:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:04:13 GMT
content-security-policy: default-src https: 'unsafe-inline'; object-src 'none'; font-src 'self' https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline'; img-src *.local *.phishlabs.com *.s3.amazonaws.com https://www.google-analytics.com data:
referrer-policy: no-referrer
strict-transport-security: max-age=31536000
last-modified: Tue, 09 Aug 2022 16:53:23 GMT
server: envoy
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 46
permissions-policy: geolocation=(self "https://my.phishlabs.com")
accept-ranges: bytes

GET
H2 200 main.0f5cefc8.chunk.js Show response
my.phishlabs.com/static/js/ 571 KB
138 KB 485ms
484ms Script
application/javascript 3.91.119.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://my.phishlabs.com/static/js/main.0f5cefc8.chunk.js

Requested by

Host: my.phishlabs.com
URL: https://my.phishlabs.com/pages/incidents/426/BA/6/797475889

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.91.119.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-91-119-191.compute-1.amazonaws.com

Software

envoy /

Resource Hash

2eaf2547678c6fe94503f4974a1b7e0d795a23a389d32a43b0f1b068a41c796c

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline'; object-src 'none'; font-src 'self' https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline'; img-src .local .phishlabs.com *.s3.amazonaws.com https://www.google-analytics.com data:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:04:13 GMT
content-security-policy: default-src https: 'unsafe-inline'; object-src 'none'; font-src 'self' https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline'; img-src *.local *.phishlabs.com *.s3.amazonaws.com https://www.google-analytics.com data:
referrer-policy: no-referrer
strict-transport-security: max-age=31536000
last-modified: Tue, 09 Aug 2022 16:53:23 GMT
server: envoy
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 126
permissions-policy: geolocation=(self "https://my.phishlabs.com")
accept-ranges: bytes

GET
H2 200 analytics.js
www.google-analytics.com/ 49 KB
20 KB 130ms
39ms Script
text/javascript 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: my.phishlabs.com
URL: https://my.phishlabs.com/static/js/2.943a4cf7.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 28 Dec 2022 20:44:06 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1207
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 28 Dec 2022 22:44:06 GMT

GET
H2 200 openid-configuration
login.phishlabs.com/.well-known/ 3 KB
1 KB 163ms
49ms XHR
application/json 54.205.54.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://login.phishlabs.com/.well-known/openid-configuration

Requested by

Host: my.phishlabs.com
URL: https://my.phishlabs.com/static/js/2.943a4cf7.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.205.54.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-205-54-115.compute-1.amazonaws.com

Software

envoy /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' data:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:04:13 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src https: 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' data:
content-encoding: gzip
server: envoy
referrer-policy: no-referrer
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://my.phishlabs.com
x-envoy-upstream-service-time: 3
permissions-policy: geolocation=(self "https://login.phishlabs.com" "https://*.local")
x-xss-protection: 1; mode=block

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.b71748ae.woff2
my.phishlabs.com/static/media/ 19 KB
19 KB 48ms
47ms Font
font/woff2 3.91.119.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://my.phishlabs.com/static/media/JTUSjIg1_i6t8kCHKm459Wlhyw.b71748ae.woff2

Requested by

Host: my.phishlabs.com
URL: https://my.phishlabs.com/static/css/2.8a29a550.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.91.119.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-91-119-191.compute-1.amazonaws.com

Software

envoy /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline'; object-src 'none'; font-src 'self' https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline'; img-src .local .phishlabs.com *.s3.amazonaws.com https://www.google-analytics.com data:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer
Origin: https://my.phishlabs.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:04:13 GMT
content-security-policy: default-src https: 'unsafe-inline'; object-src 'none'; font-src 'self' https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline'; img-src *.local *.phishlabs.com *.s3.amazonaws.com https://www.google-analytics.com data:
referrer-policy: no-referrer
strict-transport-security: max-age=31536000
last-modified: Tue, 09 Aug 2022 16:53:23 GMT
server: envoy
x-content-type-options: nosniff
etag: "62f29103-4ae4"
x-frame-options: SAMEORIGIN
content-type: font/woff2
x-envoy-upstream-service-time: 0
permissions-policy: geolocation=(self "https://my.phishlabs.com")
accept-ranges: bytes
content-length: 19172

GET
H2 200 js
www.googletagmanager.com/gtag/ 213 KB
75 KB 153ms
64ms Script
application/javascript 2607:f8b0:4006:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PPFK9H61SG

Requested by

Host: my.phishlabs.com
URL: https://my.phishlabs.com/static/js/2.943a4cf7.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:04:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76295
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 28 Dec 2022 21:04:14 GMT

POST
H2 200 collect
www.google-analytics.com/j/ 2 B
208 B 55ms
53ms XHR
text/plain 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=721259562&t=pageview&_s=1&dl=https%3A%2F%2Fmy.phishlabs.com%2Fpages%2Fincidents%2F426%2FBA%2F6%2F797475889&dp=%2Fpages%2Fincidents%2F426%2FBA%2F6%2F797475889&ul=en-us&de=UTF-8&dt=PhishLabs%E2%84%A2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1231977195&gjid=265913048&cid=763142517.1672261454&tid=UA-9152773-4&_gid=311069735.1672261454&_r=1&_slc=1&z=1294938049

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 28 Dec 2022 21:04:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://my.phishlabs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Primary Request Login Show response
login.phishlabs.com/Account/
Redirect Chain

https://login.phishlabs.com/connect/authorize?client_id=ClientPortalReactUI&redirect_uri=https%3A%2F%2Fmy.phishlabs.com%2Fcallback&response_type=code&scope=openid%20profile%20identity.client%20clie...
https://login.phishlabs.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DClientPortalReactUI%26redirect_uri%3Dhttps%253A%252F%252Fmy.phishlabs.com%252Fcallback%26response...

5 KB
2 KB

55ms
55ms

Document
text/html

54.205.54.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://login.phishlabs.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DClientPortalReactUI%26redirect_uri%3Dhttps%253A%252F%252Fmy.phishlabs.com%252Fcallback%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520identity.client%2520client.portal.api%2520client.portal.api.preferences%26state%3Dbda43590ecd944f689b04f4d6734d99d%26code_challenge%3DbA4NCspHC3de1q4DgrsV5p4XVLf4D_w9Skmsixd8k4A%26code_challenge_method%3DS256%26response_mode%3Dquery

Requested by

Host: my.phishlabs.com
URL: https://my.phishlabs.com/static/js/2.943a4cf7.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.205.54.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-205-54-115.compute-1.amazonaws.com

Software

envoy /

Resource Hash

f7ad3b9efd9a1f3d41654cd02701cbc5d58126e745bf665e4abef72d29323bbe

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' data:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://my.phishlabs.com/pages/incidents/426/BA/6/797475889
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
content-security-policy: default-src https: 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' data:
content-type: text/html; charset=utf-8
date: Wed, 28 Dec 2022 21:04:14 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
permissions-policy: geolocation=(self "https://login.phishlabs.com" "https://*.local")
pragma: no-cache
referrer-policy: no-referrer
server: envoy
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 9
x-frame-options: DENY
x-xss-protection: 1; mode=block

Redirect headers

content-length: 0
content-security-policy: default-src https: 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' data:
date: Wed, 28 Dec 2022 21:04:13 GMT
location: https://login.phishlabs.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DClientPortalReactUI%26redirect_uri%3Dhttps%253A%252F%252Fmy.phishlabs.com%252Fcallback%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520identity.client%2520client.portal.api%2520client.portal.api.preferences%26state%3Dbda43590ecd944f689b04f4d6734d99d%26code_challenge%3DbA4NCspHC3de1q4DgrsV5p4XVLf4D_w9Skmsixd8k4A%26code_challenge_method%3DS256%26response_mode%3Dquery
permissions-policy: geolocation=(self "https://login.phishlabs.com" "https://*.local")
referrer-policy: no-referrer
server: envoy
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-envoy-upstream-service-time: 3
x-frame-options: DENY
x-xss-protection: 1; mode=block

POST collect
www.google-analytics.com/g/ 0
0

GET
H2 200 animate.min.css
login.phishlabs.com/css/ 55 KB
4 KB 50ms
49ms Stylesheet
text/css 54.205.54.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://login.phishlabs.com/css/animate.min.css?v=ZOlGv6n3fNXQQ94A-4FjrhuNpgOynheRYttz-Np_z7o

Requested by

Host: login.phishlabs.com
URL: https://login.phishlabs.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DClientPortalReactUI%26redirect_uri%3Dhttps%253A%252F%252Fmy.phishlabs.com%252Fcallback%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520identity.client%2520client.portal.api%2520client.portal.api.preferences%26state%3Dbda43590ecd944f689b04f4d6734d99d%26code_challenge%3DbA4NCspHC3de1q4DgrsV5p4XVLf4D_w9Skmsixd8k4A%26code_challenge_method%3DS256%26response_mode%3Dquery

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.205.54.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-205-54-115.compute-1.amazonaws.com

Software

envoy /

Resource Hash

64e946bfa9f77cd5d043de00fb8163ae1b8da603b29e179162db73f8da7fcfba

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' data:

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:04:14 GMT
content-security-policy: default-src https: 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' data:
referrer-policy: no-referrer
last-modified: Mon, 19 Dec 2022 13:08:05 GMT
server: envoy
content-encoding: gzip
vary: Accept-Encoding
content-type: text/css
x-envoy-upstream-service-time: 1
permissions-policy: geolocation=(self "https://login.phishlabs.com" "https://*.local")
accept-ranges: bytes

GET
H2 200 font-awesome.min.css
login.phishlabs.com/css/ 25 KB
6 KB 51ms
50ms Stylesheet
text/css 54.205.54.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://login.phishlabs.com/css/font-awesome.min.css?v=gmdmEYqc4hpUJK1dvYtoZaRDMxb15VKCbRdTG7XPElU

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.205.54.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-205-54-115.compute-1.amazonaws.com

Software

envoy /

Resource Hash

826766118a9ce21a5424ad5dbd8b6865a4433316f5e552826d17531bb5cf1255

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' data:

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:04:14 GMT
content-security-policy: default-src https: 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' data:
referrer-policy: no-referrer
last-modified: Mon, 19 Dec 2022 13:08:05 GMT
server: envoy
content-encoding: gzip
vary: Accept-Encoding
content-type: text/css
x-envoy-upstream-service-time: 2
permissions-policy: geolocation=(self "https://login.phishlabs.com" "https://*.local")
accept-ranges: bytes

GET
H2 200 bootstrap.min.css
login.phishlabs.com/lib/bootstrap/dist/css/ 119 KB
23 KB 96ms
95ms Stylesheet
text/css 54.205.54.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://login.phishlabs.com/lib/bootstrap/dist/css/bootstrap.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.205.54.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-205-54-115.compute-1.amazonaws.com

Software

envoy /

Resource Hash

8f2b5b8dad3e7afd27ea1b2ddbebece12faf0b8fad7e674737152da27939c0ea

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' data:

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:04:14 GMT
content-security-policy: default-src https: 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' data:
referrer-policy: no-referrer
last-modified: Tue, 13 Dec 2022 11:23:42 GMT
server: envoy
content-encoding: gzip
vary: Accept-Encoding
content-type: text/css
x-envoy-upstream-service-time: 4
permissions-policy: geolocation=(self "https://login.phishlabs.com" "https://*.local")
accept-ranges: bytes

GET
H2 200 home.min.css
login.phishlabs.com/css/ 11 KB
2 KB 52ms
51ms Stylesheet
text/css 54.205.54.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://login.phishlabs.com/css/home.min.css?v=jCVcMTNw0Bv9wxscTOA_rRI4VLUmfRhdAr5byGSc0ZE

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.205.54.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-205-54-115.compute-1.amazonaws.com

Software

envoy /

Resource Hash

8c255c313370d01bfdc31b1c4ce03fad123854b5267d185d02be5bc8649cd191

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' data:

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:04:14 GMT
content-security-policy: default-src https: 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' data:
referrer-policy: no-referrer
last-modified: Mon, 19 Dec 2022 13:08:05 GMT
server: envoy
content-encoding: gzip
vary: Accept-Encoding
content-type: text/css
x-envoy-upstream-service-time: 3
permissions-policy: geolocation=(self "https://login.phishlabs.com" "https://*.local")
accept-ranges: bytes

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 148ms
55ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:300,400,600,700,800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8d7f8d7065090abeaae4e6a236e99d33dd0bd7f20c0e3bda0876f65cd9c5b89e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 28 Dec 2022 21:04:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 28 Dec 2022 20:51:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 28 Dec 2022 21:04:14 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
556 B 148ms
56ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Helvetica:300,400,600,700,800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9ea6d2e872398f2d7fc096c63962d0e6b107bb2df72d9a1c181077de6fb49466

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 28 Dec 2022 21:04:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 28 Dec 2022 21:04:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 28 Dec 2022 21:04:14 GMT

GET
H2 200 pl-logo-white-825x195.png
login.phishlabs.com/images/home/ 36 KB
36 KB 180ms
179ms Image
image/png 54.205.54.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.phishlabs.com/images/home/pl-logo-white-825x195.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.205.54.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-205-54-115.compute-1.amazonaws.com

Software

envoy /

Resource Hash

62eabd68dbfd7f16ccdbb7b6a81ebaeff4a0d695e32986336c7de91561af927d

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' data:

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:04:14 GMT
content-security-policy: default-src https: 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' data:
referrer-policy: no-referrer
last-modified: Tue, 13 Dec 2022 11:23:42 GMT
server: envoy
etag: "1d90ee55aeea3b5"
content-type: image/png
x-envoy-upstream-service-time: 1
permissions-policy: geolocation=(self "https://login.phishlabs.com" "https://*.local")
accept-ranges: bytes
content-length: 37045

GET
H2 200 beacon.min.js Show response
login.phishlabs.com/js/ 550 B
455 B 135ms
133ms Script
application/javascript 54.205.54.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://login.phishlabs.com/js/beacon.min.js?v=aqWOKlD5Nn-FIwkE6tzE3zca3CmnAXfKcDdUKZqcihQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.205.54.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-205-54-115.compute-1.amazonaws.com

Software

envoy /

Resource Hash

6aa58e2a50f9367f85230904eadcc4df371adc29a70177ca703754299a9c8a14

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' data:

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:04:14 GMT
content-security-policy: default-src https: 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' data:
referrer-policy: no-referrer
last-modified: Mon, 19 Dec 2022 13:08:05 GMT
server: envoy
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 1
permissions-policy: geolocation=(self "https://login.phishlabs.com" "https://*.local")
accept-ranges: bytes

GET
H2 200 jquery.min.js Show response
login.phishlabs.com/lib/jquery/dist/ 87 KB
34 KB 136ms
134ms Script
application/javascript 54.205.54.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://login.phishlabs.com/lib/jquery/dist/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.205.54.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-205-54-115.compute-1.amazonaws.com

Software

envoy /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' data:

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:04:14 GMT
content-security-policy: default-src https: 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' data:
referrer-policy: no-referrer
last-modified: Tue, 13 Dec 2022 11:23:42 GMT
server: envoy
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 1
permissions-policy: geolocation=(self "https://login.phishlabs.com" "https://*.local")
accept-ranges: bytes

GET
H2 200 bootstrap.min.js Show response
login.phishlabs.com/lib/bootstrap/dist/js/ 39 KB
13 KB 136ms
135ms Script
application/javascript 54.205.54.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://login.phishlabs.com/lib/bootstrap/dist/js/bootstrap.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.205.54.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-205-54-115.compute-1.amazonaws.com

Software

envoy /

Resource Hash

93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' data:

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:04:14 GMT
content-security-policy: default-src https: 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' data:
referrer-policy: no-referrer
last-modified: Tue, 13 Dec 2022 11:23:42 GMT
server: envoy
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 3
permissions-policy: geolocation=(self "https://login.phishlabs.com" "https://*.local")
accept-ranges: bytes

GET
H2 200 home.js Show response
login.phishlabs.com/js/ 854 B
375 B 137ms
136ms Script
application/javascript 54.205.54.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://login.phishlabs.com/js/home.js?v=Qed-9dt72_aDZyTTT1_KBguGR7jZqmHoQXUq3WYuosc

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.205.54.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-205-54-115.compute-1.amazonaws.com

Software

envoy /

Resource Hash

41e77ef5db7bdbf6836724d34f5fca060b8647b8d9aa61e841752add662ea2c7

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' data:

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:04:14 GMT
content-security-policy: default-src https: 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' data:
referrer-policy: no-referrer
last-modified: Tue, 13 Dec 2022 11:23:42 GMT
server: envoy
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 5
permissions-policy: geolocation=(self "https://login.phishlabs.com" "https://*.local")
accept-ranges: bytes

GET
H2 200 jquery.validate.min.js Show response
login.phishlabs.com/lib/jquery-validation/dist/ 27 KB
9 KB 138ms
137ms Script
application/javascript 54.205.54.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://login.phishlabs.com/lib/jquery-validation/dist/jquery.validate.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.205.54.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-205-54-115.compute-1.amazonaws.com

Software

envoy /

Resource Hash

527c46483c6f53316afd26dfeab3ac6504bd6ba6fb0d688777d9806f57cf482b

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' data:

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:04:14 GMT
content-security-policy: default-src https: 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' data:
referrer-policy: no-referrer
last-modified: Tue, 13 Dec 2022 11:23:42 GMT
server: envoy
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 5
permissions-policy: geolocation=(self "https://login.phishlabs.com" "https://*.local")
accept-ranges: bytes

GET
H2 200 jquery.validate.unobtrusive.min.js Show response
login.phishlabs.com/lib/jquery-validation-unobtrusive/ 6 KB
2 KB 139ms
137ms Script
application/javascript 54.205.54.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://login.phishlabs.com/lib/jquery-validation-unobtrusive/jquery.validate.unobtrusive.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.205.54.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-205-54-115.compute-1.amazonaws.com

Software

envoy /

Resource Hash

1ba7218dbb31c93a525c00303cf877675d46d04193fceee5306d21eeec31f220

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' data:

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:04:14 GMT
content-security-policy: default-src https: 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' data:
referrer-policy: no-referrer
last-modified: Tue, 13 Dec 2022 11:23:42 GMT
server: envoy
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 7
permissions-policy: geolocation=(self "https://login.phishlabs.com" "https://*.local")
accept-ranges: bytes

GET
H2 200 sprite.png
login.phishlabs.com/images/home/ 11 KB
11 KB 48ms
48ms Image
image/png 54.205.54.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.phishlabs.com/images/home/sprite.png

Requested by

Host: login.phishlabs.com
URL: https://login.phishlabs.com/css/home.min.css?v=jCVcMTNw0Bv9wxscTOA_rRI4VLUmfRhdAr5byGSc0ZE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.205.54.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-205-54-115.compute-1.amazonaws.com

Software

envoy /

Resource Hash

6efa4bd6d57f8b97652380adfba825c2d8836ba7a804493d2988b09af2f1d24a

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' data:

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:04:14 GMT
content-security-policy: default-src https: 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; img-src 'self' data:
referrer-policy: no-referrer
last-modified: Tue, 13 Dec 2022 11:23:42 GMT
server: envoy
etag: "1d90ee55aee198f"
content-type: image/png
x-envoy-upstream-service-time: 1
permissions-policy: geolocation=(self "https://login.phishlabs.com" "https://*.local")
accept-ranges: bytes
content-length: 10895

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
31 KB 131ms
40ms Font
font/woff2 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://login.phishlabs.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 17:29:16 GMT
x-content-type-options: nosniff
age: 531298
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Dec 2023 17:29:16 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/g/collect?v=2&tid=G-PPFK9H61SG&gtm=2oebu0&_p=721259562&cid=763142517.1672261454&ul=en-us&sr=1600x1200&_s=1&sid=1672261454&sct=1&seg=0&dl=https%3A%2F%2Fmy.phishlabs.com%2Fpages%2Fincidents%2F426%2FBA%2F6%2F797475889&dt=PhishLabs%E2%84%A2&en=page_view&_fv=1&_ss=1&_ee=1

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/g/collect?v=2&tid=G-PPFK9H61SG&gtm=2oebu0&_p=721259562&cid=763142517.1672261454&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1672261454&sct=1&seg=0&dl=https%3A%2F%2Fmy.phishlabs.com%2Fpages%2Fincidents%2F426%2FBA%2F6%2F797475889&dt=PhishLabs%E2%84%A2&en=scroll&epn.percent_scrolled=90&_et=5

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.phishlabs.com/	1970-01-20 08:32:27	Name: _gid Value: GA1.2.311069735.1672261454
.phishlabs.com/	1970-01-20 08:31:01	Name: _gat Value: 1
.phishlabs.com/	1970-01-20 18:07:01	Name: _ga_PPFK9H61SG Value: GS1.1.1672261454.1.0.1672261454.0.0.0
.phishlabs.com/	1970-01-20 18:07:01	Name: _ga Value: GA1.1.763142517.1672261454
login.phishlabs.com/	1969-12-31 23:59:59	Name: .AspNetCore.Antiforgery.9TtSrW0hzOs Value: CfDJ8C4aaqoZn2RJvnKtCrpRLhJWxNuMJwwJG5t5XnZiHrUNMiG2AaZBuR0dAk8PUSCuEe-KLxdNFlh_XRmC08FAp_F1LFEf4hXxvA41Lit4nz-2lNzXHalI6lGruXm2EaUKpX6iRxTDLW9IFag3gwJ4HlQ

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src https: 'unsafe-inline'; object-src 'none'; font-src 'self' https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline'; img-src .local .phishlabs.com *.s3.amazonaws.com https://www.google-analytics.com data:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
login.phishlabs.com
my.phishlabs.com
protect-us.mimecast.com
www.google-analytics.com
www.googletagmanager.com
www.google-analytics.com
205.139.111.113
2607:f8b0:4006:809::2003
2607:f8b0:4006:809::2008
2607:f8b0:4006:81d::200a
2607:f8b0:4006:81f::200e
3.91.119.191
54.205.54.115
065b47b78e0dc3bd01e8e5e14bdc1a424632636ec5abdb8c41c3cfdbfc57aba5
0e62402e78da5189ff92124a1bf1174e5324bff7411731cda61c0ab692af377d
1ba7218dbb31c93a525c00303cf877675d46d04193fceee5306d21eeec31f220
2eaf2547678c6fe94503f4974a1b7e0d795a23a389d32a43b0f1b068a41c796c
30c5a5bf4b4912d3bd02c725b2976efa43c170fcc3fbae9493c2850374745c2b
41e77ef5db7bdbf6836724d34f5fca060b8647b8d9aa61e841752add662ea2c7
493c4a14816b9963fd2968a6004f2600c69d92d7865a565250fe2fb3aa221e7c
527c46483c6f53316afd26dfeab3ac6504bd6ba6fb0d688777d9806f57cf482b
62eabd68dbfd7f16ccdbb7b6a81ebaeff4a0d695e32986336c7de91561af927d
64e946bfa9f77cd5d043de00fb8163ae1b8da603b29e179162db73f8da7fcfba
6aa58e2a50f9367f85230904eadcc4df371adc29a70177ca703754299a9c8a14
6efa4bd6d57f8b97652380adfba825c2d8836ba7a804493d2988b09af2f1d24a
826766118a9ce21a5424ad5dbd8b6865a4433316f5e552826d17531bb5cf1255
8c255c313370d01bfdc31b1c4ce03fad123854b5267d185d02be5bc8649cd191
8d7f8d7065090abeaae4e6a236e99d33dd0bd7f20c0e3bda0876f65cd9c5b89e
8f2b5b8dad3e7afd27ea1b2ddbebece12faf0b8fad7e674737152da27939c0ea
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
9ea6d2e872398f2d7fc096c63962d0e6b107bb2df72d9a1c181077de6fb49466
9ec52556568755bb361797c88f750addedcb624c8fa69bdb03c11c0e7974ab7f
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
d374d2063cf41522fa89203f846197a9b6ce0dfee2526a76b52ee085e417ce71
f7ad3b9efd9a1f3d41654cd02701cbc5d58126e745bf665e4abef72d29323bbe
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

login.phishlabs.com Open in urlscan Pro 54.205.54.115 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

30 Requests

93 %HTTPS

57 %IPv6

6 Domains

7 Subdomains

7 IPs

1 Countries

1731 kBTransfer

5643 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

login.phishlabs.com Open in urlscan Pro
54.205.54.115 Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

93 %
HTTPS

57 %
IPv6

6
Domains

7
Subdomains

7
IPs

1
Countries

1731 kB
Transfer

5643 kB
Size

5
Cookies

30 HTTP transactions
0 data transactions