benefits.corp-internal.co Open in urlscan Pro
52.31.224.253 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12
Effective URL:
https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
Submission: On February 27 via manual (February 27th 2023, 11:04:59 pm UTC) from IN — Scanned from DE

Summary HTTP 116 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 10 IPs in 4 countries across 6 domains to perform 116 HTTP transactions. The main IP is 52.31.224.253, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is benefits.corp-internal.co.
TLS certificate: Issued by Amazon RSA 2048 M01 on February 9th 2023. Valid for: a year.

This is the only time benefits.corp-internal.co was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Phishing Simulation (Internet)

Domain & IP information

	IP Address	AS Autonomous System
84	52.31.224.253 52.31.224.253	16509 (AMAZON-02) (AMAZON-02)
22	52.217.105.20 52.217.105.20	16509 (AMAZON-02) (AMAZON-02)
2 2	2a02:26f0:dc:... 2a02:26f0:dc::6853:413	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:26f0:350... 2a02:26f0:3500:1b::1724:a397	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	52.222.206.53 52.222.206.53	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1	13.225.84.98 13.225.84.98	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	52.92.19.114 52.92.19.114	16509 (AMAZON-02) (AMAZON-02)
116	10

84 52.31.224.253 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

benefits.corp-internal.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 52.217.105.20 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

tslp.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:dc::6853:413 (Vienna, Austria) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)

java.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:1b::1724:a397 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.java.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.206.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-206-53.fra56.r.cloudfront.net

d2wy8f7a9ursnm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.84.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-98.fra2.r.cloudfront.net

d25q7gseii1o1q.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.92.19.114 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1-r-w.amazonaws.com

ts-eu-uploads.s3.eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
84	corp-internal.co benefits.corp-internal.co	121 KB
23	amazonaws.com tslp.s3.amazonaws.com — Cisco Umbrella Rank: 197593 ts-eu-uploads.s3.eu-west-1.amazonaws.com	343 KB
4	java.com 2 redirects java.com — Cisco Umbrella Rank: 35297 www.java.com — Cisco Umbrella Rank: 56632	13 KB
3	cloudfront.net d2wy8f7a9ursnm.cloudfront.net d25q7gseii1o1q.cloudfront.net	8 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36 ajax.googleapis.com — Cisco Umbrella Rank: 306	35 KB
1	gstatic.com fonts.gstatic.com	44 KB
116	6

	Domain	Requested by
84	benefits.corp-internal.co	benefits.corp-internal.co ajax.googleapis.com
22	tslp.s3.amazonaws.com	benefits.corp-internal.co tslp.s3.amazonaws.com ajax.googleapis.com
2	d2wy8f7a9ursnm.cloudfront.net	benefits.corp-internal.co
2	www.java.com	benefits.corp-internal.co
2	java.com	2 redirects
1	ts-eu-uploads.s3.eu-west-1.amazonaws.com	benefits.corp-internal.co
1	fonts.gstatic.com	fonts.googleapis.com
1	d25q7gseii1o1q.cloudfront.net	tslp.s3.amazonaws.com
1	ajax.googleapis.com	benefits.corp-internal.co
1	fonts.googleapis.com	benefits.corp-internal.co
116	10

This site contains links to these domains. Also see Links.

Domain
www.wombatsecurity.com

Subject Issuer	Validity	Valid
eservce.net Amazon RSA 2048 M01	`2023-02-09` - `2024-01-05`	a year	crt.sh
*.s3.amazonaws.com Amazon	`2022-09-21` - `2023-08-26`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.s3-eu-west-1.amazonaws.com Amazon	`2022-09-21` - `2023-08-30`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
Frame ID: 68723B8511A1C46EA2F6CC956A412C0C
Requests: 114 HTTP requests in this frame

Frame: https://benefits.corp-internal.co/training_screenshot?guid=eecafeb637&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
Frame ID: 49ADA47BAB7F92DF21DF1D9D82FE96F1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

You have been Phished!

Page URL History Show full URLs

https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12 Page URL
https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-5... Page URL

Detected technologies

BugSnag (Analytics) Expand

Overall confidence: 100%
Detected patterns

/bugsnag.*\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

116
Requests

97 %
HTTPS

50 %
IPv6

6
Domains

10
Subdomains

10
IPs

4
Countries

563 kB
Transfer

779 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.wombatsecurity.com/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12 Page URL
https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://java.com/js/deployJava.js HTTP 302
https://www.java.com/js/deployJava.js

Request Chain 57

https://java.com/js/deployJava.js HTTP 302
https://www.java.com/js/deployJava.js

116 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 4beecafa3eb63702 Show response
benefits.corp-internal.co/giftcard/ 4 KB
2 KB 253ms
73ms Document
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

1ebad5d7700e51080376fb7d57fb889743ec32c58ae0bd74f6adef7426a7a0e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 27 Feb 2023 23:04:53 GMT
etag: W/"1ebad5d7700e51080376fb7d57fb8897"
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-host-info: lw-prod-eu-i-05c60195317a98155 ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-permitted-cross-domain-policies: none
x-request-id: 9f13ec7e-dbfa-4d12-a829-0cb4938ddb16
x-runtime: 0.014183
x-xss-protection: 1; mode=block

GET alt_pixel_click_eecafeb637.gif
benefits.corp-internal.co/ 0
0

GET
H/1.1 200
OK plugin_detect.js Show response
tslp.s3.amazonaws.com/detect/ 49 KB
49 KB 411ms
151ms Script
text/javascript 52.217.105.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=eecafeb637&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
Requested by: Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.105.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Mon, 27 Feb 2023 23:04:54 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 17:56:07 GMT
Server: AmazonS3
x-amz-request-id: KXF9AVQQ9WN52AZG
ETag: "00a513f07603df01e3b99be00f370754"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 50085
x-amz-id-2: BQFba9uMcQzeV0CLutD9DEj0zSZK3UiWszWd1ZYIqjjeEQ0yucQcRNNNHpFZ6b2VtdXRHbjp59s=

GET
H/1.1 200
OK java.js Show response
tslp.s3.amazonaws.com/detect/ 50 KB
50 KB 402ms
159ms Script
text/javascript 52.217.105.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/java.js?guid=eecafeb637&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
Requested by: Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.105.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4805fc6abdad8075af2165e241b781c3073d4769ae725e4004bf79064acb5f24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Mon, 27 Feb 2023 23:04:54 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 14:38:28 GMT
Server: AmazonS3
x-amz-request-id: KXFFC7F8JB2RDZN5
ETag: "2bec0061039dc3fb25fc20aaf611d5b9"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 50717
x-amz-id-2: K/5tdu7eQK9I8QsLpRNxBxg27BQ8DQUs8iig3rf3DUkcIqxwpsFxw3wCvxT6KvKUqN+cZjaDXLU=

GET
H2

200

deployJava.js Show response
www.java.com/js/
Redirect Chain

https://java.com/js/deployJava.js
https://www.java.com/js/deployJava.js

18 KB
6 KB

611ms
489ms

Script
application/javascript

2a02:26f0:3500:1b::1724:a397
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.java.com/js/deployJava.js

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12

Protocol

Server

2a02:26f0:3500:1b::1724:a397 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

358bb442f5d81ddc8e393d922458a9d84010efee2c346763ae87a45be92224d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
akamai-grn: , , 0.97a12417.1677539094.aef00819
x-oracle-dms-rid: 0
content-disposition: attachment; filename="deployJava.js";filename*=UTF-8''deployJava.js
server-timing: cdn-cache; desc=HIT, edge; dur=141, ak_p; desc="465983_388276631_2934966297_14037_305108_38_0";dur=1
content-length: 5512
x-xss-protection: 1
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
etag: "D07B023847CD4DC5C4ED4AB4FC46AD47BDD6E99A0663:19"
vary: Accept-Encoding
x-oracle-dms-ecid: 20c6c500-385c-4c85-b604-a0f3e6b04622-00061aa0
content-type: application/javascript
cache-control: public, max-age=86400
expires: Tue, 28 Feb 2023 23:04:54 GMT

Redirect headers

date: Mon, 27 Feb 2023 23:04:54 GMT
server: AkamaiGHost
akamai-grn: 0.0f045368.1677539093.560b2e4e
location: https://www.java.com/js/deployJava.js
cache-control: max-age=86400
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="465983_1750270991_1443573326_15_55853_60_0";dur=1
content-length: 0
x-xss-protection: 1
expires: Tue, 28 Feb 2023 23:04:54 GMT

GET
H/1.1 200
OK flash.js Show response
tslp.s3.amazonaws.com/detect/ 7 KB
7 KB 395ms
153ms Script
text/javascript 52.217.105.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/flash.js?guid=eecafeb637&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
Requested by: Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.105.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: a26d01d5912459798481786640dc44fd7605d09f2f9e6dd24720205efcab6861

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Mon, 27 Feb 2023 23:04:54 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 03:54:01 GMT
Server: AmazonS3
x-amz-request-id: KXF7Z49ZTJ89J37R
ETag: "f9ad9a096894ba248e4a1f73e7eba1be"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 6680
x-amz-id-2: JrbB6FcLPdapS4/9NicTx5wNCDxe7lQO2BAbOmmO8UPV8vvVkbraH3e12b1y4AeGkWGDYwGXITE=

GET
H/1.1 200
OK pdf.js Show response
tslp.s3.amazonaws.com/detect/ 22 KB
23 KB 468ms
226ms Script
text/javascript 52.217.105.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/pdf.js?guid=eecafeb637&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
Requested by: Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.105.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d9b7c6163477008469af64b211e2dbd4f4171b85b51e3714f11c99f9ba2c32f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Mon, 27 Feb 2023 23:04:54 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 14:39:34 GMT
Server: AmazonS3
x-amz-request-id: KXF083PATPM14ZK4
ETag: "0d5882d41c8b6e40059c8d9acbcf1518"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 22855
x-amz-id-2: EQNHoJmRH8NjXHeg8/qmGconi8mJfoNzrAaifS2R7Eiq9wAh+lwZZwBIb4Si6Gtlx/tFqG33Os0=

GET
H/1.1 200
OK quicktime.js Show response
tslp.s3.amazonaws.com/detect/ 7 KB
7 KB 397ms
156ms Script
text/javascript 52.217.105.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/quicktime.js?guid=eecafeb637&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
Requested by: Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.105.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6ae53963f41133561c78b4332b564c01f551c471cd91d980436a9f5dacdd8f19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Mon, 27 Feb 2023 23:04:54 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 14:41:05 GMT
Server: AmazonS3
x-amz-request-id: KXF1H1NJAMPMBPS0
ETag: "ee73f2f47d51116dc40b85a6b57eaf20"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 6999
x-amz-id-2: bXvbYOEPm3NdbFs4tR70qP95hN8v1k5E7hoyHP6KX/QLylXv1zLAkSY7wrz9yZzRqSY9Ust2CSA=

GET
H/1.1 200
OK realplayer.js Show response
tslp.s3.amazonaws.com/detect/ 10 KB
10 KB 395ms
153ms Script
text/javascript 52.217.105.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/realplayer.js?guid=eecafeb637&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
Requested by: Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.105.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 88be902cc76b5ec1ec932b6ae93457b6b0ca69d7a36bfadefc2f24db225dc238

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Mon, 27 Feb 2023 23:04:54 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 14:45:02 GMT
Server: AmazonS3
x-amz-request-id: KXFBCK4TJTYPZAES
ETag: "3d7be656672c16a34806c13388410325"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 9775
x-amz-id-2: H3/QZj2nM30cJeilCCq0kg4qCKLJe6N+baP/eL/cdaCC3Jjji8eWAnPsRKVMNipAdqx5TuCcGxY=

GET
H/1.1 200
OK silverlight.js Show response
tslp.s3.amazonaws.com/detect/ 4 KB
5 KB 127ms
126ms Script
text/javascript 52.217.105.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/silverlight.js?guid=eecafeb637&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
Requested by: Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.105.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0730a7e6770925fa4232096e4d9874514985ec791a63fe873f0e4e3cd7722381

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Mon, 27 Feb 2023 23:04:55 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 18:00:03 GMT
Server: AmazonS3
x-amz-request-id: 45C9K33FKJ8A7K4N
ETag: "e6dd596d2bc204ea573b868b92028c26"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 4234
x-amz-id-2: K15hUYNxLm4tYqgiALjMLn5GFwY4pfvllWoY2imQ41HgMV5zW1CbRaPy9E4GE5uxkorqmflKgP8=

GET
H/1.1 200
OK wmp.js Show response
tslp.s3.amazonaws.com/detect/ 6 KB
6 KB 131ms
130ms Script
text/javascript 52.217.105.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/wmp.js?guid=eecafeb637&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
Requested by: Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.105.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: cdb16ca3ddd3cead71121799751fa80d3033375abcdbc5fc84d35fb82c7fc9de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Mon, 27 Feb 2023 23:04:55 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 15:07:14 GMT
Server: AmazonS3
x-amz-request-id: 45CAG1Z01WPFQPJQ
ETag: "ffd2cc77bb64d40beeb5d561fffe1f79"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 5941
x-amz-id-2: sm4Y4uExZKLMg53qx4QZ3h4zgTr1iHCnG2uVqPFhKiJ4F4HlYwR/OhtFuXhUobq7Uo2C4gv8bZc=

GET
H/1.1 200
OK bugsnag-2.min.js Show response
d2wy8f7a9ursnm.cloudfront.net/ 6 KB
3 KB 153ms
40ms Script
application/javascript 52.222.206.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
Requested by: Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.206.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-206-53.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: null
Content-Encoding: gzip
Via: 1.1 102d8cf947b68167e34dd1299c206242.cloudfront.net (CloudFront)
Date: Fri, 24 Feb 2023 20:41:02 GMT
X-Amz-Cf-Pop: FRA56-P3
Age: 267831
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 2962
Last-Modified: Wed, 10 Aug 2016 00:30:49 GMT
Server: AmazonS3
ETag: "6103bb5e4ec6141e19e1100caafc780c"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
X-Amz-Cf-Id: Op-uh_4sVpsPq0GZynXt7rJZbAKpVIqU9bkXms53zfvRB3K_wjEhuQ==

GET
H2 200 jquery.min.js Show response
benefits.corp-internal.co/assets/ajax/libs/jquery/1.9.1/ 90 KB
32 KB 118ms
117ms Script
application/javascript 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://benefits.corp-internal.co/assets/ajax/libs/jquery/1.9.1/jquery.min.js
Requested by: Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-224-253.eu-west-1.compute.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:53 GMT
content-encoding: gzip
last-modified: Thu, 19 Jan 2023 14:04:40 GMT
server: ThreatSim-Web-Server
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 all.js Show response
benefits.corp-internal.co/assets/ 28 KB
7 KB 63ms
62ms Script
application/javascript 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://benefits.corp-internal.co/assets/all.js?g=eecafeb637
Requested by: Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-224-253.eu-west-1.compute.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: 39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:53 GMT
content-encoding: gzip
last-modified: Thu, 19 Jan 2023 14:01:13 GMT
server: ThreatSim-Web-Server
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
content-length: 7191
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 browser_post Show response
benefits.corp-internal.co/secure/ 0
487 B 66ms
65ms XHR
image/gif 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://benefits.corp-internal.co/secure/browser_post

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/assets/ajax/libs/jquery/1.9.1/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 27 Feb 2023 23:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 2278f984-492b-4e05-8fd4-1a7e2f14a7af
x-runtime: 0.008124
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-05c60195317a98155, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding, Accept
x-frame-options: SAMEORIGIN
content-type: image/gif; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 65ms
58ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=eecafeb637&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 67b6d6ba-c8ff-4d71-b6c5-213cdc198499
x-runtime: 0.001543
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0eff09ca492b0f67c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 68ms
60ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=eecafeb637&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: e7d75a94-0445-4c8d-96e1-e29eedf78378
x-runtime: 0.002135
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0462893be421cc542, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 70ms
62ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=eecafeb637&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 53c77aff-ec61-4102-9f46-f5a72393d1b8
x-runtime: 0.001867
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0c9ecfab34b9d5adf, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 67ms
59ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=eecafeb637&msg=BrowserDetect%20-%20browser%20%3D%20Chrome&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 85e8a85d-dfad-4fa1-8731-edf6ecc8f68b
x-runtime: 0.001686
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-05c60195317a98155, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 65ms
58ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=eecafeb637&msg=BrowserDetect%20-%20browser_version%20%3D%20110&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 24d625b0-c52c-4b0f-95c9-21e55dae6dcf
x-runtime: 0.001271
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0eff09ca492b0f67c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 68ms
61ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=eecafeb637&msg=BrowserDetect%20-%20os%20%3D%20Windows&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: fcb4e9de-7d4b-47c4-a9d2-215000fd98cc
x-runtime: 0.002286
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0462893be421cc542, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 68ms
61ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=eecafeb637&msg=BrowserDetect%20-%20os_version%20%3D%2010&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: a7a20e26-dc79-4d9f-966c-b3f21395bfc5
x-runtime: 0.001713
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0c9ecfab34b9d5adf, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 118ms
111ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=eecafeb637&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: e03ba2ad-dcb7-4945-b9f2-2ab0ab916309
x-runtime: 0.001860
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0eff09ca492b0f67c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 115ms
108ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=eecafeb637&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 10ec7593-2421-4621-bf68-c7156a2c39b3
x-runtime: 0.001779
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0462893be421cc542, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 116ms
110ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=eecafeb637&msg=BrowserDetect%20-%20width%20%3D%201600&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: de08ec6f-82ba-44e9-aef7-d94f988d0f48
x-runtime: 0.004556
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0c9ecfab34b9d5adf, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
467 B 111ms
105ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=eecafeb637&msg=BrowserDetect%20-%20height%20%3D%201200&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 735cd9f5-8995-4b60-8173-76f825166584
x-runtime: 0.001826
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-05c60195317a98155, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 119ms
113ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=eecafeb637&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Plugin&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: b2ee7fbc-203a-4ca1-9f63-ad9344697dc9
x-runtime: 0.002657
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0eff09ca492b0f67c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 112ms
106ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=eecafeb637&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Viewer&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: ac70bcfa-178c-46a1-995c-b4e35b9d7f0d
x-runtime: 0.001770
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0462893be421cc542, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 113ms
107ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=eecafeb637&msg=BrowserDetect%20-%20plugin%20Native%20Client&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: a23bbf56-672c-47d2-adb3-f89709c81ff3
x-runtime: 0.002576
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0c9ecfab34b9d5adf, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
467 B 124ms
118ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=eecafeb637&msg=Chrome%20browser%2C%20using%20more%20detailed%20version&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 739f67ec-8897-4b63-b86a-cd6b38cf8b67
x-runtime: 0.001624
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-05c60195317a98155, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 121ms
115ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=eecafeb637&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 69eb920a-a014-42fa-9f89-6944dbff5ff3
x-runtime: 0.002123
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0eff09ca492b0f67c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 114ms
109ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=eecafeb637&msg=java_version_pl%20%3D%20unknown&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: f4497af5-369d-474e-a887-6920eef31b3c
x-runtime: 0.002028
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0462893be421cc542, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 126ms
120ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=eecafeb637&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 45b7fac7-0d3f-4d1e-add5-d5cea258f796
x-runtime: 0.001239
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0c9ecfab34b9d5adf, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
467 B 125ms
120ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=eecafeb637&msg=java_version_jres%20%3D%20unknown&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 4b424ed9-6e6e-4b7f-855f-2945fffe34b6
x-runtime: 0.004278
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-05c60195317a98155, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 117ms
112ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=eecafeb637&msg=java_version%20%3D%20undefined&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: c00eeeb0-c18e-4836-9fcf-3cb3b6ab40f6
x-runtime: 0.001893
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0eff09ca492b0f67c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 119ms
115ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=eecafeb637&msg=Loading%20flash%20version&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 98e9a780-31cf-43b1-80b2-0be8c78282a1
x-runtime: 0.003626
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0462893be421cc542, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 122ms
117ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=eecafeb637&msg=flash%20%3D%20unknown&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 8b800653-2f74-4779-a28c-eb197f1226ba
x-runtime: 0.001209
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0c9ecfab34b9d5adf, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
467 B 120ms
116ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=eecafeb637&msg=Loading%20pdf%20version&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: bbbf2ef1-f954-4a83-836e-85442fb4b518
x-runtime: 0.007000
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-05c60195317a98155, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 120ms
115ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=eecafeb637&msg=Could%20not%20find%20AdobeReader%20version&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: d0f5afcc-1379-4be9-9090-3dc403964a67
x-runtime: 0.002002
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0eff09ca492b0f67c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 122ms
117ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=eecafeb637&msg=pdf%20%3D%20unknown&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 2c1a5228-f7a1-4954-b47f-4aece8bb73dc
x-runtime: 0.003479
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0462893be421cc542, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 118ms
114ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=eecafeb637&msg=Loading%20quicktime%20version&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: ed24d6eb-e48f-4ac6-9061-91a30489cc4b
x-runtime: 0.002578
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0c9ecfab34b9d5adf, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 112ms
108ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=eecafeb637&msg=quicktime%20%3D%20unknown&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: aa9bc3fc-2c3e-45c6-8d1e-711d715d26de
x-runtime: 0.001572
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-05c60195317a98155, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 120ms
116ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=eecafeb637&msg=Loading%20RealPlayer%20version&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 112ec90a-0436-4237-8171-6cbbbb84e5bb
x-runtime: 0.001723
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0eff09ca492b0f67c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 122ms
119ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=eecafeb637&msg=realplayer%20%3D%20unknown&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: abfa084a-03a7-414f-9562-8aaf66153476
x-runtime: 0.004960
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0462893be421cc542, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 123ms
119ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=eecafeb637&msg=Loading%20Silverlight%20version&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 6abc944d-dda4-4965-ac20-bdf5da58a319
x-runtime: 0.001595
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0c9ecfab34b9d5adf, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 117ms
113ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=eecafeb637&msg=silverlight%20%3D%20unknown&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 97da1a66-9fad-4421-bc84-0b8d3086f81d
x-runtime: 0.001193
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-05c60195317a98155, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 121ms
118ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=eecafeb637&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: e7221290-5538-4ee5-88f8-39f44bfc2a18
x-runtime: 0.001403
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0eff09ca492b0f67c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 120ms
117ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=eecafeb637&msg=wmp%20%3D%20unknown&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 1af4ec27-5d0f-49a1-b937-9d7412d5db3e
x-runtime: 0.001358
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0462893be421cc542, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 113ms
110ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=eecafeb637&msg=redirecting%20to%20%2Fload_training%3Fguid%3D10eecafeaeb63745%26correlation_id%3D5d416fe9-881b-4bf3-a1d7-539011b07c18&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 48604521-4a75-41c4-bffe-7b7caf0a3b16
x-runtime: 0.002858
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0c9ecfab34b9d5adf, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 62ms
58ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=eecafeb637&msg=browser_post_successful&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 36d82c2e-4bbe-4fbe-83a8-c65b95853664
x-runtime: 0.001098
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-05c60195317a98155, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 Primary Request load_training Show response
benefits.corp-internal.co/ 9 KB
4 KB 71ms
70ms Document
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/assets/all.js?g=eecafeb637

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

6ccf8bfa053b6e2c93ae5f0a381034a6ba1b920974c5d63af632f9828df8632c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://benefits.corp-internal.co/giftcard/4beecafa3eb63702?l=12
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 27 Feb 2023 23:04:55 GMT
etag: W/"6ccf8bfa053b6e2c93ae5f0a381034a6"
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-host-info: lw-prod-eu-i-0eff09ca492b0f67c ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-permitted-cross-domain-policies: none
x-request-id: bd90e532-77f1-4efd-93f2-6c5cffb9d6b8
x-runtime: 0.013442
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 142ms
51ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 27 Feb 2023 23:04:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 27 Feb 2023 22:44:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Feb 2023 23:04:55 GMT

GET
H/1.1 200
OK url.css
tslp.s3.amazonaws.com/training/embedded/css/ 6 KB
7 KB 137ms
134ms Stylesheet
text/css 52.217.105.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/training/embedded/css/url.css
Requested by: Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.105.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 18fd69a3bb1fc61221c8d6c3bbbd177c38a21d96392bf2b403ddd9969615cf22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Mon, 27 Feb 2023 23:04:56 GMT
x-amz-version-id: jWFW6Vb_IckPQFjf7Ej9_NT_HlQSyGGs
Last-Modified: Fri, 26 Aug 2022 14:07:46 GMT
Server: AmazonS3
x-amz-request-id: QK1KFKVQSE42JQND
ETag: "0560febf38cfe916ab8ffbee8ce4e9fc"
x-amz-server-side-encryption: AES256
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 6367
x-amz-id-2: YWMzZKFThopieVJDytiyCIBDJg/J0D1SPfVLmBIeURw2JGnk7KZ1dNJbFGTinW31seYjbkl4J5o=

GET
H/1.1 200
OK langdrop.css
tslp.s3.amazonaws.com/training/teachable_moments/css/ 2 KB
2 KB 135ms
131ms Stylesheet
text/css 52.217.105.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/training/teachable_moments/css/langdrop.css
Requested by: Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.105.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5243766eedfcba70128c2931dbef8875f942b81e39002d80dc0110167d4ef742

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Mon, 27 Feb 2023 23:04:56 GMT
x-amz-version-id: OhzuQr9n0bqd2zskiPVZjmnmHAmPcoAx
Last-Modified: Fri, 26 Aug 2022 14:07:49 GMT
Server: AmazonS3
x-amz-request-id: QK1TBQ8D030MTSQ1
ETag: "bc7f970ad0f163bc72c9ae9aa09e1cde"
x-amz-server-side-encryption: AES256
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 1713
x-amz-id-2: dl4Wwa6+fcHIQaIxiRxxTa++z1hYNPdQy1E6bA/Oc0QWirvAz0AECPQMtK818E9sHw+GuUaeoq8=

GET
H/1.1 200
OK bugsnag-2.min.js Show response
d2wy8f7a9ursnm.cloudfront.net/ 6 KB
3 KB 45ms
41ms Script
application/javascript 52.222.206.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
Requested by: Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.206.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-206-53.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: null
Content-Encoding: gzip
Via: 1.1 102d8cf947b68167e34dd1299c206242.cloudfront.net (CloudFront)
Date: Fri, 24 Feb 2023 20:41:02 GMT
X-Amz-Cf-Pop: FRA56-P3
Age: 267833
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 2962
Last-Modified: Wed, 10 Aug 2016 00:30:49 GMT
Server: AmazonS3
ETag: "6103bb5e4ec6141e19e1100caafc780c"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
X-Amz-Cf-Id: _QtQ0OrCOFxc4DRWDmH9VOnlofPiAamxFkkl3PHbttAQzrbmt2LM2g==

GET
H2 200 jquery.min.js Show response
benefits.corp-internal.co/assets/ajax/libs/jquery/1.11.0/ 94 KB
33 KB 66ms
61ms Script
application/javascript 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://benefits.corp-internal.co/assets/ajax/libs/jquery/1.11.0/jquery.min.js
Requested by: Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-224-253.eu-west-1.compute.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:55 GMT
content-encoding: gzip
last-modified: Thu, 19 Jan 2023 14:01:13 GMT
server: ThreatSim-Web-Server
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK plugin_detect.js Show response
tslp.s3.amazonaws.com/detect/ 49 KB
49 KB 140ms
136ms Script
text/javascript 52.217.105.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=eecafeb637&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
Requested by: Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.105.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Mon, 27 Feb 2023 23:04:56 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 17:56:07 GMT
Server: AmazonS3
x-amz-request-id: QK1Z7C14TQ3N37XQ
ETag: "00a513f07603df01e3b99be00f370754"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 50085
x-amz-id-2: 2DFkg/3/oUuU30PoRby043/i4tcnJKF1xubF1oTMggX/LG8tLWC/YGs+X8+7gTKTmMAN258TNJ4=

GET
H/1.1 200
OK java.js Show response
tslp.s3.amazonaws.com/detect/ 50 KB
50 KB 137ms
134ms Script
text/javascript 52.217.105.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/java.js?guid=eecafeb637&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
Requested by: Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.105.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4805fc6abdad8075af2165e241b781c3073d4769ae725e4004bf79064acb5f24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Mon, 27 Feb 2023 23:04:56 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 14:38:28 GMT
Server: AmazonS3
x-amz-request-id: QK1M43X809DS676H
ETag: "2bec0061039dc3fb25fc20aaf611d5b9"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 50717
x-amz-id-2: lFL7i85VcQ4/aRmzaJ2JnCa0K8F2i9wSgHxqWDGjDm7WFSqU8y2ifQHZfIF0+RSpmxiWNr9bYMg=

GET
H2

200

deployJava.js Show response
www.java.com/js/
Redirect Chain

https://java.com/js/deployJava.js
https://www.java.com/js/deployJava.js

18 KB
6 KB

54ms
54ms

Script
application/javascript

2a02:26f0:3500:1b::1724:a397
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.java.com/js/deployJava.js

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Protocol

Server

2a02:26f0:3500:1b::1724:a397 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

358bb442f5d81ddc8e393d922458a9d84010efee2c346763ae87a45be92224d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
akamai-grn: , , 0.97a12417.1677539095.aef01279
x-oracle-dms-rid: 0
content-disposition: attachment; filename="deployJava.js";filename*=UTF-8''deployJava.js
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="465983_388276631_2934968953_25_14741_38_0";dur=1
content-length: 5512
x-xss-protection: 1
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
etag: "D07B023847CD4DC5C4ED4AB4FC46AD47BDD6E99A0663:19"
vary: Accept-Encoding
x-oracle-dms-ecid: 20c6c500-385c-4c85-b604-a0f3e6b04622-00061aa0
content-type: application/javascript
cache-control: public, max-age=86400
expires: Tue, 28 Feb 2023 23:04:55 GMT

Redirect headers

date: Mon, 27 Feb 2023 23:04:55 GMT
server: AkamaiGHost
akamai-grn: 0.0f045368.1677539095.560b3b86
location: https://www.java.com/js/deployJava.js
cache-control: max-age=86400
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="465983_1750270991_1443576710_17_10749_60_0";dur=1
content-length: 0
x-xss-protection: 1
expires: Tue, 28 Feb 2023 23:04:55 GMT

GET
H/1.1 200
OK flash.js Show response
tslp.s3.amazonaws.com/detect/ 7 KB
7 KB 132ms
128ms Script
text/javascript 52.217.105.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/flash.js?guid=eecafeb637&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
Requested by: Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.105.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: a26d01d5912459798481786640dc44fd7605d09f2f9e6dd24720205efcab6861

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Mon, 27 Feb 2023 23:04:56 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 03:54:01 GMT
Server: AmazonS3
x-amz-request-id: QK1WYQNC1JK6E3Y1
ETag: "f9ad9a096894ba248e4a1f73e7eba1be"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 6680
x-amz-id-2: RmKzObXr0eq8O077KXpUMF3xtkEjVfOLn7dvrb4RTV2NtaHqzxDpE6jqm/zM+mdJxNzKCZsKXpc=

GET
H/1.1 200
OK pdf.js Show response
tslp.s3.amazonaws.com/detect/ 22 KB
23 KB 136ms
132ms Script
text/javascript 52.217.105.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/pdf.js?guid=eecafeb637&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
Requested by: Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.105.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d9b7c6163477008469af64b211e2dbd4f4171b85b51e3714f11c99f9ba2c32f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Mon, 27 Feb 2023 23:04:56 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 14:39:34 GMT
Server: AmazonS3
x-amz-request-id: QK1MDR22RDN4N322
ETag: "0d5882d41c8b6e40059c8d9acbcf1518"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 22855
x-amz-id-2: 1/OjNmnjMKrCzJVIGazc/zxx/F7E59darMdIV7zMVr3k+svQTF0fwOEmm1UhLw5YtH3H/ITfrNI=

GET
H/1.1 200
OK quicktime.js Show response
tslp.s3.amazonaws.com/detect/ 7 KB
7 KB 263ms
130ms Script
text/javascript 52.217.105.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/quicktime.js?guid=eecafeb637&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
Requested by: Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.105.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6ae53963f41133561c78b4332b564c01f551c471cd91d980436a9f5dacdd8f19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Mon, 27 Feb 2023 23:04:56 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 14:41:05 GMT
Server: AmazonS3
x-amz-request-id: QK1PTM6QS4N2XZ0C
ETag: "ee73f2f47d51116dc40b85a6b57eaf20"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 6999
x-amz-id-2: pZimAsVn6yx5NPsdMCavIrLV8p8zScVWOUXgFLhTeZ7eNkSYIacEDyyVLkV61eX8d3wHExnhaN0=

GET
H/1.1 200
OK realplayer.js Show response
tslp.s3.amazonaws.com/detect/ 10 KB
10 KB 268ms
131ms Script
text/javascript 52.217.105.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/realplayer.js?guid=eecafeb637&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
Requested by: Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.105.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 88be902cc76b5ec1ec932b6ae93457b6b0ca69d7a36bfadefc2f24db225dc238

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Mon, 27 Feb 2023 23:04:56 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 14:45:02 GMT
Server: AmazonS3
x-amz-request-id: QK1WXHKB2DYWX0ZH
ETag: "3d7be656672c16a34806c13388410325"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 9775
x-amz-id-2: JGBwGl6+MrJ59Jd5fZFsl2K4jxcjQSrDN3ijBQDgzyG8KS15qhSnY85ZT7yr2oW185RQ26IlfHs=

GET
H/1.1 200
OK silverlight.js Show response
tslp.s3.amazonaws.com/detect/ 4 KB
5 KB 270ms
129ms Script
text/javascript 52.217.105.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/silverlight.js?guid=eecafeb637&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
Requested by: Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.105.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0730a7e6770925fa4232096e4d9874514985ec791a63fe873f0e4e3cd7722381

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Mon, 27 Feb 2023 23:04:56 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 18:00:03 GMT
Server: AmazonS3
x-amz-request-id: QK1X2F41K1ZT1ZQS
ETag: "e6dd596d2bc204ea573b868b92028c26"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 4234
x-amz-id-2: mHX9ShUIZEd1vC2r2nFjy6ZgzuyPX68UbQU6ACHvbZb2bprYpj1KAmgBOLmuNk1rtY3g/zjwhDQ=

GET
H/1.1 200
OK wmp.js Show response
tslp.s3.amazonaws.com/detect/ 6 KB
6 KB 273ms
132ms Script
text/javascript 52.217.105.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/wmp.js?guid=eecafeb637&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
Requested by: Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.105.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: cdb16ca3ddd3cead71121799751fa80d3033375abcdbc5fc84d35fb82c7fc9de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Mon, 27 Feb 2023 23:04:56 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 15:07:14 GMT
Server: AmazonS3
x-amz-request-id: QK1SCAYGH9031CFY
ETag: "ffd2cc77bb64d40beeb5d561fffe1f79"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 5941
x-amz-id-2: WAnQceAoZBYal1v/43BB9z+iLv405sETdsb9vM+8ZYJPF7rEaMNceuvrFg3hpuqSEf4oPk5qjYg=

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.2/ 91 KB
33 KB 134ms
42ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 15:58:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 457572
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33621
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Feb 2024 15:58:43 GMT

GET
H/1.1 200
OK language.18071.js Show response
tslp.s3.amazonaws.com/languages/ 8 KB
8 KB 381ms
131ms Script
application/javascript 52.217.105.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/languages/language.18071.js
Requested by: Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.105.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 73f360f08e8c2a1719c098491e17d53cdaa98d246585bfd0285a2afad75c51a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Mon, 27 Feb 2023 23:04:57 GMT
x-amz-version-id: U_kpSjDDW4npfowvZPZnd2_aKVkUaKPA
Last-Modified: Fri, 26 Aug 2022 14:07:38 GMT
Server: AmazonS3
x-amz-request-id: A5AA4J3Z1SCHDDR2
ETag: "8b9a9d305bd69c962b600c08f3c69edf"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 8207
x-amz-id-2: IkFmpn3WoExb07G5Coedxpmg1wGvRSG5wbhMXRg+FZtNDFLJwy1DMO6/M4CAJ11Ab8FggFed6EA=

GET
H/1.1 200
OK training.js Show response
tslp.s3.amazonaws.com/assets/js/ 352 B
811 B 389ms
134ms Script
application/javascript 52.217.105.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/assets/js/training.js
Requested by: Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.105.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8a1170223599205267c6ee3a3072855f1727461d9dd1066bb94f39180f963af9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Mon, 27 Feb 2023 23:04:57 GMT
x-amz-version-id: 6KvPBARKn9Wl5VW3Hl_LtK2bIq68QrGH
Last-Modified: Fri, 26 Aug 2022 14:07:38 GMT
Server: AmazonS3
x-amz-request-id: A5A9JR30Y84K2X00
ETag: "029ab28ca3c245dc425e3f3f6599d480"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 352
x-amz-id-2: z37/zum+WuMwAAo0G/aLFUiV0ah/K4U/Nfj5QUJbPlCqmhLSrzoyoj4NtR/kA3vhEvBIDAltmDg=

GET
H2 200 all.js Show response
benefits.corp-internal.co/assets/ 28 KB
7 KB 59ms
57ms Script
application/javascript 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://benefits.corp-internal.co/assets/all.js?guid=eecafeb637&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
Requested by: Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-224-253.eu-west-1.compute.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: 39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:55 GMT
content-encoding: gzip
last-modified: Thu, 19 Jan 2023 14:01:13 GMT
server: ThreatSim-Web-Server
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
content-length: 7191
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK hooks-a3eab7.png
tslp.s3.amazonaws.com/training/production/314/ 5 KB
5 KB 138ms
138ms Image
image/png 52.217.105.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tslp.s3.amazonaws.com/training/production/314/hooks-a3eab7.png
Requested by: Host: tslp.s3.amazonaws.com
URL: https://tslp.s3.amazonaws.com/training/embedded/css/url.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.105.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7789f06bcf267ab54b9bc9c64ea04877c46aa141f67a21a501d908447fd95ebb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tslp.s3.amazonaws.com/training/embedded/css/url.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Mon, 27 Feb 2023 23:04:57 GMT
x-amz-version-id: .YGCnRqbXkaDTSLNT7EWxvKvKu.lg1.r
Last-Modified: Fri, 26 Aug 2022 14:07:48 GMT
Server: AmazonS3
x-amz-request-id: A5ACQW61F9KPA5XM
ETag: "3e598c505586e70346fa62d104dd540f"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 5003
x-amz-id-2: AgAVdk5scnE/iZs7m50wpaUS2j24UNrY0jZ9MJAimMEYI3dmVQ6CmMtt0DicqVm1PCuUJ3cu4jE=

GET
H/1.1 200
OK mail.png
d25q7gseii1o1q.cloudfront.net/training/fish/ 926 B
1 KB 173ms
41ms Image
image/png 13.225.84.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d25q7gseii1o1q.cloudfront.net/training/fish/mail.png
Requested by: Host: tslp.s3.amazonaws.com
URL: https://tslp.s3.amazonaws.com/training/embedded/css/url.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-98.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a35de3a30e58bf477febca8b47225959f48fd384faf088a218d6bf2251f06cbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tslp.s3.amazonaws.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Mon, 27 Feb 2023 02:55:49 GMT
Via: 1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
Last-Modified: Fri, 30 May 2014 15:01:28 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C2
Age: 72547
ETag: "3c506b80d78539262795c9ba59a0631a"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 926
X-Amz-Cf-Id: PP7wFTnAQ1CD5ouY_tZ3UqJeTjqjKXYAU67RLOColi48ugxfKG2nJw==

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 129ms
40ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://benefits.corp-internal.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:05:33 GMT
x-content-type-options: nosniff
age: 410363
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Feb 2024 05:05:33 GMT

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 62ms
60ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=undefined&msg=window.tracking_id%20is%20not%20set%2C%20let%27s%20get%20it&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 93c28cee-91c5-4d4a-80c3-c579787a7ea7
x-runtime: 0.001980
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-05c60195317a98155, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
465 B 61ms
60ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=unknown&msg=get-id%20is%20undefined&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 4aae249f-111e-4b06-9296-a4d0b627712c
x-runtime: 0.002151
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0eff09ca492b0f67c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 60ms
59ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=unknown&msg=did%20not%20find%20guid%20in%20last%20part%20of%20location&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: eb2db8b2-2b24-45b0-8ea0-ffbccb0885bd
x-runtime: 0.001648
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0462893be421cc542, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H/1.1 200
OK en-us.json Show response
tslp.s3.amazonaws.com/training/embedded/translations/url/ 2 KB
2 KB 400ms
153ms XHR
application/json 52.217.105.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/training/embedded/translations/url/en-us.json
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.105.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6029db4e8a8928f728f865f2cb26f295ec030e46f621f8296d3af91481e01c27

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://benefits.corp-internal.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Mon, 27 Feb 2023 23:04:57 GMT
x-amz-version-id: W3SdNK1tt7wVlYPT.kZO3sApmKyEKvN8
Last-Modified: Thu, 19 Jan 2023 16:09:24 GMT
Server: AmazonS3
x-amz-request-id: A5A1G4JJ6RS6RKQA
ETag: "5113dad20241201a33ab81b33233bd01"
x-amz-server-side-encryption: AES256
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Content-Type: application/json
Accept-Ranges: bytes
Content-Length: 1895
x-amz-id-2: gh4Ws3+JTQNWyT4h2QwHcai7SCUqehxciIlZ+svkoZ6fUEcHs2Kx9LnylRwEStCzWYCIqF5U3Gk=

GET
H2 200 training_screenshot Show response
benefits.corp-internal.co/ Frame 49AD 1 KB
1 KB 63ms
62ms Document
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://benefits.corp-internal.co/training_screenshot?guid=eecafeb637&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

aeccd587c0b9a25d7933f2000b2d6afa8986bdfe3ed179eaacb78e2f51fd5341

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 27 Feb 2023 23:04:56 GMT
etag: W/"aeccd587c0b9a25d7933f2000b2d6afa"
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-host-info: lw-prod-eu-i-0c9ecfab34b9d5adf ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-permitted-cross-domain-policies: none
x-request-id: 1bb4790a-2fdb-42f7-bd6e-1db583fcead0
x-runtime: 0.005168
x-xss-protection: 1; mode=block

GET
H2 200 log
benefits.corp-internal.co/ 0
476 B 62ms
57ms Image
image/gif 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/log?id=eecafeb637&campaign_guid=a24a5e934f&msg=embeddedhtmlemail%20id%20exists%20with%20environment%20%3D%20production

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 6c879fd4-d0ae-4d5d-8e05-5ad512d90970
x-runtime: 0.001947
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-05c60195317a98155, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/gif; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 log
benefits.corp-internal.co/ 0
476 B 67ms
60ms Image
image/gif 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/log?id=eecafeb637&campaign_guid=a24a5e934f&msg=Loading%20embedded%20html

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: f7502ddb-a62d-42ff-9e78-ebb913a4774e
x-runtime: 0.002045
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0eff09ca492b0f67c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/gif; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 log
benefits.corp-internal.co/ 0
476 B 66ms
59ms Image
image/gif 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/log?id=eecafeb637&campaign_guid=a24a5e934f&msg=logo_object%20does%20not%20exist

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 1eb4eb1c-f791-47d6-8879-f44687ced5fc
x-runtime: 0.001833
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0462893be421cc542, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/gif; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 66ms
59ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=10eecafeaeb63745&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 813764d2-8f86-403b-a4bd-cd82c6b7fe8c
x-runtime: 0.001806
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0c9ecfab34b9d5adf, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 67ms
60ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=10eecafeaeb63745&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: d8554d32-7166-488e-8885-3e9a1d54c332
x-runtime: 0.001977
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-05c60195317a98155, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 67ms
61ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=10eecafeaeb63745&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 302032cc-611f-4064-b883-e8efb9c23af4
x-runtime: 0.001349
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0eff09ca492b0f67c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 118ms
112ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=10eecafeaeb63745&msg=BrowserDetect%20-%20browser%20%3D%20Chrome&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 044b53a3-eaf0-4534-a1f0-9eb2cf27a773
x-runtime: 0.008448
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0462893be421cc542, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 104ms
98ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=10eecafeaeb63745&msg=BrowserDetect%20-%20browser_version%20%3D%20110&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 964aa409-becd-4714-8f09-ebd44a259127
x-runtime: 0.002647
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0c9ecfab34b9d5adf, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 107ms
101ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=10eecafeaeb63745&msg=BrowserDetect%20-%20os%20%3D%20Windows&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 51cf80f0-2759-4667-8528-40e1c790edff
x-runtime: 0.002512
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-05c60195317a98155, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 110ms
104ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=10eecafeaeb63745&msg=BrowserDetect%20-%20os_version%20%3D%2010&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 822b162d-9448-4b4a-b809-0ea5c1b4b9a1
x-runtime: 0.003389
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0eff09ca492b0f67c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 105ms
99ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=10eecafeaeb63745&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 24dde3e7-c808-4ecc-a933-f32289e938a6
x-runtime: 0.002551
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0462893be421cc542, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
467 B 108ms
102ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=10eecafeaeb63745&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 5193cb53-d7fb-42f6-bd45-3db5ad953166
x-runtime: 0.002644
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0c9ecfab34b9d5adf, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
465 B 114ms
108ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=10eecafeaeb63745&msg=BrowserDetect%20-%20width%20%3D%201600&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: bd1f23e1-aafa-44a5-a2aa-d19fcb7610e6
x-runtime: 0.005087
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-05c60195317a98155, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
465 B 109ms
103ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=10eecafeaeb63745&msg=BrowserDetect%20-%20height%20%3D%201200&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: aec07a7c-2d09-444c-b37a-fe09a0e1756d
x-runtime: 0.002317
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0eff09ca492b0f67c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 110ms
104ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=10eecafeaeb63745&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Plugin&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 5281da65-835b-43c1-a183-ba503fefcfbc
x-runtime: 0.005773
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0462893be421cc542, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 111ms
105ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=10eecafeaeb63745&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Viewer&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 2014ac43-a6ea-4fd3-9e90-3a38afbea874
x-runtime: 0.004189
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0c9ecfab34b9d5adf, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 118ms
112ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=10eecafeaeb63745&msg=BrowserDetect%20-%20plugin%20Native%20Client&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: d61c9e04-b9a9-4703-a48d-b88e051d69ef
x-runtime: 0.001435
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-05c60195317a98155, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
465 B 107ms
102ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=10eecafeaeb63745&msg=Chrome%20browser%2C%20using%20more%20detailed%20version&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 5e12c8de-1f19-42dc-8a96-6ede28eac3aa
x-runtime: 0.002342
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0eff09ca492b0f67c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 114ms
109ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=10eecafeaeb63745&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 508a18e0-3468-4849-946b-977c7f8a38c3
x-runtime: 0.005838
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0462893be421cc542, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 115ms
110ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=10eecafeaeb63745&msg=java_version_pl%20%3D%20unknown&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 7baad5d3-3dee-4f47-87f3-d5f60ac61f6c
x-runtime: 0.001309
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0c9ecfab34b9d5adf, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 114ms
109ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=10eecafeaeb63745&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: b539d800-c05d-46c5-85a7-561c47495a54
x-runtime: 0.003406
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-05c60195317a98155, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 113ms
108ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=10eecafeaeb63745&msg=java_version_jres%20%3D%20unknown&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 8514d0bb-409b-4c9e-a2df-92770eeb57b3
x-runtime: 0.003573
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0eff09ca492b0f67c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 115ms
111ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=10eecafeaeb63745&msg=java_version%20%3D%20undefined&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: d5a5441e-35b8-4fa6-b124-cbcdafc0e54e
x-runtime: 0.005559
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0462893be421cc542, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
465 B 112ms
107ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=10eecafeaeb63745&msg=Loading%20flash%20version&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: cfa2de80-ae00-49c7-a8cc-4e29aebccf29
x-runtime: 0.003965
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0c9ecfab34b9d5adf, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
467 B 117ms
113ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=10eecafeaeb63745&msg=flash%20%3D%20unknown&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 06759a5f-df9b-480f-8564-44bbdeb9042d
x-runtime: 0.001250
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-05c60195317a98155, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 112ms
107ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=10eecafeaeb63745&msg=Loading%20pdf%20version&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: a6b960f7-c6f0-41c3-9d3c-9c706ba2ab48
x-runtime: 0.002116
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0eff09ca492b0f67c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 111ms
107ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=10eecafeaeb63745&msg=Could%20not%20find%20AdobeReader%20version&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 378efd7c-de70-41d2-b1e4-c3d84c58be2f
x-runtime: 0.001884
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0462893be421cc542, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
465 B 116ms
112ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=10eecafeaeb63745&msg=pdf%20%3D%20unknown&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 93d388b0-0993-4e21-819a-0725122e08c2
x-runtime: 0.005464
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0c9ecfab34b9d5adf, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 103ms
100ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=10eecafeaeb63745&msg=Loading%20quicktime%20version&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: e0ce852f-adc8-492a-9f99-3cd34ee2fb32
x-runtime: 0.002188
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-05c60195317a98155, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
465 B 109ms
106ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=10eecafeaeb63745&msg=quicktime%20%3D%20unknown&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 91a28407-a12d-4b1d-a08b-8aa703a1eb79
x-runtime: 0.002146
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0eff09ca492b0f67c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 107ms
103ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=10eecafeaeb63745&msg=Loading%20RealPlayer%20version&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 371b701a-a529-4880-87f0-350c64e2315f
x-runtime: 0.001857
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0462893be421cc542, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 117ms
113ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=10eecafeaeb63745&msg=realplayer%20%3D%20unknown&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 63e9f36f-e001-4712-bb1b-189e3a3296fa
x-runtime: 0.001345
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0c9ecfab34b9d5adf, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 104ms
101ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=10eecafeaeb63745&msg=Loading%20Silverlight%20version&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 9803e557-bf6b-4c88-9b34-9002972d84ef
x-runtime: 0.001740
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-05c60195317a98155, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 113ms
110ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=10eecafeaeb63745&msg=silverlight%20%3D%20unknown&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 2caaa8d3-2db8-45b3-abb0-3258bd1c3f26
x-runtime: 0.002615
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0eff09ca492b0f67c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 109ms
106ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=10eecafeaeb63745&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: ed212b43-e54a-48f8-8ebf-810990a98023
x-runtime: 0.001646
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0462893be421cc542, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 108ms
105ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=10eecafeaeb63745&msg=wmp%20%3D%20unknown&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 1234dc03-e37e-4f10-91fc-b24750df8e75
x-runtime: 0.003028
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0c9ecfab34b9d5adf, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 107ms
104ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=10eecafeaeb63745&msg=training_page_no_browser_post&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 3e0d3cc2-8409-42ed-a47d-197f67478ff9
x-runtime: 0.002269
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-05c60195317a98155, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
benefits.corp-internal.co/ 0
466 B 115ms
112ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://benefits.corp-internal.co/trace?id=10eecafeaeb63745&msg=redirect_url%20is%20undefined&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Requested by

Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/load_training?guid=10eecafeaeb63745&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 23:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 71b61cc6-0080-4ff8-a297-171dbc5cc877
x-runtime: 0.002108
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0eff09ca492b0f67c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H/1.1 200
OK hess-logo-ad4f18.png
ts-eu-uploads.s3.eu-west-1.amazonaws.com/training/production/3902/ Frame 49AD 4 KB
4 KB 273ms
93ms Image
image/png 52.92.19.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ts-eu-uploads.s3.eu-west-1.amazonaws.com/training/production/3902/hess-logo-ad4f18.png
Requested by: Host: benefits.corp-internal.co
URL: https://benefits.corp-internal.co/training_screenshot?guid=eecafeb637&correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.19.114 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: da20d5d4b71a565a0bd29af70a690f435c94b7c5e8d48eaa3bec30ade5de14e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefits.corp-internal.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Mon, 27 Feb 2023 23:04:57 GMT
Last-Modified: Tue, 31 Jan 2023 19:08:06 GMT
Server: AmazonS3
x-amz-request-id: A5AEJY0H5JJG3DVW
ETag: "1bdf1086c709aa3a15ee78456e5fd187"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3800
x-amz-id-2: //aGFbYdc+8ylCUn37sFRw6nusV8ifZkEhzhs1X6OKFvWvHsXJ0uKR+1OtzSZsyLVA3qUlKk5Kg=

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: benefits.corp-internal.co
URL: https://benefits.corp-internal.co:49153/alt_pixel_click_eecafeb637.gif?correlation_id=5d416fe9-881b-4bf3-a1d7-539011b07c18

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Phishing Simulation (Internet)

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
benefits.corp-internal.co/	1969-12-31 23:59:59	Name: EXFILGUID Value: eecafeb637
benefits.corp-internal.co/	1969-12-31 23:59:59	Name: link_clicked_eecafeb637 Value: 1
java.com/	1970-01-20 09:58:59	Name: akaalb_OCE_Failover Value: 1677539154~op=JCOM_OCE:oceProdappJcomProdOrigin\|~rv=38~m=oceProdappJcomProdOrigin:0\|~os=2708f36cb43ca861e42dc0215e4669c5~id=a9703ca664e047031b774baf4494bcf0
www.java.com/	1970-01-20 09:58:59	Name: akaalb_OCE_Failover Value: 1677539154~op=JCOM_OCE:oceProdappJcomProdOrigin\|~rv=25~m=oceProdappJcomProdOrigin:0\|~os=2708f36cb43ca861e42dc0215e4669c5~id=010126d45f3f685cbb0d2966d2579c3a

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
benefits.corp-internal.co
d25q7gseii1o1q.cloudfront.net
d2wy8f7a9ursnm.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
java.com
ts-eu-uploads.s3.eu-west-1.amazonaws.com
tslp.s3.amazonaws.com
www.java.com
benefits.corp-internal.co
13.225.84.98
2a00:1450:4001:808::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:82a::200a
2a02:26f0:3500:1b::1724:a397
2a02:26f0:dc::6853:413
52.217.105.20
52.222.206.53
52.31.224.253
52.92.19.114
0730a7e6770925fa4232096e4d9874514985ec791a63fe873f0e4e3cd7722381
18fd69a3bb1fc61221c8d6c3bbbd177c38a21d96392bf2b403ddd9969615cf22
1ebad5d7700e51080376fb7d57fb889743ec32c58ae0bd74f6adef7426a7a0e8
358bb442f5d81ddc8e393d922458a9d84010efee2c346763ae87a45be92224d1
39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9
4805fc6abdad8075af2165e241b781c3073d4769ae725e4004bf79064acb5f24
4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a
5243766eedfcba70128c2931dbef8875f942b81e39002d80dc0110167d4ef742
6029db4e8a8928f728f865f2cb26f295ec030e46f621f8296d3af91481e01c27
6ae53963f41133561c78b4332b564c01f551c471cd91d980436a9f5dacdd8f19
6ccf8bfa053b6e2c93ae5f0a381034a6ba1b920974c5d63af632f9828df8632c
73f360f08e8c2a1719c098491e17d53cdaa98d246585bfd0285a2afad75c51a7
7789f06bcf267ab54b9bc9c64ea04877c46aa141f67a21a501d908447fd95ebb
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
88be902cc76b5ec1ec932b6ae93457b6b0ca69d7a36bfadefc2f24db225dc238
8a1170223599205267c6ee3a3072855f1727461d9dd1066bb94f39180f963af9
910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649
9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc
a26d01d5912459798481786640dc44fd7605d09f2f9e6dd24720205efcab6861
a35de3a30e58bf477febca8b47225959f48fd384faf088a218d6bf2251f06cbe
aeccd587c0b9a25d7933f2000b2d6afa8986bdfe3ed179eaacb78e2f51fd5341
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
cdb16ca3ddd3cead71121799751fa80d3033375abcdbc5fc84d35fb82c7fc9de
d9b7c6163477008469af64b211e2dbd4f4171b85b51e3714f11c99f9ba2c32f9
da20d5d4b71a565a0bd29af70a690f435c94b7c5e8d48eaa3bec30ade5de14e2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

benefits.corp-internal.co Open in urlscan Pro 52.31.224.253 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

116 Requests

97 %HTTPS

50 %IPv6

6 Domains

10 Subdomains

10 IPs

4 Countries

563 kBTransfer

779 kBSize

4 Cookies

1 Outgoing links

Page URL History

Redirected requests

116 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

benefits.corp-internal.co Open in urlscan Pro
52.31.224.253 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

116
Requests

97 %
HTTPS

50 %
IPv6

6
Domains

10
Subdomains

10
IPs

4
Countries

563 kB
Transfer

779 kB
Size

4
Cookies

116 HTTP transactions
0 data transactions