citrix.account-maintenance.com Open in urlscan Pro
52.202.140.133 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://citrix.account-maintenance.com/24d898c76c?l=10
Effective URL:
http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Submission: On May 21 via manual (May 21st 2018, 11:16:31 am UTC) from IN

Summary HTTP 66 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 1 countries across 7 domains to perform 66 HTTP transactions. The main IP is 52.202.140.133, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is citrix.account-maintenance.com.

This is the only time citrix.account-maintenance.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
41	52.202.140.133 52.202.140.133	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
12	54.173.248.25 54.173.248.25	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
3	54.231.72.11 54.231.72.11	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	52.85.177.55 52.85.177.55	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	172.217.22.10 172.217.22.10	15169 (GOOGLE) (GOOGLE - Google LLC)
1 6	216.58.208.46 216.58.208.46	15169 (GOOGLE) (GOOGLE - Google LLC)
1	173.194.76.157 173.194.76.157	15169 (GOOGLE) (GOOGLE - Google LLC)
1	216.58.205.234 216.58.205.234	15169 (GOOGLE) (GOOGLE - Google LLC)
66	8

41 52.202.140.133 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-202-140-133.compute-1.amazonaws.com

citrix.account-maintenance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dataentry.threatsim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 54.173.248.25 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-173-248-25.compute-1.amazonaws.com

citrix.account-maintenance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.231.72.11 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1-w.amazonaws.com

tslp.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ts-uploads.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.85.177.55 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-85-177-55.fra6.r.cloudfront.net

d2wy8f7a9ursnm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.10 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s14-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.58.208.46 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s12-in-f46.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.76.157 (Portage, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: ws-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.205.234 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s24-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	account-maintenance.com citrix.account-maintenance.com	34 KB
22	threatsim.com dataentry.threatsim.com	13 KB
6	google-analytics.com 1 redirects www.google-analytics.com	29 KB
3	amazonaws.com tslp.s3.amazonaws.com ts-uploads.s3.amazonaws.com	247 KB
2	googleapis.com ajax.googleapis.com	66 KB
2	cloudfront.net d2wy8f7a9ursnm.cloudfront.net	7 KB
1	doubleclick.net stats.g.doubleclick.net	102 B
66	7

	Domain	Requested by
31	citrix.account-maintenance.com	citrix.account-maintenance.com
22	dataentry.threatsim.com	ajax.googleapis.com citrix.account-maintenance.com
6	www.google-analytics.com	1 redirects citrix.account-maintenance.com
2	ajax.googleapis.com	citrix.account-maintenance.com
2	d2wy8f7a9ursnm.cloudfront.net	citrix.account-maintenance.com
2	tslp.s3.amazonaws.com	citrix.account-maintenance.com
1	ts-uploads.s3.amazonaws.com	citrix.account-maintenance.com
1	stats.g.doubleclick.net	citrix.account-maintenance.com
66	8

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Frame ID: 50CF3D3BE5F6A8CFEB82007402FF23D6
Requests: 66 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://citrix.account-maintenance.com/24d898c76c?l=10 Page URL
http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0... Page URL

Detected technologies

Apache Traffic Server (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /ATS\/?([\d.]+)?/i

BugSnag (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /bugsnag.*\.js/i
env /^BugSnag$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js/i
env /^jQuery$/i

Page Statistics

66
Requests

0 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

8
IPs

1
Countries

395 kB
Transfer

575 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://citrix.account-maintenance.com/24d898c76c?l=10 Page URL
http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 29

http://www.google-analytics.com/r/collect?v=1&_v=j67&a=108905051&t=pageview&_s=1&dl=http%3A%2F%2Fcitrix.account-maintenance.com%2F24d898c76c%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1997740163&gjid=687403890&cid=1433102901.1526901380&tid=UA-83403-17&_gid=1079143134.1526901380&_r=1&z=1000682546 HTTP 307
https://www.google-analytics.com/r/collect?v=1&_v=j67&a=108905051&t=pageview&_s=1&dl=http%3A%2F%2Fcitrix.account-maintenance.com%2F24d898c76c%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1997740163&gjid=687403890&cid=1433102901.1526901380&tid=UA-83403-17&_gid=1079143134.1526901380&_r=1&z=1000682546 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-83403-17&cid=1433102901.1526901380&jid=1997740163&_gid=1079143134.1526901380&gjid=687403890&_v=j67&z=1000682546

Request Chain 30

http://www.google-analytics.com/collect?v=1&_v=j67&a=108905051&t=pageview&_s=2&dl=http%3A%2F%2Fcitrix.account-maintenance.com%2F24d898c76c%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=&gjid=&cid=1433102901.1526901380&uid=24d898c76c&tid=UA-83403-17&_gid=1079143134.1526901380&z=1305677854 HTTP 307
https://www.google-analytics.com/collect?v=1&_v=j67&a=108905051&t=pageview&_s=2&dl=http%3A%2F%2Fcitrix.account-maintenance.com%2F24d898c76c%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=&gjid=&cid=1433102901.1526901380&uid=24d898c76c&tid=UA-83403-17&_gid=1079143134.1526901380&z=1305677854

Request Chain 38

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 39

http://www.google-analytics.com/collect?v=1&_v=j67&a=334871717&t=pageview&_s=1&dl=http%3A%2F%2Fcitrix.account-maintenance.com%2Fload_training%3Fguid%3D24d898c76c%26correlation_id%3D4d3de5bf-3c12-4828-ab3b-91496d0c7efa&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=AACAAEAB~&jid=&gjid=&cid=1433102901.1526901380&tid=UA-83403-17&_gid=1079143134.1526901380&z=1089233750 HTTP 307
https://www.google-analytics.com/collect?v=1&_v=j67&a=334871717&t=pageview&_s=1&dl=http%3A%2F%2Fcitrix.account-maintenance.com%2Fload_training%3Fguid%3D24d898c76c%26correlation_id%3D4d3de5bf-3c12-4828-ab3b-91496d0c7efa&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=AACAAEAB~&jid=&gjid=&cid=1433102901.1526901380&tid=UA-83403-17&_gid=1079143134.1526901380&z=1089233750

Request Chain 43

http://www.google-analytics.com/collect?v=1&_v=j67&a=334871717&t=pageview&_s=2&dl=http%3A%2F%2Fcitrix.account-maintenance.com%2Fload_training%3Fguid%3D24d898c76c%26correlation_id%3D4d3de5bf-3c12-4828-ab3b-91496d0c7efa&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=SACAAEAB~&jid=&gjid=&cid=1433102901.1526901380&tid=UA-83403-17&_gid=1079143134.1526901380&z=2005253715 HTTP 307
https://www.google-analytics.com/collect?v=1&_v=j67&a=334871717&t=pageview&_s=2&dl=http%3A%2F%2Fcitrix.account-maintenance.com%2Fload_training%3Fguid%3D24d898c76c%26correlation_id%3D4d3de5bf-3c12-4828-ab3b-91496d0c7efa&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=SACAAEAB~&jid=&gjid=&cid=1433102901.1526901380&tid=UA-83403-17&_gid=1079143134.1526901380&z=2005253715

66 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set 24d898c76c Show response
citrix.account-maintenance.com/ 3 KB
2 KB 270ms
128ms Document
text/html 52.202.140.133
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://citrix.account-maintenance.com/24d898c76c?l=10
Protocol: HTTP/1.1
Server: 52.202.140.133 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-202-140-133.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: 856c09c199b893fb0727e2a40bf6a82efb5bca8a4c297f4bc9d3026ceca4e046

Request headers

Host: citrix.account-maintenance.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 50CF3D3BE5F6A8CFEB82007402FF23D6

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 21 May 2018 11:16:19 GMT
ETag: W/"4daec4e35616f0d54ed75b794607965f"
Server: ThreatSim-Web-Server
Set-Cookie: EXFILGUID=24d898c76c; path=/ link_clicked_24d898c76c=1; path=/
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-09dd8c20349e9ee04 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: a3017213de05e4407509806105c655a7
X-Runtime: 0.021717
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 930
Connection: keep-alive

GET
H/1.1 200
OK Cookie set alt_pixel_click_24d898c76c.gif
citrix.account-maintenance.com/ 1 B
680 B 211ms
110ms Image
image/gif 54.173.248.25
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://citrix.account-maintenance.com:49152/alt_pixel_click_24d898c76c.gif?correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/24d898c76c?l=10
Protocol: HTTP/1.1
Server: 54.173.248.25 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-173-248-25.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com:49152
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://citrix.account-maintenance.com/24d898c76c?l=10
Cookie: EXFILGUID=24d898c76c; link_clicked_24d898c76c=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/24d898c76c?l=10
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Mon, 21 May 2018 11:16:19 GMT
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 21
X-Request-Id: 7b970787c8298de7190f6ac44f6d0cb2
X-UA-Compatible: IE=Edge,chrome=1
X-Runtime: 0.004401
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0059ce99ab1ef5e53 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: image/gif; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Set-Cookie: EXFILGUID=24d898c76c; path=/ link_clicked_24d898c76c=2; path=/
X-Rack-Cache: miss

GET
H/1.1 200
OK plugin_detect.js Show response
tslp.s3.amazonaws.com/detect/ 49 KB
49 KB 476ms
125ms Script
text/javascript 54.231.72.11
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/24d898c76c?l=10
Protocol: HTTP/1.1
Server: 54.231.72.11 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a

Request headers

Referer: http://citrix.account-maintenance.com/24d898c76c?l=10
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Mon, 21 May 2018 11:16:20 GMT
Last-Modified: Wed, 15 Feb 2017 17:56:07 GMT
Server: AmazonS3
x-amz-request-id: 012C0353E5891481
ETag: "00a513f07603df01e3b99be00f370754"
Content-Type: text/javascript
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 50085
x-amz-id-2: afntQ4/W71ETZN6jVSeBusZpOh5GS7kikmWxshSVB0M3kKyZxQKaMuV1j0bga4OeWHAam2uBObg=

GET
H/1.1 200
OK bugsnag-2.min.js Show response
d2wy8f7a9ursnm.cloudfront.net/ 6 KB
3 KB 43ms
36ms Script
application/javascript 52.85.177.55
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/24d898c76c?l=10
Protocol: HTTP/1.1
Server: 52.85.177.55 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-85-177-55.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc

Request headers

Referer: http://citrix.account-maintenance.com/24d898c76c?l=10
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Mon, 10 Jul 2017 01:37:12 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Aug 2016 00:30:49 GMT
Server: AmazonS3
Age: 362544
ETag: "6103bb5e4ec6141e19e1100caafc780c"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 f32dfb4a33594b7c1c1bbebfe50a0bfd.cloudfront.net (CloudFront)
Cache-Control: public, max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2962
X-Amz-Cf-Id: LicfhGZw9bwux7fBJkrmZ9EA-kmS-dwXpmb2rR7aYsTtcDdplhbbeA==

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ 90 KB
33 KB 16ms
5ms Script
text/javascript 172.217.22.10
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

Requested by

Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/24d898c76c?l=10

Protocol

HTTP/1.1

Server

172.217.22.10 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f10.1e100.net

Software

sffe /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://citrix.account-maintenance.com/24d898c76c?l=10
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Mon, 12 Feb 2018 21:00:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
Server: sffe
Age: 8432159
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 33018
X-XSS-Protection: 1; mode=block
Expires: Tue, 12 Feb 2019 21:00:20 GMT

GET
H/1.1 200
OK google-tracking.js Show response
citrix.account-maintenance.com/assets/ 455 B
707 B 106ms
105ms Script
application/javascript 52.202.140.133
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://citrix.account-maintenance.com/assets/google-tracking.js?g=24d898c76c
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/24d898c76c?l=10
Protocol: HTTP/1.1
Server: 52.202.140.133 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-202-140-133.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: fce517e48a56b76d45fd456264b90c82aa6e9ddb578f9f36d844ace5816d9841

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: */*
Referer: http://citrix.account-maintenance.com/24d898c76c?l=10
Cookie: EXFILGUID=24d898c76c; link_clicked_24d898c76c=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/24d898c76c?l=10
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Mon, 21 May 2018 11:16:19 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 May 2018 18:26:37 GMT
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000 public
Connection: keep-alive
Content-Length: 316
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK all.js Show response
citrix.account-maintenance.com/assets/ 28 KB
7 KB 210ms
106ms Script
application/javascript 52.202.140.133
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://citrix.account-maintenance.com/assets/all.js?g=24d898c76c
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/24d898c76c?l=10
Protocol: HTTP/1.1
Server: 52.202.140.133 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-202-140-133.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: bae06f323013a94b766da34246d6439db4b57a1144e7b4f4c6a18848eb7a4cf8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: */*
Referer: http://citrix.account-maintenance.com/24d898c76c?l=10
Cookie: EXFILGUID=24d898c76c; link_clicked_24d898c76c=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/24d898c76c?l=10
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Mon, 21 May 2018 11:16:19 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 May 2018 18:26:37 GMT
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000 public
Connection: keep-alive
Content-Length: 7149
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
S

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

34 KB
14 KB

6ms
6ms

Script
text/javascript

216.58.208.46
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/24d898c76c?l=10

Protocol

SPDY

Server

216.58.208.46 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f46.1e100.net

Software

Golfe2 /

Resource Hash

2218bbf47b340278b7b696dbe3af4eed89edffa709c19abd6747b18147c3a675

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://citrix.account-maintenance.com/24d898c76c?l=10
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 12 Apr 2018 18:13:11 GMT
server: Golfe2
age: 1213
date: Mon, 21 May 2018 10:56:07 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 14353
expires: Mon, 21 May 2018 12:56:07 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

POST
H/1.1 200
OK browser_post Show response
dataentry.threatsim.com/secure/ 1 B
603 B 473ms
117ms XHR
image/gif 52.202.140.133
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://dataentry.threatsim.com/secure/browser_post
Requested by: Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
Protocol: HTTP/1.1
Server: 52.202.140.133 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-202-140-133.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Accept: */*
Referer: http://citrix.account-maintenance.com/24d898c76c?l=10
Origin: http://citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

X-Runtime: 0.007586
Date: Mon, 21 May 2018 11:16:20 GMT
Content-Encoding: gzip
X-Rack-Cache: invalidate, pass
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0059ce99ab1ef5e53, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: image/gif; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: 1c2841eec13622c2b22216bd473a0373
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 431ms
102ms Image
text/html 52.202.140.133
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=24d898c76c&msg=BrowserDetect%20-%20localStorage%20%3D%20false&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/24d898c76c?l=10
Protocol: HTTP/1.1
Server: 52.202.140.133 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-202-140-133.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://citrix.account-maintenance.com/24d898c76c?l=10
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002427
Date: Mon, 21 May 2018 11:16:20 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-09dd8c20349e9ee04, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: d76050fd2786585f5e019ea4bba07190
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 446ms
107ms Image
text/html 52.202.140.133
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=24d898c76c&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/24d898c76c?l=10
Protocol: HTTP/1.1
Server: 52.202.140.133 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-202-140-133.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://citrix.account-maintenance.com/24d898c76c?l=10
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002467
Date: Mon, 21 May 2018 11:16:20 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0059ce99ab1ef5e53, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: 27378f5d87bb21a3b7c725b03c041df4
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 446ms
107ms Image
text/html 52.202.140.133
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=24d898c76c&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/24d898c76c?l=10
Protocol: HTTP/1.1
Server: 52.202.140.133 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-202-140-133.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://citrix.account-maintenance.com/24d898c76c?l=10
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002252
Date: Mon, 21 May 2018 11:16:20 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03dc482c0d4393748, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: 9b1754e298b5023eae27db96bbe81394
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 449ms
108ms Image
text/html 52.202.140.133
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=24d898c76c&msg=BrowserDetect%20-%20browser%20%3D%20Chrome&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/24d898c76c?l=10
Protocol: HTTP/1.1
Server: 52.202.140.133 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-202-140-133.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://citrix.account-maintenance.com/24d898c76c?l=10
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.001926
Date: Mon, 21 May 2018 11:16:20 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03325ecf4818a6139, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: 65a0cd88caf2e47cbf87b3f12c67cf84
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 456ms
110ms Image
text/html 52.202.140.133
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=24d898c76c&msg=BrowserDetect%20-%20browser_version%20%3D%2066&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/24d898c76c?l=10
Protocol: HTTP/1.1
Server: 52.202.140.133 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-202-140-133.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://citrix.account-maintenance.com/24d898c76c?l=10
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002167
Date: Mon, 21 May 2018 11:16:20 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-09dd8c20349e9ee04, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: dd28c8d3d0298a3696f730021f7e8161
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 102ms
101ms Image
text/html 52.202.140.133
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=24d898c76c&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/24d898c76c?l=10
Protocol: HTTP/1.1
Server: 52.202.140.133 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-202-140-133.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://citrix.account-maintenance.com/24d898c76c?l=10
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.001892
Date: Mon, 21 May 2018 11:16:20 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-09dd8c20349e9ee04, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: b7c1ccda009cca614db5a1b718009a39
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 108ms
107ms Image
text/html 52.202.140.133
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=24d898c76c&msg=BrowserDetect%20-%20os_version%20%3D%20&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/24d898c76c?l=10
Protocol: HTTP/1.1
Server: 52.202.140.133 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-202-140-133.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://citrix.account-maintenance.com/24d898c76c?l=10
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002214
Date: Mon, 21 May 2018 11:16:20 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0059ce99ab1ef5e53, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: 79cc5437f7d0efc104b5a6ed28c8b85e
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 108ms
108ms Image
text/html 52.202.140.133
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=24d898c76c&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/24d898c76c?l=10
Protocol: HTTP/1.1
Server: 52.202.140.133 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-202-140-133.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://citrix.account-maintenance.com/24d898c76c?l=10
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002375
Date: Mon, 21 May 2018 11:16:20 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03dc482c0d4393748, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: 6e72ba8af55a6c58103a8d981a5e996d
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 108ms
108ms Image
text/html 52.202.140.133
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=24d898c76c&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/24d898c76c?l=10
Protocol: HTTP/1.1
Server: 52.202.140.133 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-202-140-133.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://citrix.account-maintenance.com/24d898c76c?l=10
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.001683
Date: Mon, 21 May 2018 11:16:20 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-09dd8c20349e9ee04, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: e577726a20eddb2a2bf652e5bd15f5c9
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 113ms
113ms Image
text/html 52.202.140.133
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=24d898c76c&msg=BrowserDetect%20-%20width%20%3D%201600&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/24d898c76c?l=10
Protocol: HTTP/1.1
Server: 52.202.140.133 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-202-140-133.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://citrix.account-maintenance.com/24d898c76c?l=10
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.004665
Date: Mon, 21 May 2018 11:16:20 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0059ce99ab1ef5e53, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: 3b060912bc0063fb148c231bcf4bcffc
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 169ms
102ms Image
text/html 52.202.140.133
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=24d898c76c&msg=BrowserDetect%20-%20height%20%3D%201200&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/24d898c76c?l=10
Protocol: HTTP/1.1
Server: 52.202.140.133 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-202-140-133.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://citrix.account-maintenance.com/24d898c76c?l=10
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002685
Date: Mon, 21 May 2018 11:16:20 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03dc482c0d4393748, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: a6f0344881e69489c3b3f1be1097cf3a
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 129ms
106ms Image
text/html 52.202.140.133
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=24d898c76c&msg=Chrome%20browser%2C%20using%20more%20detailed%20version&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/24d898c76c?l=10
Protocol: HTTP/1.1
Server: 52.202.140.133 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-202-140-133.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://citrix.account-maintenance.com/24d898c76c?l=10
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.001701
Date: Mon, 21 May 2018 11:16:20 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-09dd8c20349e9ee04, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: e5692a449a128e70f5c34390731ae677
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 108ms
108ms Image
text/html 52.202.140.133
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=24d898c76c&msg=Skipping%20java%20detection&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/24d898c76c?l=10
Protocol: HTTP/1.1
Server: 52.202.140.133 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-202-140-133.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://citrix.account-maintenance.com/24d898c76c?l=10
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002349
Date: Mon, 21 May 2018 11:16:20 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0059ce99ab1ef5e53, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: 5c901a3a555d627c66e382181bb384d7
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 114ms
110ms Image
text/html 52.202.140.133
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=24d898c76c&msg=Skipping%20flash%20detection&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/24d898c76c?l=10
Protocol: HTTP/1.1
Server: 52.202.140.133 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-202-140-133.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://citrix.account-maintenance.com/24d898c76c?l=10
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.001893
Date: Mon, 21 May 2018 11:16:20 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03dc482c0d4393748, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: 39203255eaf2ef905ec096ea898a5d91
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 123ms
110ms Image
text/html 52.202.140.133
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=24d898c76c&msg=Skipping%20pdf%20detection&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/24d898c76c?l=10
Protocol: HTTP/1.1
Server: 52.202.140.133 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-202-140-133.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://citrix.account-maintenance.com/24d898c76c?l=10
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002005
Date: Mon, 21 May 2018 11:16:20 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03325ecf4818a6139, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: 06111d772031aa781634b443ef2ed708
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 166ms
101ms Image
text/html 52.202.140.133
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=24d898c76c&msg=Skipping%20quicktime%20detection&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/24d898c76c?l=10
Protocol: HTTP/1.1
Server: 52.202.140.133 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-202-140-133.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://citrix.account-maintenance.com/24d898c76c?l=10
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.001975
Date: Mon, 21 May 2018 11:16:20 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-09dd8c20349e9ee04, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: db3c5910a56a2a20de2549e3edfa8f12
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 134ms
108ms Image
text/html 52.202.140.133
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=24d898c76c&msg=Skipping%20RealPlayer%20detection&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/24d898c76c?l=10
Protocol: HTTP/1.1
Server: 52.202.140.133 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-202-140-133.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://citrix.account-maintenance.com/24d898c76c?l=10
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002178
Date: Mon, 21 May 2018 11:16:20 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0059ce99ab1ef5e53, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: 3e68062d5d7c32aa7f67f8274309c4e2
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 109ms
107ms Image
text/html 52.202.140.133
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=24d898c76c&msg=Skipping%20Silverlight%20detection&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/24d898c76c?l=10
Protocol: HTTP/1.1
Server: 52.202.140.133 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-202-140-133.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://citrix.account-maintenance.com/24d898c76c?l=10
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002225
Date: Mon, 21 May 2018 11:16:20 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03dc482c0d4393748, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: 9b3e28183bd9c8a77cb7dd2821c8b196
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 115ms
109ms Image
text/html 52.202.140.133
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=24d898c76c&msg=Skipping%20WindowsMediaPlayer%20detection&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/24d898c76c?l=10
Protocol: HTTP/1.1
Server: 52.202.140.133 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-202-140-133.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://citrix.account-maintenance.com/24d898c76c?l=10
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002346
Date: Mon, 21 May 2018 11:16:20 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03325ecf4818a6139, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: 6b7ae25c9390842d9091f6051ee1bb52
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 122ms
109ms Image
text/html 52.202.140.133
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=24d898c76c&msg=redirecting%20to%20%2Fload_training%3Fguid%3D24d898c76c%26correlation_id%3D4d3de5bf-3c12-4828-ab3b-91496d0c7efa&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/24d898c76c?l=10
Protocol: HTTP/1.1
Server: 52.202.140.133 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-202-140-133.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://citrix.account-maintenance.com/24d898c76c?l=10
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.001756
Date: Mon, 21 May 2018 11:16:20 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-09dd8c20349e9ee04, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: 431f6f9b5785c5ed795be261647607bd
X-UA-Compatible: IE=Edge,chrome=1

GET
S

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

http://www.google-analytics.com/r/collect?v=1&_v=j67&a=108905051&t=pageview&_s=1&dl=http%3A%2F%2Fcitrix.account-maintenance.com%2F24d898c76c%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=160...
https://www.google-analytics.com/r/collect?v=1&_v=j67&a=108905051&t=pageview&_s=1&dl=http%3A%2F%2Fcitrix.account-maintenance.com%2F24d898c76c%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=16...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-83403-17&cid=1433102901.1526901380&jid=1997740163&_gid=1079143134.1526901380&gjid=687403890&_v=j67&z=1000682546

35 B
102 B

15ms
15ms

Image
image/gif

173.194.76.157
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-83403-17&cid=1433102901.1526901380&jid=1997740163&_gid=1079143134.1526901380&gjid=687403890&_v=j67&z=1000682546

Requested by

Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/24d898c76c?l=10

Protocol

SPDY

Server

173.194.76.157 Portage, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

ws-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://citrix.account-maintenance.com/24d898c76c?l=10
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 21 May 2018 11:16:20 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 21 May 2018 11:16:20 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 302
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-83403-17&cid=1433102901.1526901380&jid=1997740163&_gid=1079143134.1526901380&gjid=687403890&_v=j67&z=1000682546
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 417
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S

200

collect
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/collect?v=1&_v=j67&a=108905051&t=pageview&_s=2&dl=http%3A%2F%2Fcitrix.account-maintenance.com%2F24d898c76c%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x...
https://www.google-analytics.com/collect?v=1&_v=j67&a=108905051&t=pageview&_s=2&dl=http%3A%2F%2Fcitrix.account-maintenance.com%2F24d898c76c%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600...

35 B
99 B

7ms
6ms

Image
image/gif

216.58.208.46
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j67&a=108905051&t=pageview&_s=2&dl=http%3A%2F%2Fcitrix.account-maintenance.com%2F24d898c76c%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=&gjid=&cid=1433102901.1526901380&uid=24d898c76c&tid=UA-83403-17&_gid=1079143134.1526901380&z=1305677854

Requested by

Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/24d898c76c?l=10

Protocol

SPDY

Server

216.58.208.46 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f46.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://citrix.account-maintenance.com/24d898c76c?l=10
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 May 2018 12:07:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1033756
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/collect?v=1&_v=j67&a=108905051&t=pageview&_s=2&dl=http%3A%2F%2Fcitrix.account-maintenance.com%2F24d898c76c%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=&gjid=&cid=1433102901.1526901380&uid=24d898c76c&tid=UA-83403-17&_gid=1079143134.1526901380&z=1305677854
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 158ms
102ms Image
text/html 52.202.140.133
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=24d898c76c&msg=browser_post_successful&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/24d898c76c?l=10
Protocol: HTTP/1.1
Server: 52.202.140.133 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-202-140-133.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://citrix.account-maintenance.com/24d898c76c?l=10
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002549
Date: Mon, 21 May 2018 11:16:20 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0059ce99ab1ef5e53, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: 3d5dc312799739d721db4b40472a684b
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK Primary Request load_training Show response
citrix.account-maintenance.com/ 3 KB
2 KB 119ms
119ms Document
text/html 52.202.140.133
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/assets/all.js?g=24d898c76c
Protocol: HTTP/1.1
Server: 52.202.140.133 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-202-140-133.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: bf56160fc2935c7b8b4731e3e834068f85fe6e72b8f40459147e84257a7f148b

Request headers

Host: citrix.account-maintenance.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://citrix.account-maintenance.com/24d898c76c?l=10
Accept-Encoding: gzip, deflate
Cookie: EXFILGUID=24d898c76c; link_clicked_24d898c76c=2; _ga=GA1.2.1433102901.1526901380; _gid=GA1.2.1079143134.1526901380; _gat=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 50CF3D3BE5F6A8CFEB82007402FF23D6
Referer: http://citrix.account-maintenance.com/24d898c76c?l=10

Response headers

Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 21 May 2018 11:16:21 GMT
ETag: W/"bfe436c9697a2f28e3557c482cfb8cf5"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0059ce99ab1ef5e53 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: c276017dfcfeed5b711a78a5d3b9d0ea
X-Runtime: 0.013080
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 1058
Connection: keep-alive

GET
H/1.1 200
OK bugsnag-2.min.js Show response
d2wy8f7a9ursnm.cloudfront.net/ 6 KB
3 KB 22ms
19ms Script
application/javascript 52.85.177.55
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Protocol: HTTP/1.1
Server: 52.85.177.55 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-85-177-55.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc

Request headers

Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Mon, 10 Jul 2017 01:37:12 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Aug 2016 00:30:49 GMT
Server: AmazonS3
Age: 362546
ETag: "6103bb5e4ec6141e19e1100caafc780c"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 f32dfb4a33594b7c1c1bbebfe50a0bfd.cloudfront.net (CloudFront)
Cache-Control: public, max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2962
X-Amz-Cf-Id: 27dZrphedgXDMTcvwHNBgtvcPjs8LGdZQtyWCe2mg8L-8304-3rGAA==

GET
S 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 94 KB
33 KB 21ms
6ms Script
text/javascript 216.58.205.234
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Requested by

Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa

Protocol

SPDY

Server

216.58.205.234 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s24-in-f10.1e100.net

Software

sffe /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 09 May 2018 20:53:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1002160
status: 200
alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 33576
x-xss-protection: 1; mode=block
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 May 2019 20:53:41 GMT

GET
H/1.1 200
OK plugin_detect.js Show response
tslp.s3.amazonaws.com/detect/ 49 KB
49 KB 115ms
114ms Script
text/javascript 54.231.72.11
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Protocol: HTTP/1.1
Server: 54.231.72.11 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a

Request headers

Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Mon, 21 May 2018 11:16:22 GMT
Last-Modified: Wed, 15 Feb 2017 17:56:07 GMT
Server: AmazonS3
x-amz-request-id: D46CA398444D230F
ETag: "00a513f07603df01e3b99be00f370754"
Content-Type: text/javascript
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 50085
x-amz-id-2: ehSKdlrQprsE/LyluBseizA9uag6sHL/0zQeN9xHgRXZEbYBXpBqHIrPLxrg6A508r1hkQTlOjk=

GET
H/1.1 200
OK phishing-link-data-entry-f7509e.PNG
ts-uploads.s3.amazonaws.com/training/production/1529/ 148 KB
149 KB 465ms
145ms Image
image/png 54.231.72.11
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ts-uploads.s3.amazonaws.com/training/production/1529/phishing-link-data-entry-f7509e.PNG
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Protocol: HTTP/1.1
Server: 54.231.72.11 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 23d8f47b88c063cb47bf331d91b0cc7ee1e4eb598cc6e4f38eeef0cc23ebd6a8

Request headers

Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Mon, 21 May 2018 11:16:22 GMT
Last-Modified: Tue, 18 Oct 2016 21:10:03 GMT
Server: AmazonS3
x-amz-request-id: A36E4C0D2927A5B9
ETag: "84ffe3d4facae83f05851e342ef1a966"
Content-Type: image/png
x-amz-version-id: cM5t3QDXiPyB9AUR7kMpCRPV6CBYjqTv
Accept-Ranges: bytes
Content-Length: 152016
x-amz-id-2: iFtkxn4a6SAIZokQ8YaX9+X7xBOsMa0AzhzK2qm/EM5nmsf4nvQAXteaZfW55VAxH7jS9GZZ6f0=

GET
H/1.1 200
OK google-tracking.js Show response
citrix.account-maintenance.com/assets/ 455 B
707 B 104ms
104ms Script
application/javascript 52.202.140.133
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://citrix.account-maintenance.com/assets/google-tracking.js?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Protocol: HTTP/1.1
Server: 52.202.140.133 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-202-140-133.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: fce517e48a56b76d45fd456264b90c82aa6e9ddb578f9f36d844ace5816d9841

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: */*
Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Cookie: EXFILGUID=24d898c76c; link_clicked_24d898c76c=2; _ga=GA1.2.1433102901.1526901380; _gid=GA1.2.1079143134.1526901380; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Mon, 21 May 2018 11:16:21 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 May 2018 18:26:37 GMT
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000 public
Connection: keep-alive
Content-Length: 316
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK all.js Show response
citrix.account-maintenance.com/assets/ 28 KB
7 KB 104ms
104ms Script
application/javascript 52.202.140.133
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://citrix.account-maintenance.com/assets/all.js?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Protocol: HTTP/1.1
Server: 52.202.140.133 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-202-140-133.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: bae06f323013a94b766da34246d6439db4b57a1144e7b4f4c6a18848eb7a4cf8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: */*
Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Cookie: EXFILGUID=24d898c76c; link_clicked_24d898c76c=2; _ga=GA1.2.1433102901.1526901380; _gid=GA1.2.1079143134.1526901380; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Mon, 21 May 2018 11:16:21 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 May 2018 18:26:37 GMT
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000 public
Connection: keep-alive
Content-Length: 7149
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
S

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

34 KB
14 KB

6ms
6ms

Script
text/javascript

216.58.208.46
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa

Protocol

SPDY

Server

216.58.208.46 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f46.1e100.net

Software

Golfe2 /

Resource Hash

2218bbf47b340278b7b696dbe3af4eed89edffa709c19abd6747b18147c3a675

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 12 Apr 2018 18:13:11 GMT
server: Golfe2
age: 1214
date: Mon, 21 May 2018 10:56:07 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 14353
expires: Mon, 21 May 2018 12:56:07 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
S

200

collect
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/collect?v=1&_v=j67&a=334871717&t=pageview&_s=1&dl=http%3A%2F%2Fcitrix.account-maintenance.com%2Fload_training%3Fguid%3D24d898c76c%26correlation_id%3D4d3de5bf-3c12-48...
https://www.google-analytics.com/collect?v=1&_v=j67&a=334871717&t=pageview&_s=1&dl=http%3A%2F%2Fcitrix.account-maintenance.com%2Fload_training%3Fguid%3D24d898c76c%26correlation_id%3D4d3de5bf-3c12-4...

35 B
99 B

6ms
6ms

Image
image/gif

216.58.208.46
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j67&a=334871717&t=pageview&_s=1&dl=http%3A%2F%2Fcitrix.account-maintenance.com%2Fload_training%3Fguid%3D24d898c76c%26correlation_id%3D4d3de5bf-3c12-4828-ab3b-91496d0c7efa&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=AACAAEAB~&jid=&gjid=&cid=1433102901.1526901380&tid=UA-83403-17&_gid=1079143134.1526901380&z=1089233750

Requested by

Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa

Protocol

SPDY

Server

216.58.208.46 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f46.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 May 2018 12:07:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1033757
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/collect?v=1&_v=j67&a=334871717&t=pageview&_s=1&dl=http%3A%2F%2Fcitrix.account-maintenance.com%2Fload_training%3Fguid%3D24d898c76c%26correlation_id%3D4d3de5bf-3c12-4828-ab3b-91496d0c7efa&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=AACAAEAB~&jid=&gjid=&cid=1433102901.1526901380&tid=UA-83403-17&_gid=1079143134.1526901380&z=1089233750
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK trace
citrix.account-maintenance.com/ 1 B
591 B 116ms
115ms Image
text/html 52.202.140.133
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://citrix.account-maintenance.com/trace?id=undefined&msg=window.tracking_id%20is%20not%20set%2C%20let%27s%20get%20it&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Protocol: HTTP/1.1
Server: 52.202.140.133 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-202-140-133.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Cookie: EXFILGUID=24d898c76c; link_clicked_24d898c76c=2; _ga=GA1.2.1433102901.1526901380; _gid=GA1.2.1079143134.1526901380; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002349
Date: Mon, 21 May 2018 11:16:21 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0059ce99ab1ef5e53 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: e7db28515d0af67b4f2e70d244b2f231
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
citrix.account-maintenance.com/ 1 B
591 B 116ms
115ms Image
text/html 52.202.140.133
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://citrix.account-maintenance.com/trace?id=unknown&msg=get-id%20is%20undefined&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Protocol: HTTP/1.1
Server: 52.202.140.133 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-202-140-133.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Cookie: EXFILGUID=24d898c76c; link_clicked_24d898c76c=2; _ga=GA1.2.1433102901.1526901380; _gid=GA1.2.1079143134.1526901380; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002427
Date: Mon, 21 May 2018 11:16:21 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03dc482c0d4393748 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: bf33f8a1d15b2883817270c35a2fe235
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
citrix.account-maintenance.com/ 1 B
591 B 212ms
109ms Image
text/html 52.202.140.133
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://citrix.account-maintenance.com/trace?id=unknown&msg=did%20not%20find%20guid%20in%20last%20part%20of%20location&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Protocol: HTTP/1.1
Server: 52.202.140.133 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-202-140-133.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Cookie: EXFILGUID=24d898c76c; link_clicked_24d898c76c=2; _ga=GA1.2.1433102901.1526901380; _gid=GA1.2.1079143134.1526901380; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.003349
Date: Mon, 21 May 2018 11:16:21 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0059ce99ab1ef5e53 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: 5c91fbb694aebe54e85e714981c570fb
X-UA-Compatible: IE=Edge,chrome=1

GET
S

200

collect
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/collect?v=1&_v=j67&a=334871717&t=pageview&_s=2&dl=http%3A%2F%2Fcitrix.account-maintenance.com%2Fload_training%3Fguid%3D24d898c76c%26correlation_id%3D4d3de5bf-3c12-48...
https://www.google-analytics.com/collect?v=1&_v=j67&a=334871717&t=pageview&_s=2&dl=http%3A%2F%2Fcitrix.account-maintenance.com%2Fload_training%3Fguid%3D24d898c76c%26correlation_id%3D4d3de5bf-3c12-4...

35 B
93 B

6ms
6ms

Image
image/gif

216.58.208.46
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j67&a=334871717&t=pageview&_s=2&dl=http%3A%2F%2Fcitrix.account-maintenance.com%2Fload_training%3Fguid%3D24d898c76c%26correlation_id%3D4d3de5bf-3c12-4828-ab3b-91496d0c7efa&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=SACAAEAB~&jid=&gjid=&cid=1433102901.1526901380&tid=UA-83403-17&_gid=1079143134.1526901380&z=2005253715

Requested by

Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa

Protocol

SPDY

Server

216.58.208.46 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f46.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 May 2018 12:07:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1033757
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/collect?v=1&_v=j67&a=334871717&t=pageview&_s=2&dl=http%3A%2F%2Fcitrix.account-maintenance.com%2Fload_training%3Fguid%3D24d898c76c%26correlation_id%3D4d3de5bf-3c12-4828-ab3b-91496d0c7efa&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=SACAAEAB~&jid=&gjid=&cid=1433102901.1526901380&tid=UA-83403-17&_gid=1079143134.1526901380&z=2005253715
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK trace
citrix.account-maintenance.com/ 1 B
591 B 203ms
103ms Image
text/html 54.173.248.25
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://citrix.account-maintenance.com/trace?id=24d898c76c&msg=BrowserDetect%20-%20localStorage%20%3D%20false&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Protocol: HTTP/1.1
Server: 54.173.248.25 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-173-248-25.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Cookie: EXFILGUID=24d898c76c; link_clicked_24d898c76c=2; _ga=GA1.2.1433102901.1526901380; _gid=GA1.2.1079143134.1526901380; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002258
Date: Mon, 21 May 2018 11:16:21 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-09dd8c20349e9ee04 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: 1d7683260afadbe7bbae908d5410025c
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
citrix.account-maintenance.com/ 1 B
591 B 217ms
106ms Image
text/html 54.173.248.25
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://citrix.account-maintenance.com/trace?id=24d898c76c&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Protocol: HTTP/1.1
Server: 54.173.248.25 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-173-248-25.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Cookie: EXFILGUID=24d898c76c; link_clicked_24d898c76c=2; _ga=GA1.2.1433102901.1526901380; _gid=GA1.2.1079143134.1526901380; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.001841
Date: Mon, 21 May 2018 11:16:21 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0059ce99ab1ef5e53 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: 6f7f6f4420ac52a06e029a570e2e3f9d
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
citrix.account-maintenance.com/ 1 B
591 B 216ms
104ms Image
text/html 54.173.248.25
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://citrix.account-maintenance.com/trace?id=24d898c76c&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Protocol: HTTP/1.1
Server: 54.173.248.25 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-173-248-25.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Cookie: EXFILGUID=24d898c76c; link_clicked_24d898c76c=2; _ga=GA1.2.1433102901.1526901380; _gid=GA1.2.1079143134.1526901380; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002308
Date: Mon, 21 May 2018 11:16:21 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03325ecf4818a6139 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: cd1d5f3e991d9b52eb01d1f67d27ec75
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
citrix.account-maintenance.com/ 1 B
591 B 112ms
111ms Image
text/html 52.202.140.133
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://citrix.account-maintenance.com/trace?id=24d898c76c&msg=BrowserDetect%20-%20browser%20%3D%20Chrome&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Protocol: HTTP/1.1
Server: 52.202.140.133 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-202-140-133.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Cookie: EXFILGUID=24d898c76c; link_clicked_24d898c76c=2; _ga=GA1.2.1433102901.1526901380; _gid=GA1.2.1079143134.1526901380; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002843
Date: Mon, 21 May 2018 11:16:21 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0059ce99ab1ef5e53 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: 1d2b52d444de05f4c84985bb7bd48a65
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
citrix.account-maintenance.com/ 1 B
591 B 110ms
109ms Image
text/html 52.202.140.133
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://citrix.account-maintenance.com/trace?id=24d898c76c&msg=BrowserDetect%20-%20browser_version%20%3D%2066&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Protocol: HTTP/1.1
Server: 52.202.140.133 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-202-140-133.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Cookie: EXFILGUID=24d898c76c; link_clicked_24d898c76c=2; _ga=GA1.2.1433102901.1526901380; _gid=GA1.2.1079143134.1526901380; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.004203
Date: Mon, 21 May 2018 11:16:21 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03dc482c0d4393748 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: ed5d1b092dbf9e1c130308cb042589a6
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
citrix.account-maintenance.com/ 1 B
591 B 103ms
103ms Image
text/html 54.173.248.25
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://citrix.account-maintenance.com/trace?id=24d898c76c&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Protocol: HTTP/1.1
Server: 54.173.248.25 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-173-248-25.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Cookie: EXFILGUID=24d898c76c; link_clicked_24d898c76c=2; _ga=GA1.2.1433102901.1526901380; _gid=GA1.2.1079143134.1526901380; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002201
Date: Mon, 21 May 2018 11:16:21 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-09dd8c20349e9ee04 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: e9f5674b50d3fdfea3a97a629a0cc5ea
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
citrix.account-maintenance.com/ 1 B
591 B 108ms
108ms Image
text/html 52.202.140.133
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://citrix.account-maintenance.com/trace?id=24d898c76c&msg=BrowserDetect%20-%20os_version%20%3D%20&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Protocol: HTTP/1.1
Server: 52.202.140.133 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-202-140-133.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Cookie: EXFILGUID=24d898c76c; link_clicked_24d898c76c=2; _ga=GA1.2.1433102901.1526901380; _gid=GA1.2.1079143134.1526901380; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002276
Date: Mon, 21 May 2018 11:16:21 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0059ce99ab1ef5e53 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: 79a78984002cf1ad3e2f34732950ac78
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
citrix.account-maintenance.com/ 1 B
591 B 104ms
104ms Image
text/html 54.173.248.25
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://citrix.account-maintenance.com/trace?id=24d898c76c&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Protocol: HTTP/1.1
Server: 54.173.248.25 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-173-248-25.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Cookie: EXFILGUID=24d898c76c; link_clicked_24d898c76c=2; _ga=GA1.2.1433102901.1526901380; _gid=GA1.2.1079143134.1526901380; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002357
Date: Mon, 21 May 2018 11:16:21 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03dc482c0d4393748 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: 78b7c722bc7386d544551c12eece83ef
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
citrix.account-maintenance.com/ 1 B
591 B 104ms
104ms Image
text/html 54.173.248.25
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://citrix.account-maintenance.com/trace?id=24d898c76c&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Protocol: HTTP/1.1
Server: 54.173.248.25 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-173-248-25.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Cookie: EXFILGUID=24d898c76c; link_clicked_24d898c76c=2; _ga=GA1.2.1433102901.1526901380; _gid=GA1.2.1079143134.1526901380; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002167
Date: Mon, 21 May 2018 11:16:21 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03325ecf4818a6139 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: 07ed7a705bdafbf24065aa2d32954276
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
citrix.account-maintenance.com/ 1 B
591 B 107ms
106ms Image
text/html 52.202.140.133
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://citrix.account-maintenance.com/trace?id=24d898c76c&msg=BrowserDetect%20-%20width%20%3D%201600&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Protocol: HTTP/1.1
Server: 52.202.140.133 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-202-140-133.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Cookie: EXFILGUID=24d898c76c; link_clicked_24d898c76c=2; _ga=GA1.2.1433102901.1526901380; _gid=GA1.2.1079143134.1526901380; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.001648
Date: Mon, 21 May 2018 11:16:21 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-09dd8c20349e9ee04 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: edce59a55f27d1be8ec1d225642fefac
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
citrix.account-maintenance.com/ 1 B
591 B 112ms
112ms Image
text/html 52.202.140.133
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://citrix.account-maintenance.com/trace?id=24d898c76c&msg=BrowserDetect%20-%20height%20%3D%201200&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Protocol: HTTP/1.1
Server: 52.202.140.133 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-202-140-133.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Cookie: EXFILGUID=24d898c76c; link_clicked_24d898c76c=2; _ga=GA1.2.1433102901.1526901380; _gid=GA1.2.1079143134.1526901380; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002106
Date: Mon, 21 May 2018 11:16:21 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03325ecf4818a6139 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: f31726e04c6de9331f122c49d1f3cc37
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
citrix.account-maintenance.com/ 1 B
591 B 104ms
103ms Image
text/html 54.173.248.25
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://citrix.account-maintenance.com/trace?id=24d898c76c&msg=Chrome%20browser%2C%20using%20more%20detailed%20version&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Protocol: HTTP/1.1
Server: 54.173.248.25 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-173-248-25.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Cookie: EXFILGUID=24d898c76c; link_clicked_24d898c76c=2; _ga=GA1.2.1433102901.1526901380; _gid=GA1.2.1079143134.1526901380; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002374
Date: Mon, 21 May 2018 11:16:21 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0059ce99ab1ef5e53 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: 23760368122339344a3eee93c179ef8a
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
citrix.account-maintenance.com/ 1 B
591 B 108ms
107ms Image
text/html 52.202.140.133
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://citrix.account-maintenance.com/trace?id=24d898c76c&msg=Skipping%20java%20detection&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Protocol: HTTP/1.1
Server: 52.202.140.133 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-202-140-133.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Cookie: EXFILGUID=24d898c76c; link_clicked_24d898c76c=2; _ga=GA1.2.1433102901.1526901380; _gid=GA1.2.1079143134.1526901380; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002294
Date: Mon, 21 May 2018 11:16:21 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0059ce99ab1ef5e53 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: f7c19526c300968df986520797e6359e
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
citrix.account-maintenance.com/ 1 B
591 B 105ms
104ms Image
text/html 54.173.248.25
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://citrix.account-maintenance.com/trace?id=24d898c76c&msg=Skipping%20flash%20detection&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Protocol: HTTP/1.1
Server: 54.173.248.25 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-173-248-25.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Cookie: EXFILGUID=24d898c76c; link_clicked_24d898c76c=2; _ga=GA1.2.1433102901.1526901380; _gid=GA1.2.1079143134.1526901380; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002028
Date: Mon, 21 May 2018 11:16:21 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-09dd8c20349e9ee04 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: 820182eeea949da1c1b8dcc0b930f5b8
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
citrix.account-maintenance.com/ 1 B
591 B 1897ms
1897ms Image
text/html 54.173.248.25
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://citrix.account-maintenance.com/trace?id=24d898c76c&msg=Skipping%20pdf%20detection&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Protocol: HTTP/1.1
Server: 54.173.248.25 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-173-248-25.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Cookie: EXFILGUID=24d898c76c; link_clicked_24d898c76c=2; _ga=GA1.2.1433102901.1526901380; _gid=GA1.2.1079143134.1526901380; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002580
Date: Mon, 21 May 2018 11:16:23 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03dc482c0d4393748 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: 9a5273d671d9f1f002eb97b5309a4138
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
citrix.account-maintenance.com/ 1 B
591 B 108ms
107ms Image
text/html 52.202.140.133
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://citrix.account-maintenance.com/trace?id=24d898c76c&msg=Skipping%20quicktime%20detection&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Protocol: HTTP/1.1
Server: 52.202.140.133 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-202-140-133.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Cookie: EXFILGUID=24d898c76c; link_clicked_24d898c76c=2; _ga=GA1.2.1433102901.1526901380; _gid=GA1.2.1079143134.1526901380; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002049
Date: Mon, 21 May 2018 11:16:21 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03325ecf4818a6139 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: b15356bf43805f6b70192d4f5d29e31e
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
citrix.account-maintenance.com/ 1 B
591 B 110ms
109ms Image
text/html 52.202.140.133
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://citrix.account-maintenance.com/trace?id=24d898c76c&msg=Skipping%20RealPlayer%20detection&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Protocol: HTTP/1.1
Server: 52.202.140.133 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-202-140-133.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Cookie: EXFILGUID=24d898c76c; link_clicked_24d898c76c=2; _ga=GA1.2.1433102901.1526901380; _gid=GA1.2.1079143134.1526901380; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002357
Date: Mon, 21 May 2018 11:16:21 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0059ce99ab1ef5e53 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: 6e47442c5ac9390ae4fb33a888101a54
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
citrix.account-maintenance.com/ 1 B
591 B 105ms
104ms Image
text/html 54.173.248.25
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://citrix.account-maintenance.com/trace?id=24d898c76c&msg=Skipping%20Silverlight%20detection&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Protocol: HTTP/1.1
Server: 54.173.248.25 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-173-248-25.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Cookie: EXFILGUID=24d898c76c; link_clicked_24d898c76c=2; _ga=GA1.2.1433102901.1526901380; _gid=GA1.2.1079143134.1526901380; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.003327
Date: Mon, 21 May 2018 11:16:21 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-09dd8c20349e9ee04 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: 99f6d90fb8a0c4683721624897ae4666
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
citrix.account-maintenance.com/ 1 B
591 B 108ms
108ms Image
text/html 52.202.140.133
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://citrix.account-maintenance.com/trace?id=24d898c76c&msg=Skipping%20WindowsMediaPlayer%20detection&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Protocol: HTTP/1.1
Server: 52.202.140.133 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-202-140-133.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Cookie: EXFILGUID=24d898c76c; link_clicked_24d898c76c=2; _ga=GA1.2.1433102901.1526901380; _gid=GA1.2.1079143134.1526901380; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002293
Date: Mon, 21 May 2018 11:16:22 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0059ce99ab1ef5e53 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: 7dfe874dc4c3f3eeb3baa75c27c94dae
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
citrix.account-maintenance.com/ 1 B
591 B 104ms
104ms Image
text/html 54.173.248.25
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://citrix.account-maintenance.com/trace?id=24d898c76c&msg=training_page_no_browser_post&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Protocol: HTTP/1.1
Server: 54.173.248.25 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-173-248-25.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Cookie: EXFILGUID=24d898c76c; link_clicked_24d898c76c=2; _ga=GA1.2.1433102901.1526901380; _gid=GA1.2.1079143134.1526901380; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.001934
Date: Mon, 21 May 2018 11:16:22 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03325ecf4818a6139 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: 04d0510f881c86beb0fe422bad037b43
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
citrix.account-maintenance.com/ 1 B
591 B 107ms
106ms Image
text/html 52.202.140.133
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://citrix.account-maintenance.com/trace?id=24d898c76c&msg=redirect_url%20is%20undefined&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Protocol: HTTP/1.1
Server: 52.202.140.133 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-202-140-133.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
Cookie: EXFILGUID=24d898c76c; link_clicked_24d898c76c=2; _ga=GA1.2.1433102901.1526901380; _gid=GA1.2.1079143134.1526901380; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/load_training?guid=24d898c76c&correlation_id=4d3de5bf-3c12-4828-ab3b-91496d0c7efa
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.001781
Date: Mon, 21 May 2018 11:16:22 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03325ecf4818a6139 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: f5e0130ae31eeda0f044f8d1f1750db0
X-UA-Compatible: IE=Edge,chrome=1

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.account-maintenance.com/	1970-01-18 16:08:21	Name: _gat Value: 1
.account-maintenance.com/	1970-01-19 09:39:33	Name: _ga Value: GA1.2.1433102901.1526901380
.account-maintenance.com/	1970-01-18 16:09:47	Name: _gid Value: GA1.2.1079143134.1526901380
citrix.account-maintenance.com/	1969-12-31 23:59:59	Name: link_clicked_24d898c76c Value: 2
citrix.account-maintenance.com/	1969-12-31 23:59:59	Name: EXFILGUID Value: 24d898c76c

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
citrix.account-maintenance.com
d2wy8f7a9ursnm.cloudfront.net
dataentry.threatsim.com
stats.g.doubleclick.net
ts-uploads.s3.amazonaws.com
tslp.s3.amazonaws.com
www.google-analytics.com
172.217.22.10
173.194.76.157
216.58.205.234
216.58.208.46
52.202.140.133
52.85.177.55
54.173.248.25
54.231.72.11
2218bbf47b340278b7b696dbe3af4eed89edffa709c19abd6747b18147c3a675
23d8f47b88c063cb47bf331d91b0cc7ee1e4eb598cc6e4f38eeef0cc23ebd6a8
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
856c09c199b893fb0727e2a40bf6a82efb5bca8a4c297f4bc9d3026ceca4e046
9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
bae06f323013a94b766da34246d6439db4b57a1144e7b4f4c6a18848eb7a4cf8
bf56160fc2935c7b8b4731e3e834068f85fe6e72b8f40459147e84257a7f148b
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fce517e48a56b76d45fd456264b90c82aa6e9ddb578f9f36d844ace5816d9841

citrix.account-maintenance.com Open in urlscan Pro 52.202.140.133 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

66 Requests

0 %HTTPS

0 %IPv6

7 Domains

8 Subdomains

8 IPs

1 Countries

395 kBTransfer

575 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

citrix.account-maintenance.com Open in urlscan Pro
52.202.140.133 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

0 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

8
IPs

1
Countries

395 kB
Transfer

575 kB
Size

5
Cookies

66 HTTP transactions
0 data transactions