updates.corp-internal.com Open in urlscan Pro
34.224.159.233 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://updates.corp-internal.com/cd978b1feb?l=7
Effective URL:
http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Submission: On June 15 via manual (June 15th 2018, 7:17:19 pm UTC) from US

Summary HTTP 66 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 1 countries across 7 domains to perform 66 HTTP transactions. The main IP is 34.224.159.233, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is updates.corp-internal.com.

This is the only time updates.corp-internal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
41	34.224.159.233 34.224.159.233	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
12	52.73.52.153 52.73.52.153	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
2	54.231.72.195 54.231.72.195	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	13.33.51.38 13.33.51.38	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	172.217.22.74 172.217.22.74	15169 (GOOGLE) (GOOGLE - Google LLC)
1 6	172.217.18.14 172.217.18.14	15169 (GOOGLE) (GOOGLE - Google LLC)
1	64.233.167.156 64.233.167.156	15169 (GOOGLE) (GOOGLE - Google LLC)
1	216.58.214.42 216.58.214.42	15169 (GOOGLE) (GOOGLE - Google LLC)
1	52.216.102.3 52.216.102.3	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
66	9

41 34.224.159.233 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-224-159-233.compute-1.amazonaws.com

updates.corp-internal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dataentry.threatsim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 52.73.52.153 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-73-52-153.compute-1.amazonaws.com

updates.corp-internal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.231.72.195 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1-w.amazonaws.com

tslp.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.33.51.38 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-33-51-38.man50.r.cloudfront.net

d2wy8f7a9ursnm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.74 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s17-in-f74.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.18.14 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra02s19-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.167.156 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: wl-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.214.42 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s09-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.102.3 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

ts-uploads.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	corp-internal.com updates.corp-internal.com	34 KB
22	threatsim.com dataentry.threatsim.com	13 KB
6	google-analytics.com 1 redirects www.google-analytics.com	29 KB
3	amazonaws.com tslp.s3.amazonaws.com ts-uploads.s3.amazonaws.com	247 KB
2	googleapis.com ajax.googleapis.com	66 KB
2	cloudfront.net d2wy8f7a9ursnm.cloudfront.net	7 KB
1	doubleclick.net stats.g.doubleclick.net	109 B
66	7

	Domain	Requested by
31	updates.corp-internal.com	updates.corp-internal.com
22	dataentry.threatsim.com	ajax.googleapis.com updates.corp-internal.com
6	www.google-analytics.com	1 redirects updates.corp-internal.com
2	ajax.googleapis.com	updates.corp-internal.com
2	d2wy8f7a9ursnm.cloudfront.net	updates.corp-internal.com
2	tslp.s3.amazonaws.com	updates.corp-internal.com
1	ts-uploads.s3.amazonaws.com	updates.corp-internal.com
1	stats.g.doubleclick.net	updates.corp-internal.com
66	8

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Frame ID: AA0423BE1FA7845CBA982173F2254582
Requests: 66 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://updates.corp-internal.com/cd978b1feb?l=7 Page URL
http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63... Page URL

Detected technologies

Apache Traffic Server (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /ATS\/?([\d.]+)?/i

BugSnag (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /bugsnag.*\.js/i
env /^BugSnag$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js/i
env /^jQuery$/i

Page Statistics

66
Requests

0 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

9
IPs

1
Countries

395 kB
Transfer

576 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://updates.corp-internal.com/cd978b1feb?l=7 Page URL
http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 29

http://www.google-analytics.com/r/collect?v=1&_v=j68&a=1857750243&t=pageview&_s=1&dl=http%3A%2F%2Fupdates.corp-internal.com%2Fcd978b1feb%3Fl%3D7&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=753108867&gjid=664715257&cid=352806132.1529090228&tid=UA-83403-17&_gid=1931007056.1529090228&_r=1&z=1400529535 HTTP 307
https://www.google-analytics.com/r/collect?v=1&_v=j68&a=1857750243&t=pageview&_s=1&dl=http%3A%2F%2Fupdates.corp-internal.com%2Fcd978b1feb%3Fl%3D7&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=753108867&gjid=664715257&cid=352806132.1529090228&tid=UA-83403-17&_gid=1931007056.1529090228&_r=1&z=1400529535 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-83403-17&cid=352806132.1529090228&jid=753108867&_gid=1931007056.1529090228&gjid=664715257&_v=j68&z=1400529535

Request Chain 30

http://www.google-analytics.com/collect?v=1&_v=j68&a=1857750243&t=pageview&_s=2&dl=http%3A%2F%2Fupdates.corp-internal.com%2Fcd978b1feb%3Fl%3D7&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=&gjid=&cid=352806132.1529090228&uid=cd978b1feb&tid=UA-83403-17&_gid=1931007056.1529090228&z=1233413564 HTTP 307
https://www.google-analytics.com/collect?v=1&_v=j68&a=1857750243&t=pageview&_s=2&dl=http%3A%2F%2Fupdates.corp-internal.com%2Fcd978b1feb%3Fl%3D7&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=&gjid=&cid=352806132.1529090228&uid=cd978b1feb&tid=UA-83403-17&_gid=1931007056.1529090228&z=1233413564

Request Chain 38

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 39

http://www.google-analytics.com/collect?v=1&_v=j68&a=2138201604&t=pageview&_s=1&dl=http%3A%2F%2Fupdates.corp-internal.com%2Fload_training%3Fguid%3Dcd978b1feb%26correlation_id%3D2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=AACAAEAB~&jid=&gjid=&cid=352806132.1529090228&tid=UA-83403-17&_gid=1931007056.1529090228&z=2014259790 HTTP 307
https://www.google-analytics.com/collect?v=1&_v=j68&a=2138201604&t=pageview&_s=1&dl=http%3A%2F%2Fupdates.corp-internal.com%2Fload_training%3Fguid%3Dcd978b1feb%26correlation_id%3D2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=AACAAEAB~&jid=&gjid=&cid=352806132.1529090228&tid=UA-83403-17&_gid=1931007056.1529090228&z=2014259790

Request Chain 43

http://www.google-analytics.com/collect?v=1&_v=j68&a=2138201604&t=pageview&_s=2&dl=http%3A%2F%2Fupdates.corp-internal.com%2Fload_training%3Fguid%3Dcd978b1feb%26correlation_id%3D2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=SACAAEAB~&jid=&gjid=&cid=352806132.1529090228&tid=UA-83403-17&_gid=1931007056.1529090228&z=387754949 HTTP 307
https://www.google-analytics.com/collect?v=1&_v=j68&a=2138201604&t=pageview&_s=2&dl=http%3A%2F%2Fupdates.corp-internal.com%2Fload_training%3Fguid%3Dcd978b1feb%26correlation_id%3D2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=SACAAEAB~&jid=&gjid=&cid=352806132.1529090228&tid=UA-83403-17&_gid=1931007056.1529090228&z=387754949

66 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set cd978b1feb Show response
updates.corp-internal.com/ 3 KB
2 KB 218ms
111ms Document
text/html 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://updates.corp-internal.com/cd978b1feb?l=7
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: cc0b4dddcf88f2e7857ff38f9c321091995656596821f4122b63061e7719905d

Request headers

Host: updates.corp-internal.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: AA0423BE1FA7845CBA982173F2254582

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Fri, 15 Jun 2018 19:17:07 GMT
ETag: W/"539d64caa66ec108510efb4ab260c29d"
Server: ThreatSim-Web-Server
Set-Cookie: EXFILGUID=cd978b1feb; path=/ link_clicked_cd978b1feb=1; path=/
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-03325ecf4818a6139 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: 0424664a15026345519876d9ec6bc982
X-Runtime: 0.016061
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 926
Connection: keep-alive

GET
H/1.1 200
OK Cookie set alt_pixel_click_cd978b1feb.gif
updates.corp-internal.com/ 1 B
680 B 206ms
106ms Image
image/gif 52.73.52.153
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://updates.corp-internal.com:49152/alt_pixel_click_cd978b1feb.gif?correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Requested by: Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/cd978b1feb?l=7
Protocol: HTTP/1.1
Server: 52.73.52.153 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-73-52-153.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: updates.corp-internal.com:49152
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://updates.corp-internal.com/cd978b1feb?l=7
Cookie: EXFILGUID=cd978b1feb; link_clicked_cd978b1feb=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://updates.corp-internal.com/cd978b1feb?l=7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Fri, 15 Jun 2018 19:17:07 GMT
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 21
X-Request-Id: 04899611574fff5804e3bffeeee2ec78
X-UA-Compatible: IE=Edge,chrome=1
X-Runtime: 0.004497
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03325ecf4818a6139 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: image/gif; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Set-Cookie: EXFILGUID=cd978b1feb; path=/ link_clicked_cd978b1feb=2; path=/
X-Rack-Cache: miss

GET
H/1.1 200
OK plugin_detect.js Show response
tslp.s3.amazonaws.com/detect/ 49 KB
49 KB 441ms
123ms Script
text/javascript 54.231.72.195
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Requested by: Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/cd978b1feb?l=7
Protocol: HTTP/1.1
Server: 54.231.72.195 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a

Request headers

Referer: http://updates.corp-internal.com/cd978b1feb?l=7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Fri, 15 Jun 2018 19:17:08 GMT
Last-Modified: Wed, 15 Feb 2017 17:56:07 GMT
Server: AmazonS3
x-amz-request-id: 41E6DEEB2182C699
ETag: "00a513f07603df01e3b99be00f370754"
Content-Type: text/javascript
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 50085
x-amz-id-2: 7dCYARsfw2izgSd2sSpSDfrA/Wci+RYolkBSyRgazvVcd+8mTJSG8QcoERNY9iuhzZ8KQT1zYd0=

GET
H/1.1 200
OK bugsnag-2.min.js Show response
d2wy8f7a9ursnm.cloudfront.net/ 6 KB
3 KB 69ms
28ms Script
application/javascript 13.33.51.38
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
Requested by: Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/cd978b1feb?l=7
Protocol: HTTP/1.1
Server: 13.33.51.38 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-33-51-38.man50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc

Request headers

Referer: http://updates.corp-internal.com/cd978b1feb?l=7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 22 Nov 2017 07:20:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Aug 2016 00:30:49 GMT
Server: AmazonS3
Age: 106431
ETag: "6103bb5e4ec6141e19e1100caafc780c"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 282946522acce7b10d0ed4a6134ed3d6.cloudfront.net (CloudFront)
Cache-Control: public, max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2962
X-Amz-Cf-Id: y_lstL3QYNmu8eM4Bt5tn8fWf-ExTGlRYgSXK9Chhuua0VHa4bW3bg==

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ 90 KB
33 KB 12ms
6ms Script
text/javascript 172.217.22.74
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

Requested by

Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/cd978b1feb?l=7

Protocol

HTTP/1.1

Server

172.217.22.74 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s17-in-f74.1e100.net

Software

sffe /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://updates.corp-internal.com/cd978b1feb?l=7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 09 May 2018 15:54:47 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
Server: sffe
Age: 3208940
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 33018
X-XSS-Protection: 1; mode=block
Expires: Thu, 09 May 2019 15:54:47 GMT

GET
H/1.1 200
OK google-tracking.js Show response
updates.corp-internal.com/assets/ 455 B
707 B 99ms
98ms Script
application/javascript 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://updates.corp-internal.com/assets/google-tracking.js?g=cd978b1feb
Requested by: Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/cd978b1feb?l=7
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: fce517e48a56b76d45fd456264b90c82aa6e9ddb578f9f36d844ace5816d9841

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: updates.corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: */*
Referer: http://updates.corp-internal.com/cd978b1feb?l=7
Cookie: EXFILGUID=cd978b1feb; link_clicked_cd978b1feb=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://updates.corp-internal.com/cd978b1feb?l=7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Fri, 15 Jun 2018 19:17:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 May 2018 18:26:37 GMT
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000 public
Connection: keep-alive
Content-Length: 316
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK all.js Show response
updates.corp-internal.com/assets/ 28 KB
7 KB 197ms
98ms Script
application/javascript 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://updates.corp-internal.com/assets/all.js?g=cd978b1feb
Requested by: Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/cd978b1feb?l=7
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: bae06f323013a94b766da34246d6439db4b57a1144e7b4f4c6a18848eb7a4cf8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: updates.corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: */*
Referer: http://updates.corp-internal.com/cd978b1feb?l=7
Cookie: EXFILGUID=cd978b1feb; link_clicked_cd978b1feb=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://updates.corp-internal.com/cd978b1feb?l=7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Fri, 15 Jun 2018 19:17:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 May 2018 18:26:37 GMT
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000 public
Connection: keep-alive
Content-Length: 7149
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
S

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

34 KB
14 KB

6ms
4ms

Script
text/javascript

172.217.18.14
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/cd978b1feb?l=7

Protocol

SPDY

Server

172.217.18.14 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra02s19-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://updates.corp-internal.com/cd978b1feb?l=7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 18 May 2018 01:10:24 GMT
server: Golfe2
age: 1261
date: Fri, 15 Jun 2018 18:56:07 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 14386
expires: Fri, 15 Jun 2018 20:56:07 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

POST
H/1.1 200
OK browser_post Show response
dataentry.threatsim.com/secure/ 1 B
603 B 449ms
109ms XHR
image/gif 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://dataentry.threatsim.com/secure/browser_post
Requested by: Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Accept: */*
Referer: http://updates.corp-internal.com/cd978b1feb?l=7
Origin: http://updates.corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

X-Runtime: 0.007785
Date: Fri, 15 Jun 2018 19:17:08 GMT
Content-Encoding: gzip
X-Rack-Cache: invalidate, pass
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03325ecf4818a6139, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: image/gif; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: e9ca9c8050dee8b3d877ff2381586251
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 419ms
98ms Image
text/html 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=cd978b1feb&msg=BrowserDetect%20-%20localStorage%20%3D%20false&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Requested by: Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/cd978b1feb?l=7
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://updates.corp-internal.com/cd978b1feb?l=7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002213
Date: Fri, 15 Jun 2018 19:17:08 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03325ecf4818a6139, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: 43ceb5440c5da5dbab807a7a930ba1f5
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 419ms
98ms Image
text/html 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=cd978b1feb&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Requested by: Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/cd978b1feb?l=7
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://updates.corp-internal.com/cd978b1feb?l=7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002457
Date: Fri, 15 Jun 2018 19:17:08 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0059ce99ab1ef5e53, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: 0f7a1b29748affda836ac4fd16e183e8
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 419ms
98ms Image
text/html 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=cd978b1feb&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Requested by: Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/cd978b1feb?l=7
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://updates.corp-internal.com/cd978b1feb?l=7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002380
Date: Fri, 15 Jun 2018 19:17:08 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03dc482c0d4393748, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: 7d03a8a2a34dfc5d751ea8592e4ef5f2
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 424ms
98ms Image
text/html 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=cd978b1feb&msg=BrowserDetect%20-%20browser%20%3D%20Chrome&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Requested by: Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/cd978b1feb?l=7
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://updates.corp-internal.com/cd978b1feb?l=7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002056
Date: Fri, 15 Jun 2018 19:17:08 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-09dd8c20349e9ee04, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: 091b949f1db0d7077ab73085399f81c6
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 435ms
102ms Image
text/html 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=cd978b1feb&msg=BrowserDetect%20-%20browser_version%20%3D%2066&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Requested by: Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/cd978b1feb?l=7
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://updates.corp-internal.com/cd978b1feb?l=7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002504
Date: Fri, 15 Jun 2018 19:17:08 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0059ce99ab1ef5e53, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: 548c5978eae43dc2eac386a246520d3c
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 99ms
98ms Image
text/html 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=cd978b1feb&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Requested by: Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/cd978b1feb?l=7
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://updates.corp-internal.com/cd978b1feb?l=7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002331
Date: Fri, 15 Jun 2018 19:17:08 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0059ce99ab1ef5e53, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: 3425684a8fdabfa422c554a270da25e6
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 98ms
97ms Image
text/html 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=cd978b1feb&msg=BrowserDetect%20-%20os_version%20%3D%20&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Requested by: Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/cd978b1feb?l=7
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://updates.corp-internal.com/cd978b1feb?l=7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.001966
Date: Fri, 15 Jun 2018 19:17:08 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03325ecf4818a6139, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: 419428689faa44da6425ea40259e32bb
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 98ms
97ms Image
text/html 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=cd978b1feb&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Requested by: Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/cd978b1feb?l=7
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://updates.corp-internal.com/cd978b1feb?l=7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002052
Date: Fri, 15 Jun 2018 19:17:08 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03dc482c0d4393748, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: 3e6900d3382691bdff742528ed56ab74
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 98ms
98ms Image
text/html 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=cd978b1feb&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Requested by: Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/cd978b1feb?l=7
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://updates.corp-internal.com/cd978b1feb?l=7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.001932
Date: Fri, 15 Jun 2018 19:17:08 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-09dd8c20349e9ee04, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: a4a8bdcef80aaf4177598257cf6adbb2
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 103ms
102ms Image
text/html 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=cd978b1feb&msg=BrowserDetect%20-%20width%20%3D%201600&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Requested by: Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/cd978b1feb?l=7
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://updates.corp-internal.com/cd978b1feb?l=7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002384
Date: Fri, 15 Jun 2018 19:17:08 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0059ce99ab1ef5e53, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: 63ed59fd22ff531922ddc4a809fd8a91
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 171ms
98ms Image
text/html 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=cd978b1feb&msg=BrowserDetect%20-%20height%20%3D%201200&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Requested by: Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/cd978b1feb?l=7
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://updates.corp-internal.com/cd978b1feb?l=7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002326
Date: Fri, 15 Jun 2018 19:17:08 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0059ce99ab1ef5e53, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: ecaca282a765635b9ea326264a3a1dc5
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 99ms
98ms Image
text/html 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=cd978b1feb&msg=Chrome%20browser%2C%20using%20more%20detailed%20version&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Requested by: Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/cd978b1feb?l=7
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://updates.corp-internal.com/cd978b1feb?l=7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002294
Date: Fri, 15 Jun 2018 19:17:08 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03dc482c0d4393748, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: 85455d2ee37e6cf2f0a831a535ff74c5
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 98ms
97ms Image
text/html 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=cd978b1feb&msg=Skipping%20java%20detection&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Requested by: Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/cd978b1feb?l=7
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://updates.corp-internal.com/cd978b1feb?l=7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002119
Date: Fri, 15 Jun 2018 19:17:08 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03325ecf4818a6139, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: 3f63d6ba039f48afa4826c6816caf78f
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 103ms
98ms Image
text/html 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=cd978b1feb&msg=Skipping%20flash%20detection&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Requested by: Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/cd978b1feb?l=7
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://updates.corp-internal.com/cd978b1feb?l=7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002075
Date: Fri, 15 Jun 2018 19:17:08 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03325ecf4818a6139, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: be2e2f3e2cee82b70a3d9c5cc3cd51ba
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 119ms
103ms Image
text/html 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=cd978b1feb&msg=Skipping%20pdf%20detection&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Requested by: Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/cd978b1feb?l=7
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://updates.corp-internal.com/cd978b1feb?l=7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002286
Date: Fri, 15 Jun 2018 19:17:08 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0059ce99ab1ef5e53, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: 9267d508f0ab96fc60e7f1eae62cf564
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 179ms
101ms Image
text/html 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=cd978b1feb&msg=Skipping%20quicktime%20detection&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Requested by: Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/cd978b1feb?l=7
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://updates.corp-internal.com/cd978b1feb?l=7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002212
Date: Fri, 15 Jun 2018 19:17:08 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0059ce99ab1ef5e53, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: 9d47620fbc84a02c27c74e8103921e8e
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 100ms
100ms Image
text/html 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=cd978b1feb&msg=Skipping%20RealPlayer%20detection&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Requested by: Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/cd978b1feb?l=7
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://updates.corp-internal.com/cd978b1feb?l=7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002069
Date: Fri, 15 Jun 2018 19:17:08 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03325ecf4818a6139, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: d95238ea1d9f1f1d6a1e25891d596798
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 101ms
101ms Image
text/html 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=cd978b1feb&msg=Skipping%20Silverlight%20detection&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Requested by: Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/cd978b1feb?l=7
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://updates.corp-internal.com/cd978b1feb?l=7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002329
Date: Fri, 15 Jun 2018 19:17:08 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03dc482c0d4393748, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: cde514148cc37041dc63ab6d1174a132
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 102ms
98ms Image
text/html 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=cd978b1feb&msg=Skipping%20WindowsMediaPlayer%20detection&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Requested by: Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/cd978b1feb?l=7
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://updates.corp-internal.com/cd978b1feb?l=7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002084
Date: Fri, 15 Jun 2018 19:17:08 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-09dd8c20349e9ee04, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: f22bf981b8c353eeff10d98ab330a33d
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 122ms
102ms Image
text/html 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=cd978b1feb&msg=redirecting%20to%20%2Fload_training%3Fguid%3Dcd978b1feb%26correlation_id%3D2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Requested by: Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/cd978b1feb?l=7
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://updates.corp-internal.com/cd978b1feb?l=7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.001997
Date: Fri, 15 Jun 2018 19:17:08 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03325ecf4818a6139, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: e23f64939bf7bc4a3e64b0d23144a894
X-UA-Compatible: IE=Edge,chrome=1

GET
S

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

http://www.google-analytics.com/r/collect?v=1&_v=j68&a=1857750243&t=pageview&_s=1&dl=http%3A%2F%2Fupdates.corp-internal.com%2Fcd978b1feb%3Fl%3D7&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x120...
https://www.google-analytics.com/r/collect?v=1&_v=j68&a=1857750243&t=pageview&_s=1&dl=http%3A%2F%2Fupdates.corp-internal.com%2Fcd978b1feb%3Fl%3D7&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x12...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-83403-17&cid=352806132.1529090228&jid=753108867&_gid=1931007056.1529090228&gjid=664715257&_v=j68&z=1400529535

35 B
109 B

15ms
15ms

Image
image/gif

64.233.167.156
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-83403-17&cid=352806132.1529090228&jid=753108867&_gid=1931007056.1529090228&gjid=664715257&_v=j68&z=1400529535

Requested by

Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/cd978b1feb?l=7

Protocol

SPDY

Server

64.233.167.156 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wl-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://updates.corp-internal.com/cd978b1feb?l=7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 15 Jun 2018 19:17:08 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 15 Jun 2018 19:17:08 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 302
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-83403-17&cid=352806132.1529090228&jid=753108867&_gid=1931007056.1529090228&gjid=664715257&_v=j68&z=1400529535
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 415
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S

200

collect
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/collect?v=1&_v=j68&a=1857750243&t=pageview&_s=2&dl=http%3A%2F%2Fupdates.corp-internal.com%2Fcd978b1feb%3Fl%3D7&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&...
https://www.google-analytics.com/collect?v=1&_v=j68&a=1857750243&t=pageview&_s=2&dl=http%3A%2F%2Fupdates.corp-internal.com%2Fcd978b1feb%3Fl%3D7&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200...

35 B
99 B

6ms
6ms

Image
image/gif

172.217.18.14
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j68&a=1857750243&t=pageview&_s=2&dl=http%3A%2F%2Fupdates.corp-internal.com%2Fcd978b1feb%3Fl%3D7&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=&gjid=&cid=352806132.1529090228&uid=cd978b1feb&tid=UA-83403-17&_gid=1931007056.1529090228&z=1233413564

Requested by

Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/cd978b1feb?l=7

Protocol

SPDY

Server

172.217.18.14 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra02s19-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://updates.corp-internal.com/cd978b1feb?l=7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Jun 2018 01:43:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 322438
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/collect?v=1&_v=j68&a=1857750243&t=pageview&_s=2&dl=http%3A%2F%2Fupdates.corp-internal.com%2Fcd978b1feb%3Fl%3D7&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=&gjid=&cid=352806132.1529090228&uid=cd978b1feb&tid=UA-83403-17&_gid=1931007056.1529090228&z=1233413564
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 175ms
98ms Image
text/html 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=cd978b1feb&msg=browser_post_successful&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Requested by: Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/cd978b1feb?l=7
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://updates.corp-internal.com/cd978b1feb?l=7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002171
Date: Fri, 15 Jun 2018 19:17:09 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03dc482c0d4393748, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: 9cfe00cf8c7c3b9331b70d0f34c70768
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK Primary Request load_training Show response
updates.corp-internal.com/ 3 KB
2 KB 109ms
109ms Document
text/html 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Requested by: Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/assets/all.js?g=cd978b1feb
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: 063033cc3ef539de81477ca4d0fa95280c01f2014b17926813bd5ca8af4dc541

Request headers

Host: updates.corp-internal.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://updates.corp-internal.com/cd978b1feb?l=7
Accept-Encoding: gzip, deflate
Cookie: EXFILGUID=cd978b1feb; link_clicked_cd978b1feb=2; _ga=GA1.2.352806132.1529090228; _gid=GA1.2.1931007056.1529090228; _gat=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: AA0423BE1FA7845CBA982173F2254582
Referer: http://updates.corp-internal.com/cd978b1feb?l=7

Response headers

Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Fri, 15 Jun 2018 19:17:09 GMT
ETag: W/"fd01fa98dee818b5b642a6a4c3041ae8"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-03325ecf4818a6139 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: 386a1404aee538f5e3da494a9682d414
X-Runtime: 0.012183
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 1039
Connection: keep-alive

GET
H/1.1 200
OK bugsnag-2.min.js Show response
d2wy8f7a9ursnm.cloudfront.net/ 6 KB
3 KB 28ms
28ms Script
application/javascript 13.33.51.38
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
Requested by: Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Protocol: HTTP/1.1
Server: 13.33.51.38 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-33-51-38.man50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc

Request headers

Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 22 Nov 2017 07:20:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Aug 2016 00:30:49 GMT
Server: AmazonS3
Age: 106433
ETag: "6103bb5e4ec6141e19e1100caafc780c"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 282946522acce7b10d0ed4a6134ed3d6.cloudfront.net (CloudFront)
Cache-Control: public, max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2962
X-Amz-Cf-Id: HlZt4AAUgdvK7xs6vKIW3ga-4KZ8WB7jvBxzR3iCYIW7uAVWt7NBHg==

GET
S 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 94 KB
33 KB 7ms
6ms Script
text/javascript 216.58.214.42
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Requested by

Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e

Protocol

SPDY

Server

216.58.214.42 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s09-in-f10.1e100.net

Software

sffe /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 09 May 2018 20:53:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3191008
status: 200
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 33576
x-xss-protection: 1; mode=block
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 May 2019 20:53:41 GMT

GET
H/1.1 200
OK plugin_detect.js Show response
tslp.s3.amazonaws.com/detect/ 49 KB
49 KB 107ms
106ms Script
text/javascript 54.231.72.195
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Requested by: Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Protocol: HTTP/1.1
Server: 54.231.72.195 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a

Request headers

Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Fri, 15 Jun 2018 19:17:10 GMT
Last-Modified: Wed, 15 Feb 2017 17:56:07 GMT
Server: AmazonS3
x-amz-request-id: 7425EEB7C84D4A47
ETag: "00a513f07603df01e3b99be00f370754"
Content-Type: text/javascript
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 50085
x-amz-id-2: CmTN8BupCSo7EnFwuCPGwJmrk6j8dUKvmx1J3yWxY+Ww4kLXSOEcNKCTTnCV44NmXIPJioQb6eY=

GET
H/1.1 200
OK phishing-link-data-entry-f7509e.PNG
ts-uploads.s3.amazonaws.com/training/production/1529/ 148 KB
149 KB 637ms
162ms Image
image/png 52.216.102.3
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ts-uploads.s3.amazonaws.com/training/production/1529/phishing-link-data-entry-f7509e.PNG
Requested by: Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Protocol: HTTP/1.1
Server: 52.216.102.3 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 23d8f47b88c063cb47bf331d91b0cc7ee1e4eb598cc6e4f38eeef0cc23ebd6a8

Request headers

Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Fri, 15 Jun 2018 19:17:11 GMT
Last-Modified: Tue, 18 Oct 2016 21:10:03 GMT
Server: AmazonS3
x-amz-request-id: 682419DA4AA9C757
ETag: "84ffe3d4facae83f05851e342ef1a966"
Content-Type: image/png
x-amz-version-id: cM5t3QDXiPyB9AUR7kMpCRPV6CBYjqTv
Accept-Ranges: bytes
Content-Length: 152016
x-amz-id-2: XLpvI7O7r3tNDA/O6V4wmx/UBtZz3rZm2hMRUZcr9ZJAtfDeYVbFvPIiPZWL4i4PUw7dzJPXjmI=

GET
H/1.1 200
OK google-tracking.js Show response
updates.corp-internal.com/assets/ 455 B
707 B 98ms
98ms Script
application/javascript 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://updates.corp-internal.com/assets/google-tracking.js?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Requested by: Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: fce517e48a56b76d45fd456264b90c82aa6e9ddb578f9f36d844ace5816d9841

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: updates.corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: */*
Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Cookie: EXFILGUID=cd978b1feb; link_clicked_cd978b1feb=2; _ga=GA1.2.352806132.1529090228; _gid=GA1.2.1931007056.1529090228; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Fri, 15 Jun 2018 19:17:09 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 May 2018 18:26:37 GMT
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000 public
Connection: keep-alive
Content-Length: 316
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK all.js Show response
updates.corp-internal.com/assets/ 28 KB
7 KB 97ms
97ms Script
application/javascript 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://updates.corp-internal.com/assets/all.js?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Requested by: Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: bae06f323013a94b766da34246d6439db4b57a1144e7b4f4c6a18848eb7a4cf8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: updates.corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: */*
Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Cookie: EXFILGUID=cd978b1feb; link_clicked_cd978b1feb=2; _ga=GA1.2.352806132.1529090228; _gid=GA1.2.1931007056.1529090228; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Fri, 15 Jun 2018 19:17:09 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 May 2018 18:26:37 GMT
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000 public
Connection: keep-alive
Content-Length: 7149
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
S

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

34 KB
14 KB

6ms
6ms

Script
text/javascript

172.217.18.14
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e

Protocol

SPDY

Server

172.217.18.14 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra02s19-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 18 May 2018 01:10:24 GMT
server: Golfe2
age: 1262
date: Fri, 15 Jun 2018 18:56:07 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 14386
expires: Fri, 15 Jun 2018 20:56:07 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
S

200

collect
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/collect?v=1&_v=j68&a=2138201604&t=pageview&_s=1&dl=http%3A%2F%2Fupdates.corp-internal.com%2Fload_training%3Fguid%3Dcd978b1feb%26correlation_id%3D2b3d95e3-84bb-42f2-a...
https://www.google-analytics.com/collect?v=1&_v=j68&a=2138201604&t=pageview&_s=1&dl=http%3A%2F%2Fupdates.corp-internal.com%2Fload_training%3Fguid%3Dcd978b1feb%26correlation_id%3D2b3d95e3-84bb-42f2-...

35 B
99 B

6ms
6ms

Image
image/gif

172.217.18.14
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j68&a=2138201604&t=pageview&_s=1&dl=http%3A%2F%2Fupdates.corp-internal.com%2Fload_training%3Fguid%3Dcd978b1feb%26correlation_id%3D2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=AACAAEAB~&jid=&gjid=&cid=352806132.1529090228&tid=UA-83403-17&_gid=1931007056.1529090228&z=2014259790

Requested by

Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e

Protocol

SPDY

Server

172.217.18.14 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra02s19-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Jun 2018 01:43:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 322439
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/collect?v=1&_v=j68&a=2138201604&t=pageview&_s=1&dl=http%3A%2F%2Fupdates.corp-internal.com%2Fload_training%3Fguid%3Dcd978b1feb%26correlation_id%3D2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=AACAAEAB~&jid=&gjid=&cid=352806132.1529090228&tid=UA-83403-17&_gid=1931007056.1529090228&z=2014259790
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK trace
updates.corp-internal.com/ 1 B
591 B 100ms
99ms Image
text/html 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://updates.corp-internal.com/trace?id=undefined&msg=window.tracking_id%20is%20not%20set%2C%20let%27s%20get%20it&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Requested by: Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: updates.corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Cookie: EXFILGUID=cd978b1feb; link_clicked_cd978b1feb=2; _ga=GA1.2.352806132.1529090228; _gid=GA1.2.1931007056.1529090228; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002372
Date: Fri, 15 Jun 2018 19:17:09 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03dc482c0d4393748 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: a85f8539fcb4440e4e6bc49a64148cd7
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
updates.corp-internal.com/ 1 B
591 B 106ms
105ms Image
text/html 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://updates.corp-internal.com/trace?id=unknown&msg=get-id%20is%20undefined&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Requested by: Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: updates.corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Cookie: EXFILGUID=cd978b1feb; link_clicked_cd978b1feb=2; _ga=GA1.2.352806132.1529090228; _gid=GA1.2.1931007056.1529090228; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.003136
Date: Fri, 15 Jun 2018 19:17:09 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0059ce99ab1ef5e53 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: 75a0650f5d610d27032a830e77eb9f2c
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
updates.corp-internal.com/ 1 B
591 B 194ms
100ms Image
text/html 52.73.52.153
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://updates.corp-internal.com/trace?id=unknown&msg=did%20not%20find%20guid%20in%20last%20part%20of%20location&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Requested by: Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Protocol: HTTP/1.1
Server: 52.73.52.153 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-73-52-153.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: updates.corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Cookie: EXFILGUID=cd978b1feb; link_clicked_cd978b1feb=2; _ga=GA1.2.352806132.1529090228; _gid=GA1.2.1931007056.1529090228; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002504
Date: Fri, 15 Jun 2018 19:17:09 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0059ce99ab1ef5e53 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: 008346de365f175b91c7df9bc3ebc6dd
X-UA-Compatible: IE=Edge,chrome=1

GET
S

200

collect
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/collect?v=1&_v=j68&a=2138201604&t=pageview&_s=2&dl=http%3A%2F%2Fupdates.corp-internal.com%2Fload_training%3Fguid%3Dcd978b1feb%26correlation_id%3D2b3d95e3-84bb-42f2-a...
https://www.google-analytics.com/collect?v=1&_v=j68&a=2138201604&t=pageview&_s=2&dl=http%3A%2F%2Fupdates.corp-internal.com%2Fload_training%3Fguid%3Dcd978b1feb%26correlation_id%3D2b3d95e3-84bb-42f2-...

35 B
93 B

6ms
6ms

Image
image/gif

172.217.18.14
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j68&a=2138201604&t=pageview&_s=2&dl=http%3A%2F%2Fupdates.corp-internal.com%2Fload_training%3Fguid%3Dcd978b1feb%26correlation_id%3D2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=SACAAEAB~&jid=&gjid=&cid=352806132.1529090228&tid=UA-83403-17&_gid=1931007056.1529090228&z=387754949

Requested by

Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e

Protocol

SPDY

Server

172.217.18.14 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra02s19-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Jun 2018 01:43:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 322439
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/collect?v=1&_v=j68&a=2138201604&t=pageview&_s=2&dl=http%3A%2F%2Fupdates.corp-internal.com%2Fload_training%3Fguid%3Dcd978b1feb%26correlation_id%3D2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=SACAAEAB~&jid=&gjid=&cid=352806132.1529090228&tid=UA-83403-17&_gid=1931007056.1529090228&z=387754949
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK trace
updates.corp-internal.com/ 1 B
591 B 192ms
97ms Image
text/html 52.73.52.153
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://updates.corp-internal.com/trace?id=cd978b1feb&msg=BrowserDetect%20-%20localStorage%20%3D%20false&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Requested by: Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Protocol: HTTP/1.1
Server: 52.73.52.153 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-73-52-153.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: updates.corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Cookie: EXFILGUID=cd978b1feb; link_clicked_cd978b1feb=2; _ga=GA1.2.352806132.1529090228; _gid=GA1.2.1931007056.1529090228; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002239
Date: Fri, 15 Jun 2018 19:17:09 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03dc482c0d4393748 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: 5bcea755a0d835b75add2015f5a988ad
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
updates.corp-internal.com/ 1 B
591 B 196ms
99ms Image
text/html 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://updates.corp-internal.com/trace?id=cd978b1feb&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Requested by: Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: updates.corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Cookie: EXFILGUID=cd978b1feb; link_clicked_cd978b1feb=2; _ga=GA1.2.352806132.1529090228; _gid=GA1.2.1931007056.1529090228; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002365
Date: Fri, 15 Jun 2018 19:17:09 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03325ecf4818a6139 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: 305f3cf2b8622db80e25c7773c8ab150
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
updates.corp-internal.com/ 1 B
591 B 200ms
102ms Image
text/html 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://updates.corp-internal.com/trace?id=cd978b1feb&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Requested by: Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: updates.corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Cookie: EXFILGUID=cd978b1feb; link_clicked_cd978b1feb=2; _ga=GA1.2.352806132.1529090228; _gid=GA1.2.1931007056.1529090228; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002249
Date: Fri, 15 Jun 2018 19:17:09 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-09dd8c20349e9ee04 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: cbddbe784d575218e77420f1438faba0
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
updates.corp-internal.com/ 1 B
591 B 110ms
105ms Image
text/html 52.73.52.153
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://updates.corp-internal.com/trace?id=cd978b1feb&msg=BrowserDetect%20-%20browser%20%3D%20Chrome&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Requested by: Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Protocol: HTTP/1.1
Server: 52.73.52.153 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-73-52-153.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: updates.corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Cookie: EXFILGUID=cd978b1feb; link_clicked_cd978b1feb=2; _ga=GA1.2.352806132.1529090228; _gid=GA1.2.1931007056.1529090228; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.001961
Date: Fri, 15 Jun 2018 19:17:09 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-09dd8c20349e9ee04 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: bfe2cfbff36704688baae30040a80eb8
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
updates.corp-internal.com/ 1 B
591 B 103ms
102ms Image
text/html 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://updates.corp-internal.com/trace?id=cd978b1feb&msg=BrowserDetect%20-%20browser_version%20%3D%2066&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Requested by: Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: updates.corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Cookie: EXFILGUID=cd978b1feb; link_clicked_cd978b1feb=2; _ga=GA1.2.352806132.1529090228; _gid=GA1.2.1931007056.1529090228; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.001754
Date: Fri, 15 Jun 2018 19:17:09 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0059ce99ab1ef5e53 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: c1ebdc03f0d0689a15dadcdf63ec6a53
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
updates.corp-internal.com/ 1 B
591 B 98ms
98ms Image
text/html 52.73.52.153
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://updates.corp-internal.com/trace?id=cd978b1feb&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Requested by: Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Protocol: HTTP/1.1
Server: 52.73.52.153 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-73-52-153.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: updates.corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Cookie: EXFILGUID=cd978b1feb; link_clicked_cd978b1feb=2; _ga=GA1.2.352806132.1529090228; _gid=GA1.2.1931007056.1529090228; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002189
Date: Fri, 15 Jun 2018 19:17:09 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03dc482c0d4393748 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: 5f91b414cb2c01c4bf7e4072cde7a3f0
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
updates.corp-internal.com/ 1 B
591 B 98ms
98ms Image
text/html 52.73.52.153
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://updates.corp-internal.com/trace?id=cd978b1feb&msg=BrowserDetect%20-%20os_version%20%3D%20&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Requested by: Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Protocol: HTTP/1.1
Server: 52.73.52.153 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-73-52-153.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: updates.corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Cookie: EXFILGUID=cd978b1feb; link_clicked_cd978b1feb=2; _ga=GA1.2.352806132.1529090228; _gid=GA1.2.1931007056.1529090228; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002139
Date: Fri, 15 Jun 2018 19:17:09 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-09dd8c20349e9ee04 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: 40ce4616046215be0a08d4cc52cbd7ae
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
updates.corp-internal.com/ 1 B
591 B 98ms
97ms Image
text/html 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://updates.corp-internal.com/trace?id=cd978b1feb&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Requested by: Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: updates.corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Cookie: EXFILGUID=cd978b1feb; link_clicked_cd978b1feb=2; _ga=GA1.2.352806132.1529090228; _gid=GA1.2.1931007056.1529090228; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002378
Date: Fri, 15 Jun 2018 19:17:09 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03325ecf4818a6139 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: c567fa77b40aa9e96247d1e329f5610f
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
updates.corp-internal.com/ 1 B
591 B 103ms
102ms Image
text/html 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://updates.corp-internal.com/trace?id=cd978b1feb&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Requested by: Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: updates.corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Cookie: EXFILGUID=cd978b1feb; link_clicked_cd978b1feb=2; _ga=GA1.2.352806132.1529090228; _gid=GA1.2.1931007056.1529090228; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002531
Date: Fri, 15 Jun 2018 19:17:09 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0059ce99ab1ef5e53 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: ba8c74be915b1d6e718d9f4f7f59a16d
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
updates.corp-internal.com/ 1 B
591 B 104ms
103ms Image
text/html 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://updates.corp-internal.com/trace?id=cd978b1feb&msg=BrowserDetect%20-%20width%20%3D%201600&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Requested by: Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: updates.corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Cookie: EXFILGUID=cd978b1feb; link_clicked_cd978b1feb=2; _ga=GA1.2.352806132.1529090228; _gid=GA1.2.1931007056.1529090228; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002217
Date: Fri, 15 Jun 2018 19:17:09 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03325ecf4818a6139 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: e1bdaad6114ca567a218f75a6448743f
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
updates.corp-internal.com/ 1 B
591 B 105ms
104ms Image
text/html 52.73.52.153
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://updates.corp-internal.com/trace?id=cd978b1feb&msg=BrowserDetect%20-%20height%20%3D%201200&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Requested by: Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Protocol: HTTP/1.1
Server: 52.73.52.153 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-73-52-153.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: updates.corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Cookie: EXFILGUID=cd978b1feb; link_clicked_cd978b1feb=2; _ga=GA1.2.352806132.1529090228; _gid=GA1.2.1931007056.1529090228; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.001852
Date: Fri, 15 Jun 2018 19:17:09 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0059ce99ab1ef5e53 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: e42e42cb38b1928a1545b46cefcfdb3c
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
updates.corp-internal.com/ 1 B
591 B 100ms
98ms Image
text/html 52.73.52.153
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://updates.corp-internal.com/trace?id=cd978b1feb&msg=Chrome%20browser%2C%20using%20more%20detailed%20version&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Requested by: Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Protocol: HTTP/1.1
Server: 52.73.52.153 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-73-52-153.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: updates.corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Cookie: EXFILGUID=cd978b1feb; link_clicked_cd978b1feb=2; _ga=GA1.2.352806132.1529090228; _gid=GA1.2.1931007056.1529090228; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002402
Date: Fri, 15 Jun 2018 19:17:09 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03dc482c0d4393748 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: e37a82f12bb2ad7889d594b12a6666b2
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
updates.corp-internal.com/ 1 B
591 B 98ms
97ms Image
text/html 52.73.52.153
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://updates.corp-internal.com/trace?id=cd978b1feb&msg=Skipping%20java%20detection&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Requested by: Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Protocol: HTTP/1.1
Server: 52.73.52.153 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-73-52-153.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: updates.corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Cookie: EXFILGUID=cd978b1feb; link_clicked_cd978b1feb=2; _ga=GA1.2.352806132.1529090228; _gid=GA1.2.1931007056.1529090228; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.001813
Date: Fri, 15 Jun 2018 19:17:09 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-09dd8c20349e9ee04 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: 37ead1fcc5e79720ecf53341f1a88255
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
updates.corp-internal.com/ 1 B
591 B 99ms
98ms Image
text/html 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://updates.corp-internal.com/trace?id=cd978b1feb&msg=Skipping%20flash%20detection&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Requested by: Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: updates.corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Cookie: EXFILGUID=cd978b1feb; link_clicked_cd978b1feb=2; _ga=GA1.2.352806132.1529090228; _gid=GA1.2.1931007056.1529090228; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002146
Date: Fri, 15 Jun 2018 19:17:09 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-09dd8c20349e9ee04 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: 2e1ba92ec880b341ca8da556d5c48428
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
updates.corp-internal.com/ 1 B
591 B 102ms
102ms Image
text/html 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://updates.corp-internal.com/trace?id=cd978b1feb&msg=Skipping%20pdf%20detection&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Requested by: Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: updates.corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Cookie: EXFILGUID=cd978b1feb; link_clicked_cd978b1feb=2; _ga=GA1.2.352806132.1529090228; _gid=GA1.2.1931007056.1529090228; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.001919
Date: Fri, 15 Jun 2018 19:17:09 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03dc482c0d4393748 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: 1c9e3ea58f1172786d9e8bc5edd6e0af
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
updates.corp-internal.com/ 1 B
591 B 104ms
103ms Image
text/html 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://updates.corp-internal.com/trace?id=cd978b1feb&msg=Skipping%20quicktime%20detection&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Requested by: Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: updates.corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Cookie: EXFILGUID=cd978b1feb; link_clicked_cd978b1feb=2; _ga=GA1.2.352806132.1529090228; _gid=GA1.2.1931007056.1529090228; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002214
Date: Fri, 15 Jun 2018 19:17:09 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03325ecf4818a6139 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: f3fe166b82c5e34ae7157b4dcf41c9b0
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
updates.corp-internal.com/ 1 B
591 B 105ms
104ms Image
text/html 52.73.52.153
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://updates.corp-internal.com/trace?id=cd978b1feb&msg=Skipping%20RealPlayer%20detection&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Requested by: Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Protocol: HTTP/1.1
Server: 52.73.52.153 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-73-52-153.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: updates.corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Cookie: EXFILGUID=cd978b1feb; link_clicked_cd978b1feb=2; _ga=GA1.2.352806132.1529090228; _gid=GA1.2.1931007056.1529090228; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.001761
Date: Fri, 15 Jun 2018 19:17:09 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03dc482c0d4393748 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: 0c9614bf14c8b9ed534614336212047c
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
updates.corp-internal.com/ 1 B
591 B 98ms
98ms Image
text/html 52.73.52.153
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://updates.corp-internal.com/trace?id=cd978b1feb&msg=Skipping%20Silverlight%20detection&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Requested by: Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Protocol: HTTP/1.1
Server: 52.73.52.153 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-73-52-153.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: updates.corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Cookie: EXFILGUID=cd978b1feb; link_clicked_cd978b1feb=2; _ga=GA1.2.352806132.1529090228; _gid=GA1.2.1931007056.1529090228; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.001863
Date: Fri, 15 Jun 2018 19:17:10 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-09dd8c20349e9ee04 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: a466212e3eb4853c784a3afb49b12a73
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
updates.corp-internal.com/ 1 B
591 B 99ms
98ms Image
text/html 52.73.52.153
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://updates.corp-internal.com/trace?id=cd978b1feb&msg=Skipping%20WindowsMediaPlayer%20detection&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Requested by: Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Protocol: HTTP/1.1
Server: 52.73.52.153 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-73-52-153.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: updates.corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Cookie: EXFILGUID=cd978b1feb; link_clicked_cd978b1feb=2; _ga=GA1.2.352806132.1529090228; _gid=GA1.2.1931007056.1529090228; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002706
Date: Fri, 15 Jun 2018 19:17:10 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0059ce99ab1ef5e53 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: 3ad14c326688e2f95cc18a26e1f4006e
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
updates.corp-internal.com/ 1 B
591 B 102ms
101ms Image
text/html 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://updates.corp-internal.com/trace?id=cd978b1feb&msg=training_page_no_browser_post&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Requested by: Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: updates.corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Cookie: EXFILGUID=cd978b1feb; link_clicked_cd978b1feb=2; _ga=GA1.2.352806132.1529090228; _gid=GA1.2.1931007056.1529090228; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.001646
Date: Fri, 15 Jun 2018 19:17:10 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-09dd8c20349e9ee04 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: 9688b8e8321b52dce633669e62a5e1ae
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
updates.corp-internal.com/ 1 B
591 B 103ms
102ms Image
text/html 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://updates.corp-internal.com/trace?id=cd978b1feb&msg=redirect_url%20is%20undefined&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Requested by: Host: updates.corp-internal.com
URL: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: updates.corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
Cookie: EXFILGUID=cd978b1feb; link_clicked_cd978b1feb=2; _ga=GA1.2.352806132.1529090228; _gid=GA1.2.1931007056.1529090228; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://updates.corp-internal.com/load_training?guid=cd978b1feb&correlation_id=2b3d95e3-84bb-42f2-a372-f1b8a63c1b4e
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002545
Date: Fri, 15 Jun 2018 19:17:10 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03dc482c0d4393748 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: ed57e4995ab7e68e8cc5383e9f178a87
X-UA-Compatible: IE=Edge,chrome=1

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.corp-internal.com/	1970-01-18 16:44:50	Name: _gat Value: 1
.corp-internal.com/	1970-01-19 10:16:02	Name: _ga Value: GA1.2.352806132.1529090228
updates.corp-internal.com/	1969-12-31 23:59:59	Name: link_clicked_cd978b1feb Value: 2
.corp-internal.com/	1970-01-18 16:46:16	Name: _gid Value: GA1.2.1931007056.1529090228
updates.corp-internal.com/	1969-12-31 23:59:59	Name: EXFILGUID Value: cd978b1feb

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
d2wy8f7a9ursnm.cloudfront.net
dataentry.threatsim.com
stats.g.doubleclick.net
ts-uploads.s3.amazonaws.com
tslp.s3.amazonaws.com
updates.corp-internal.com
www.google-analytics.com
13.33.51.38
172.217.18.14
172.217.22.74
216.58.214.42
34.224.159.233
52.216.102.3
52.73.52.153
54.231.72.195
64.233.167.156
063033cc3ef539de81477ca4d0fa95280c01f2014b17926813bd5ca8af4dc541
23d8f47b88c063cb47bf331d91b0cc7ee1e4eb598cc6e4f38eeef0cc23ebd6a8
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
bae06f323013a94b766da34246d6439db4b57a1144e7b4f4c6a18848eb7a4cf8
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
cc0b4dddcf88f2e7857ff38f9c321091995656596821f4122b63061e7719905d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fce517e48a56b76d45fd456264b90c82aa6e9ddb578f9f36d844ace5816d9841

updates.corp-internal.com Open in urlscan Pro 34.224.159.233 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

66 Requests

0 %HTTPS

0 %IPv6

7 Domains

8 Subdomains

9 IPs

1 Countries

395 kBTransfer

576 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

updates.corp-internal.com Open in urlscan Pro
34.224.159.233 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

0 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

9
IPs

1
Countries

395 kB
Transfer

576 kB
Size

5
Cookies

66 HTTP transactions
0 data transactions