meddeviceupdates.breaking-news-now.com Open in urlscan Pro
54.84.24.164 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7
Effective URL:
http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
Submission: On August 21 via manual (August 21st 2018, 7:28:43 am UTC) from US

Summary HTTP 83 Redirects Behaviour Indicators

Summary

This website contacted 16 IPs in 3 countries across 9 domains to perform 83 HTTP transactions. The main IP is 54.84.24.164, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is meddeviceupdates.breaking-news-now.com.

This is the only time meddeviceupdates.breaking-news-now.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	54.84.24.164 54.84.24.164	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
2	52.216.165.115 52.216.165.115	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	52.85.182.131 52.85.182.131	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1 6	2a00:1450:400... 2a00:1450:4001:81a::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
33	34.202.118.251 34.202.118.251	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:818::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	52.216.16.8 52.216.16.8	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
8	151.101.14.110 151.101.14.110	54113 (FASTLY) (FASTLY - Fastly)
2	151.101.114.110 151.101.114.110	54113 (FASTLY) (FASTLY - Fastly)
1	2.16.186.26 2.16.186.26	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	93.184.221.133 93.184.221.133	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
2	54.213.59.188 54.213.59.188	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	54.201.248.127 54.201.248.127	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
83	16

20 54.84.24.164 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-84-24-164.compute-1.amazonaws.com

meddeviceupdates.breaking-news-now.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.216.165.115 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

tslp.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.85.182.131 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-85-182-131.fra50.r.cloudfront.net

d2wy8f7a9ursnm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81a::200e (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 34.202.118.251 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-202-118-251.compute-1.amazonaws.com

dataentry.threatsim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
meddeviceupdates.breaking-news-now.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.16.8 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1-w.amazonaws.com

ts-uploads.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.14.110 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.110 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fast.wistia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.26 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-26.deploy.static.akamaitechnologies.com

embed.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 93.184.221.133 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

embed-e.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.213.59.188 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-213-59-188.us-west-2.compute.amazonaws.com

distillery.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.201.248.127 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-201-248-127.us-west-2.compute.amazonaws.com

pipedream.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	breaking-news-now.com meddeviceupdates.breaking-news-now.com	37 KB
22	threatsim.com dataentry.threatsim.com	14 KB
15	wistia.com fast.wistia.com embed.wistia.com embed-e.wistia.com distillery.wistia.com pipedream.wistia.com	1 MB
6	google-analytics.com 1 redirects www.google-analytics.com	29 KB
3	googleapis.com ajax.googleapis.com	95 KB
3	amazonaws.com tslp.s3.amazonaws.com ts-uploads.s3.amazonaws.com	134 KB
2	cloudfront.net d2wy8f7a9ursnm.cloudfront.net	7 KB
1	wistia.net fast.wistia.net	3 KB
1	doubleclick.net stats.g.doubleclick.net	136 B
83	9

	Domain	Requested by
31	meddeviceupdates.breaking-news-now.com	meddeviceupdates.breaking-news-now.com
22	dataentry.threatsim.com	ajax.googleapis.com meddeviceupdates.breaking-news-now.com
9	fast.wistia.com	meddeviceupdates.breaking-news-now.com fast.wistia.com
6	www.google-analytics.com	1 redirects meddeviceupdates.breaking-news-now.com
3	ajax.googleapis.com	meddeviceupdates.breaking-news-now.com
2	distillery.wistia.com	fast.wistia.com
2	embed-e.wistia.com	fast.wistia.com
2	d2wy8f7a9ursnm.cloudfront.net	meddeviceupdates.breaking-news-now.com
2	tslp.s3.amazonaws.com	meddeviceupdates.breaking-news-now.com
1	pipedream.wistia.com	fast.wistia.com
1	fast.wistia.net
1	embed.wistia.com	meddeviceupdates.breaking-news-now.com
1	ts-uploads.s3.amazonaws.com	meddeviceupdates.breaking-news-now.com
1	stats.g.doubleclick.net	meddeviceupdates.breaking-news-now.com
83	14

This site contains no links.

Subject Issuer	Validity	Valid
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2017-09-22` - `2019-01-03`	a year	crt.sh
*.google-analytics.com Google Internet Authority G3	`2018-08-07` - `2018-10-16`	2 months	crt.sh
*.threatsim.com COMODO RSA Domain Validation Secure Server CA	`2018-07-11` - `2020-07-25`	2 years	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2018-08-07` - `2018-10-16`	2 months	crt.sh
*.googleapis.com Google Internet Authority G3	`2018-08-07` - `2018-10-16`	2 months	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2018-08-08` - `2019-04-14`	8 months	crt.sh

This page contains 1 frames:

Primary Page: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
Frame ID: 0BB9037AE220FDEDD94281B23C2C7CB5
Requests: 87 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7 Page URL
http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf4... Page URL

Detected technologies

Apache Traffic Server (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /ATS\/?([\d.]+)?/i

BugSnag (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /bugsnag.*\.js/i
env /^BugSnag$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js/i
env /^jQuery$/i

Page Statistics

83
Requests

48 %
HTTPS

27 %
IPv6

9
Domains

14
Subdomains

16
IPs

3
Countries

1545 kB
Transfer

5872 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7 Page URL
http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 29

http://www.google-analytics.com/r/collect?v=1&_v=j68&a=1295089941&t=pageview&_s=1&dl=http%3A%2F%2Fmeddeviceupdates.breaking-news-now.com%2F9bcf44011f%3Fl%3D7&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=2110637742&gjid=889815287&cid=918302295.1534836512&tid=UA-83403-17&_gid=1063317120.1534836512&_r=1&z=606333934 HTTP 307
https://www.google-analytics.com/r/collect?v=1&_v=j68&a=1295089941&t=pageview&_s=1&dl=http%3A%2F%2Fmeddeviceupdates.breaking-news-now.com%2F9bcf44011f%3Fl%3D7&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=2110637742&gjid=889815287&cid=918302295.1534836512&tid=UA-83403-17&_gid=1063317120.1534836512&_r=1&z=606333934 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-83403-17&cid=918302295.1534836512&jid=2110637742&_gid=1063317120.1534836512&gjid=889815287&_v=j68&z=606333934

Request Chain 30

http://www.google-analytics.com/collect?v=1&_v=j68&a=1295089941&t=pageview&_s=2&dl=http%3A%2F%2Fmeddeviceupdates.breaking-news-now.com%2F9bcf44011f%3Fl%3D7&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=&gjid=&cid=918302295.1534836512&uid=9bcf44011f&tid=UA-83403-17&_gid=1063317120.1534836512&z=914205941 HTTP 307
https://www.google-analytics.com/collect?v=1&_v=j68&a=1295089941&t=pageview&_s=2&dl=http%3A%2F%2Fmeddeviceupdates.breaking-news-now.com%2F9bcf44011f%3Fl%3D7&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=&gjid=&cid=918302295.1534836512&uid=9bcf44011f&tid=UA-83403-17&_gid=1063317120.1534836512&z=914205941

Request Chain 42

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 67

http://www.google-analytics.com/collect?v=1&_v=j68&a=1475958155&t=pageview&_s=1&dl=http%3A%2F%2Fmeddeviceupdates.breaking-news-now.com%2Fload_training%3Fguid%3D9bcf44011f%26correlation_id%3D95ea9962-54d2-47c4-9c3b-e7febf44424c&ul=en-us&de=UTF-8&dt=You%27ve%20been%20phished!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=AACAAEAB~&jid=&gjid=&cid=918302295.1534836512&tid=UA-83403-17&_gid=1063317120.1534836512&z=772596921 HTTP 307
https://www.google-analytics.com/collect?v=1&_v=j68&a=1475958155&t=pageview&_s=1&dl=http%3A%2F%2Fmeddeviceupdates.breaking-news-now.com%2Fload_training%3Fguid%3D9bcf44011f%26correlation_id%3D95ea9962-54d2-47c4-9c3b-e7febf44424c&ul=en-us&de=UTF-8&dt=You%27ve%20been%20phished!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=AACAAEAB~&jid=&gjid=&cid=918302295.1534836512&tid=UA-83403-17&_gid=1063317120.1534836512&z=772596921

Request Chain 68

http://www.google-analytics.com/collect?v=1&_v=j68&a=1475958155&t=pageview&_s=2&dl=http%3A%2F%2Fmeddeviceupdates.breaking-news-now.com%2Fload_training%3Fguid%3D9bcf44011f%26correlation_id%3D95ea9962-54d2-47c4-9c3b-e7febf44424c&ul=en-us&de=UTF-8&dt=You%27ve%20been%20phished!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=QACAAEAB~&jid=&gjid=&cid=918302295.1534836512&tid=UA-83403-17&_gid=1063317120.1534836512&z=1553971972 HTTP 307
https://www.google-analytics.com/collect?v=1&_v=j68&a=1475958155&t=pageview&_s=2&dl=http%3A%2F%2Fmeddeviceupdates.breaking-news-now.com%2Fload_training%3Fguid%3D9bcf44011f%26correlation_id%3D95ea9962-54d2-47c4-9c3b-e7febf44424c&ul=en-us&de=UTF-8&dt=You%27ve%20been%20phished!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=QACAAEAB~&jid=&gjid=&cid=918302295.1534836512&tid=UA-83403-17&_gid=1063317120.1534836512&z=1553971972

83 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set 9bcf44011f Show response
meddeviceupdates.breaking-news-now.com/ 3 KB
2 KB 263ms
162ms Document
text/html 54.84.24.164
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7

Protocol

HTTP/1.1

Server

54.84.24.164 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-54-84-24-164.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

0039a30ddb258ec8dad42579c019721b04623fc0d8434292a254b53ef2f778e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: meddeviceupdates.breaking-news-now.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 0BB9037AE220FDEDD94281B23C2C7CB5

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 21 Aug 2018 07:28:31 GMT
ETag: W/"fb33ad2c125c8b30cbf4ef6ed5b97f40"
Server: ThreatSim-Web-Server
Set-Cookie: EXFILGUID=9bcf44011f; path=/ link_clicked_9bcf44011f=1; path=/
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Host-Info: lw-prd-us-i-0a91c79158999fa3e ; 4500bddbcead10162683c46597dd84ae500473f0
X-Request-Id: 6f85dbad-c67e-4805-9563-d2ddfc81c07f
X-Runtime: 0.059179
X-UA-Compatible: chrome=1
X-XSS-Protection: 1; mode=block
Content-Length: 932
Connection: keep-alive

GET
H/1.1 200
OK Cookie set alt_pixel_click_9bcf44011f.gif
meddeviceupdates.breaking-news-now.com/ 1 B
751 B 241ms
138ms Image
image/gif 54.84.24.164
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://meddeviceupdates.breaking-news-now.com:49152/alt_pixel_click_9bcf44011f.gif?correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7

Protocol

HTTP/1.1

Server

54.84.24.164 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-54-84-24-164.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: meddeviceupdates.breaking-news-now.com:49152
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7
Cookie: EXFILGUID=9bcf44011f; link_clicked_9bcf44011f=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 21 Aug 2018 07:28:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 21
X-XSS-Protection: 1; mode=block
X-Request-Id: a74171a2-d05e-4b39-834d-d257e3a98eff
X-UA-Compatible: chrome=1
X-Runtime: 0.036701
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0b11b2b3b4a047a01 ; 4500bddbcead10162683c46597dd84ae500473f0
X-Frame-Options: SAMEORIGIN
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: image/gif; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Set-Cookie: EXFILGUID=9bcf44011f; path=/ link_clicked_9bcf44011f=2; path=/

GET
H/1.1 200
OK plugin_detect.js Show response
tslp.s3.amazonaws.com/detect/ 49 KB
49 KB 441ms
121ms Script
text/javascript 52.216.165.115
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
Requested by: Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.165.115 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a

Request headers

Referer: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 21 Aug 2018 07:28:32 GMT
Last-Modified: Wed, 15 Feb 2017 17:56:07 GMT
Server: AmazonS3
x-amz-request-id: A67166D2555EE5B3
ETag: "00a513f07603df01e3b99be00f370754"
Content-Type: text/javascript
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 50085
x-amz-id-2: GqZdiGmGwtJVknBIf+m+GDD6aP6mc1hYwlDZTt+Ijp08Z+FIJIcRC4tepKNCzaUeJUoYnpLLBcw=

GET
H/1.1 200
OK bugsnag-2.min.js Show response
d2wy8f7a9ursnm.cloudfront.net/ 6 KB
3 KB 12ms
6ms Script
application/javascript 52.85.182.131
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
Requested by: Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7
Protocol: HTTP/1.1
Server: 52.85.182.131 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-85-182-131.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc

Request headers

Referer: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 29 Jul 2017 12:27:37 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Aug 2016 00:30:49 GMT
Server: AmazonS3
Age: 435276
ETag: "6103bb5e4ec6141e19e1100caafc780c"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 7b48191d48ad0a2b3616c20acd7fbc1c.cloudfront.net (CloudFront)
Cache-Control: public, max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2962
X-Amz-Cf-Id: UFGuXwZvPiYA5-nJwoEC8ivST222eWNsyY5fxa6FAGG8b0AjaBVzMQ==

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ 90 KB
33 KB 12ms
6ms Script
text/javascript 2a00:1450:4001:806::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7

Protocol

HTTP/1.1

Server

2a00:1450:4001:806::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 17 Aug 2018 18:32:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
Server: sffe
Age: 305776
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 33018
X-XSS-Protection: 1; mode=block
Expires: Sat, 17 Aug 2019 18:32:15 GMT

GET
H/1.1 200
OK google-tracking.js Show response
meddeviceupdates.breaking-news-now.com/assets/ 455 B
707 B 102ms
101ms Script
application/javascript 54.84.24.164
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://meddeviceupdates.breaking-news-now.com/assets/google-tracking.js?g=9bcf44011f
Requested by: Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7
Protocol: HTTP/1.1
Server: 54.84.24.164 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-84-24-164.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: fce517e48a56b76d45fd456264b90c82aa6e9ddb578f9f36d844ace5816d9841

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: meddeviceupdates.breaking-news-now.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7
Cookie: EXFILGUID=9bcf44011f; link_clicked_9bcf44011f=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 21 Aug 2018 07:28:31 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 Aug 2018 14:24:03 GMT
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000 public
Connection: keep-alive
Content-Length: 316
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK all.js Show response
meddeviceupdates.breaking-news-now.com/assets/ 28 KB
7 KB 202ms
101ms Script
application/javascript 54.84.24.164
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://meddeviceupdates.breaking-news-now.com/assets/all.js?g=9bcf44011f
Requested by: Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7
Protocol: HTTP/1.1
Server: 54.84.24.164 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-84-24-164.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: bae06f323013a94b766da34246d6439db4b57a1144e7b4f4c6a18848eb7a4cf8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: meddeviceupdates.breaking-news-now.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7
Cookie: EXFILGUID=9bcf44011f; link_clicked_9bcf44011f=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 21 Aug 2018 07:28:31 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 Aug 2018 14:24:03 GMT
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000 public
Connection: keep-alive
Content-Length: 7149
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
S

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

34 KB
14 KB

6ms
6ms

Script
text/javascript

2a00:1450:4001:81a::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81a::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 18 May 2018 01:10:24 GMT
server: Golfe2
age: 4543
date: Tue, 21 Aug 2018 06:12:49 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 14386
expires: Tue, 21 Aug 2018 08:12:49 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

POST
H/1.1 200
OK browser_post Show response
dataentry.threatsim.com/secure/ 1 B
662 B 507ms
143ms XHR
image/gif 34.202.118.251
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://dataentry.threatsim.com/secure/browser_post

Requested by

Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.202.118.251 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-202-118-251.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7
Origin: http://meddeviceupdates.breaking-news-now.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Tue, 21 Aug 2018 07:28:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 21
X-XSS-Protection: 1; mode=block
X-Request-Id: 61437a14-a99f-4a0d-99f6-8cba4e038486
X-UA-Compatible: chrome=1
X-Runtime: 0.040905
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0162c3d509f66c20d, ; 4500bddbcead10162683c46597dd84ae500473f0
X-Frame-Options: SAMEORIGIN
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: image/gif; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
662 B 461ms
105ms Image
text/html 34.202.118.251
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dataentry.threatsim.com/trace?id=9bcf44011f&msg=BrowserDetect%20-%20localStorage%20%3D%20false&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.202.118.251 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-202-118-251.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 21 Aug 2018 07:28:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 21
X-XSS-Protection: 1; mode=block
X-Request-Id: 24ecd69a-e876-48f2-982e-c54042cd1806
X-UA-Compatible: chrome=1
X-Runtime: 0.002642
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0e980855f4823ebd9, ; 4500bddbcead10162683c46597dd84ae500473f0
X-Frame-Options: SAMEORIGIN
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
662 B 460ms
105ms Image
text/html 34.202.118.251
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dataentry.threatsim.com/trace?id=9bcf44011f&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.202.118.251 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-202-118-251.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 21 Aug 2018 07:28:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 21
X-XSS-Protection: 1; mode=block
X-Request-Id: 06993dbc-2cc6-4177-b9b3-ac93e9ae5f67
X-UA-Compatible: chrome=1
X-Runtime: 0.002161
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0162c3d509f66c20d, ; 4500bddbcead10162683c46597dd84ae500473f0
X-Frame-Options: SAMEORIGIN
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
662 B 459ms
104ms Image
text/html 34.202.118.251
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dataentry.threatsim.com/trace?id=9bcf44011f&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.202.118.251 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-202-118-251.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 21 Aug 2018 07:28:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 21
X-XSS-Protection: 1; mode=block
X-Request-Id: 04121def-81bd-47eb-b18d-a3bd9244af95
X-UA-Compatible: chrome=1
X-Runtime: 0.001732
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0b11b2b3b4a047a01, ; 4500bddbcead10162683c46597dd84ae500473f0
X-Frame-Options: SAMEORIGIN
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
662 B 463ms
106ms Image
text/html 34.202.118.251
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dataentry.threatsim.com/trace?id=9bcf44011f&msg=BrowserDetect%20-%20browser%20%3D%20Chrome&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.202.118.251 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-202-118-251.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 21 Aug 2018 07:28:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 21
X-XSS-Protection: 1; mode=block
X-Request-Id: 4475508f-d5f6-45f4-bd8e-d90638c4a099
X-UA-Compatible: chrome=1
X-Runtime: 0.002298
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0a91c79158999fa3e, ; 4500bddbcead10162683c46597dd84ae500473f0
X-Frame-Options: SAMEORIGIN
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
662 B 463ms
105ms Image
text/html 34.202.118.251
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dataentry.threatsim.com/trace?id=9bcf44011f&msg=BrowserDetect%20-%20browser_version%20%3D%2067&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.202.118.251 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-202-118-251.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 21 Aug 2018 07:28:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 21
X-XSS-Protection: 1; mode=block
X-Request-Id: 0794be8b-4893-4dfd-84e3-314f83bbf723
X-UA-Compatible: chrome=1
X-Runtime: 0.002300
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0b11b2b3b4a047a01, ; 4500bddbcead10162683c46597dd84ae500473f0
X-Frame-Options: SAMEORIGIN
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
662 B 106ms
104ms Image
text/html 34.202.118.251
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dataentry.threatsim.com/trace?id=9bcf44011f&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.202.118.251 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-202-118-251.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 21 Aug 2018 07:28:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 21
X-XSS-Protection: 1; mode=block
X-Request-Id: 1fca16aa-48c6-4f9d-a668-b6c26c07e9de
X-UA-Compatible: chrome=1
X-Runtime: 0.002130
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0a91c79158999fa3e, ; 4500bddbcead10162683c46597dd84ae500473f0
X-Frame-Options: SAMEORIGIN
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
662 B 105ms
105ms Image
text/html 34.202.118.251
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dataentry.threatsim.com/trace?id=9bcf44011f&msg=BrowserDetect%20-%20os_version%20%3D%2010.13.5&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.202.118.251 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-202-118-251.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 21 Aug 2018 07:28:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 21
X-XSS-Protection: 1; mode=block
X-Request-Id: 49997151-2498-4972-adc7-df2aaf08dfc5
X-UA-Compatible: chrome=1
X-Runtime: 0.002031
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0b11b2b3b4a047a01, ; 4500bddbcead10162683c46597dd84ae500473f0
X-Frame-Options: SAMEORIGIN
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
662 B 106ms
106ms Image
text/html 34.202.118.251
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dataentry.threatsim.com/trace?id=9bcf44011f&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.202.118.251 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-202-118-251.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 21 Aug 2018 07:28:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 21
X-XSS-Protection: 1; mode=block
X-Request-Id: f3a13abe-f300-4955-8e43-524189836a44
X-UA-Compatible: chrome=1
X-Runtime: 0.002183
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0162c3d509f66c20d, ; 4500bddbcead10162683c46597dd84ae500473f0
X-Frame-Options: SAMEORIGIN
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
662 B 104ms
104ms Image
text/html 34.202.118.251
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dataentry.threatsim.com/trace?id=9bcf44011f&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.202.118.251 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-202-118-251.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 21 Aug 2018 07:28:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 21
X-XSS-Protection: 1; mode=block
X-Request-Id: 4eec1e95-de12-4a2c-aaab-02021bde5b8f
X-UA-Compatible: chrome=1
X-Runtime: 0.002267
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0e980855f4823ebd9, ; 4500bddbcead10162683c46597dd84ae500473f0
X-Frame-Options: SAMEORIGIN
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
662 B 104ms
104ms Image
text/html 34.202.118.251
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dataentry.threatsim.com/trace?id=9bcf44011f&msg=BrowserDetect%20-%20width%20%3D%201600&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.202.118.251 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-202-118-251.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 21 Aug 2018 07:28:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 21
X-XSS-Protection: 1; mode=block
X-Request-Id: 9a2da60e-dd8e-4e89-a7f9-d7b14b1c5826
X-UA-Compatible: chrome=1
X-Runtime: 0.001663
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0a91c79158999fa3e, ; 4500bddbcead10162683c46597dd84ae500473f0
X-Frame-Options: SAMEORIGIN
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
662 B 170ms
105ms Image
text/html 34.202.118.251
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dataentry.threatsim.com/trace?id=9bcf44011f&msg=BrowserDetect%20-%20height%20%3D%201200&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.202.118.251 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-202-118-251.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 21 Aug 2018 07:28:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 21
X-XSS-Protection: 1; mode=block
X-Request-Id: 11b880f3-07d3-47eb-b320-2dd5b6c6b6f8
X-UA-Compatible: chrome=1
X-Runtime: 0.003175
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0162c3d509f66c20d, ; 4500bddbcead10162683c46597dd84ae500473f0
X-Frame-Options: SAMEORIGIN
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
662 B 105ms
104ms Image
text/html 34.202.118.251
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dataentry.threatsim.com/trace?id=9bcf44011f&msg=Chrome%20browser%2C%20using%20more%20detailed%20version&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.202.118.251 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-202-118-251.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 21 Aug 2018 07:28:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 21
X-XSS-Protection: 1; mode=block
X-Request-Id: 30c5037b-ab5f-4f88-94d8-ee45e73b10cd
X-UA-Compatible: chrome=1
X-Runtime: 0.001709
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0a91c79158999fa3e, ; 4500bddbcead10162683c46597dd84ae500473f0
X-Frame-Options: SAMEORIGIN
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
662 B 105ms
104ms Image
text/html 34.202.118.251
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dataentry.threatsim.com/trace?id=9bcf44011f&msg=Skipping%20java%20detection&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.202.118.251 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-202-118-251.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 21 Aug 2018 07:28:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 21
X-XSS-Protection: 1; mode=block
X-Request-Id: 9dfb50bf-b1f7-4e96-a2c7-8f2b39dd2b37
X-UA-Compatible: chrome=1
X-Runtime: 0.002044
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0b11b2b3b4a047a01, ; 4500bddbcead10162683c46597dd84ae500473f0
X-Frame-Options: SAMEORIGIN
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
662 B 113ms
112ms Image
text/html 34.202.118.251
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dataentry.threatsim.com/trace?id=9bcf44011f&msg=Skipping%20flash%20detection&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.202.118.251 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-202-118-251.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 21 Aug 2018 07:28:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 21
X-XSS-Protection: 1; mode=block
X-Request-Id: f618a501-511f-4cad-8a2b-6d8a4efae52b
X-UA-Compatible: chrome=1
X-Runtime: 0.009428
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0e980855f4823ebd9, ; 4500bddbcead10162683c46597dd84ae500473f0
X-Frame-Options: SAMEORIGIN
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
662 B 106ms
105ms Image
text/html 34.202.118.251
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dataentry.threatsim.com/trace?id=9bcf44011f&msg=Skipping%20pdf%20detection&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.202.118.251 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-202-118-251.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 21 Aug 2018 07:28:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 21
X-XSS-Protection: 1; mode=block
X-Request-Id: 250c3b40-e628-4e0a-a0d8-24a754f35f20
X-UA-Compatible: chrome=1
X-Runtime: 0.003030
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0162c3d509f66c20d, ; 4500bddbcead10162683c46597dd84ae500473f0
X-Frame-Options: SAMEORIGIN
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
662 B 210ms
104ms Image
text/html 34.202.118.251
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dataentry.threatsim.com/trace?id=9bcf44011f&msg=Skipping%20quicktime%20detection&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.202.118.251 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-202-118-251.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 21 Aug 2018 07:28:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 21
X-XSS-Protection: 1; mode=block
X-Request-Id: e2c9b713-5c7d-4a8d-a122-a30e75d2cb90
X-UA-Compatible: chrome=1
X-Runtime: 0.002454
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0a91c79158999fa3e, ; 4500bddbcead10162683c46597dd84ae500473f0
X-Frame-Options: SAMEORIGIN
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
662 B 106ms
105ms Image
text/html 34.202.118.251
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dataentry.threatsim.com/trace?id=9bcf44011f&msg=Skipping%20RealPlayer%20detection&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.202.118.251 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-202-118-251.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 21 Aug 2018 07:28:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 21
X-XSS-Protection: 1; mode=block
X-Request-Id: ee956f62-8e5e-457d-b1ea-0fa387778b41
X-UA-Compatible: chrome=1
X-Runtime: 0.001762
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0e980855f4823ebd9, ; 4500bddbcead10162683c46597dd84ae500473f0
X-Frame-Options: SAMEORIGIN
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
662 B 105ms
104ms Image
text/html 34.202.118.251
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dataentry.threatsim.com/trace?id=9bcf44011f&msg=Skipping%20Silverlight%20detection&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.202.118.251 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-202-118-251.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 21 Aug 2018 07:28:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 21
X-XSS-Protection: 1; mode=block
X-Request-Id: 81ac3c6c-6342-4a36-99dc-ae18648cd244
X-UA-Compatible: chrome=1
X-Runtime: 0.001670
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0b11b2b3b4a047a01, ; 4500bddbcead10162683c46597dd84ae500473f0
X-Frame-Options: SAMEORIGIN
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
662 B 106ms
105ms Image
text/html 34.202.118.251
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dataentry.threatsim.com/trace?id=9bcf44011f&msg=Skipping%20WindowsMediaPlayer%20detection&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.202.118.251 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-202-118-251.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 21 Aug 2018 07:28:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 21
X-XSS-Protection: 1; mode=block
X-Request-Id: 408a99ca-f443-44de-9a14-9bb1322e4d22
X-UA-Compatible: chrome=1
X-Runtime: 0.002512
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0a91c79158999fa3e, ; 4500bddbcead10162683c46597dd84ae500473f0
X-Frame-Options: SAMEORIGIN
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
662 B 111ms
104ms Image
text/html 34.202.118.251
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dataentry.threatsim.com/trace?id=9bcf44011f&msg=redirecting%20to%20%2Fload_training%3Fguid%3D9bcf44011f%26correlation_id%3D95ea9962-54d2-47c4-9c3b-e7febf44424c&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.202.118.251 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-202-118-251.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 21 Aug 2018 07:28:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 21
X-XSS-Protection: 1; mode=block
X-Request-Id: d5420273-f3c1-4bea-bc15-aea468af921f
X-UA-Compatible: chrome=1
X-Runtime: 0.002060
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0e980855f4823ebd9, ; 4500bddbcead10162683c46597dd84ae500473f0
X-Frame-Options: SAMEORIGIN
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate

GET
S

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

http://www.google-analytics.com/r/collect?v=1&_v=j68&a=1295089941&t=pageview&_s=1&dl=http%3A%2F%2Fmeddeviceupdates.breaking-news-now.com%2F9bcf44011f%3Fl%3D7&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x120...
https://www.google-analytics.com/r/collect?v=1&_v=j68&a=1295089941&t=pageview&_s=1&dl=http%3A%2F%2Fmeddeviceupdates.breaking-news-now.com%2F9bcf44011f%3Fl%3D7&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x12...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-83403-17&cid=918302295.1534836512&jid=2110637742&_gid=1063317120.1534836512&gjid=889815287&_v=j68&z=606333934

35 B
136 B

15ms
15ms

Image
image/gif

2a00:1450:400c:c00::9b
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-83403-17&cid=918302295.1534836512&jid=2110637742&_gid=1063317120.1534836512&gjid=889815287&_v=j68&z=606333934

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:400c:c00::9b , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 21 Aug 2018 07:28:32 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 21 Aug 2018 07:28:32 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 302
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-83403-17&cid=918302295.1534836512&jid=2110637742&_gid=1063317120.1534836512&gjid=889815287&_v=j68&z=606333934
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 415
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S

200

collect
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/collect?v=1&_v=j68&a=1295089941&t=pageview&_s=2&dl=http%3A%2F%2Fmeddeviceupdates.breaking-news-now.com%2F9bcf44011f%3Fl%3D7&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&...
https://www.google-analytics.com/collect?v=1&_v=j68&a=1295089941&t=pageview&_s=2&dl=http%3A%2F%2Fmeddeviceupdates.breaking-news-now.com%2F9bcf44011f%3Fl%3D7&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200...

35 B
122 B

6ms
6ms

Image
image/gif

2a00:1450:4001:81a::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j68&a=1295089941&t=pageview&_s=2&dl=http%3A%2F%2Fmeddeviceupdates.breaking-news-now.com%2F9bcf44011f%3Fl%3D7&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=&gjid=&cid=918302295.1534836512&uid=9bcf44011f&tid=UA-83403-17&_gid=1063317120.1534836512&z=914205941

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81a::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Aug 2018 15:16:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 317498
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/collect?v=1&_v=j68&a=1295089941&t=pageview&_s=2&dl=http%3A%2F%2Fmeddeviceupdates.breaking-news-now.com%2F9bcf44011f%3Fl%3D7&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=&gjid=&cid=918302295.1534836512&uid=9bcf44011f&tid=UA-83403-17&_gid=1063317120.1534836512&z=914205941
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
662 B 203ms
104ms Image
text/html 34.202.118.251
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dataentry.threatsim.com/trace?id=9bcf44011f&msg=browser_post_successful&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.202.118.251 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-202-118-251.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 21 Aug 2018 07:28:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 21
X-XSS-Protection: 1; mode=block
X-Request-Id: 6b52854b-33e2-4d06-81ec-fc703412d385
X-UA-Compatible: chrome=1
X-Runtime: 0.002134
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0a91c79158999fa3e, ; 4500bddbcead10162683c46597dd84ae500473f0
X-Frame-Options: SAMEORIGIN
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate

GET
H/1.1 200
OK Primary Request load_training Show response
meddeviceupdates.breaking-news-now.com/ 9 KB
3 KB 116ms
116ms Document
text/html 54.84.24.164
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/assets/all.js?g=9bcf44011f

Protocol

HTTP/1.1

Server

54.84.24.164 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-54-84-24-164.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

161dcf939c7055dd53a1277e32655f33f7b8a7111f232b2995afa7555071bbf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: meddeviceupdates.breaking-news-now.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7
Accept-Encoding: gzip, deflate
Cookie: EXFILGUID=9bcf44011f; link_clicked_9bcf44011f=2; _ga=GA1.2.918302295.1534836512; _gid=GA1.2.1063317120.1534836512; _gat=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 0BB9037AE220FDEDD94281B23C2C7CB5
Referer: http://meddeviceupdates.breaking-news-now.com/9bcf44011f?l=7

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 21 Aug 2018 07:28:33 GMT
ETag: W/"a89095821629fe628225ec179802d2c5"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Host-Info: lw-prd-us-i-0b11b2b3b4a047a01 ; 4500bddbcead10162683c46597dd84ae500473f0
X-Request-Id: b7a5d91b-c63d-4e55-b28f-5e96b83024b8
X-Runtime: 0.012894
X-UA-Compatible: chrome=1
X-XSS-Protection: 1; mode=block
Content-Length: 2635
Connection: keep-alive

GET
H/1.1 200
OK bugsnag-2.min.js Show response
d2wy8f7a9ursnm.cloudfront.net/ 6 KB
3 KB 7ms
6ms Script
application/javascript 52.85.182.131
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
Requested by: Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
Protocol: HTTP/1.1
Server: 52.85.182.131 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-85-182-131.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc

Request headers

Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 29 Jul 2017 12:27:37 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Aug 2016 00:30:49 GMT
Server: AmazonS3
Age: 435278
ETag: "6103bb5e4ec6141e19e1100caafc780c"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 7b48191d48ad0a2b3616c20acd7fbc1c.cloudfront.net (CloudFront)
Cache-Control: public, max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2962
X-Amz-Cf-Id: cxQ9vO5Azoe7H3ei11wlqzb6bGax6p9c5529Lw3LK8pA53_QIPRM4w==

GET
S 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 94 KB
33 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:818::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:818::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 17 Aug 2018 18:09:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 307168
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 33576
x-xss-protection: 1; mode=block
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Aug 2019 18:09:05 GMT

GET
H/1.1 200
OK plugin_detect.js Show response
tslp.s3.amazonaws.com/detect/ 49 KB
49 KB 110ms
109ms Script
text/javascript 52.216.165.115
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
Requested by: Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.165.115 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a

Request headers

Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 21 Aug 2018 07:28:34 GMT
Last-Modified: Wed, 15 Feb 2017 17:56:07 GMT
Server: AmazonS3
x-amz-request-id: 6CB26C2C08E665E4
ETag: "00a513f07603df01e3b99be00f370754"
Content-Type: text/javascript
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 50085
x-amz-id-2: NEdEZrF1Y1sw3xxVlIwdQjvsKooPxetR2VgZOmKih91ehWZ+YnYPQxdfKNy5YVgBxmUNssVU3aE=

GET
H/1.1 200
OK besecurityconscious-logo-no-background-667e53.png
ts-uploads.s3.amazonaws.com/training/production/4218/ 35 KB
36 KB 432ms
119ms Image
image/png 52.216.16.8
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ts-uploads.s3.amazonaws.com/training/production/4218/besecurityconscious-logo-no-background-667e53.png
Requested by: Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.16.8 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: bcb848908b67f2b6864e2fc8bc8e6cab1efbdce186ca3a749e7cce592cc12550

Request headers

Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 21 Aug 2018 07:28:34 GMT
Last-Modified: Wed, 25 Jul 2018 13:10:51 GMT
Server: AmazonS3
x-amz-request-id: 6859B6FD68539706
ETag: "a79d3ebf47a92e35bb2cc7cff2659d5c"
Content-Type: image/png
x-amz-version-id: ULzAFcRPrKCdYoXegP1yJPYAwuDN_u10
Accept-Ranges: bytes
Content-Length: 36255
x-amz-id-2: QehikIPgHZFygzMxnn97nPz5cnWEbA1kv/EmtUqmyU100Y3RxChA3E1J+tqx6a7+Ng8frEBvrzk=

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.4/ 82 KB
30 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:806::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Protocol

HTTP/1.1

Server

2a00:1450:4001:806::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 17 Aug 2018 15:34:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
Server: sffe
Age: 316449
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 29725
X-XSS-Protection: 1; mode=block
Expires: Sat, 17 Aug 2019 15:34:24 GMT

GET
S 200 E-v1.js Show response
fast.wistia.com/assets/external/ 500 KB
125 KB 33ms
6ms Script
application/javascript 151.101.14.110
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/E-v1.js

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.110 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

313351551b03b0e7c22b82d671dcb58ad4672cde06b2f4413e46f909761576ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 21 Aug 2018 07:28:33 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 1372
x-cache: HIT, HIT
status: 200
content-length: 127789
x-served-by: cache-sea1023-SEA, cache-fra19127-FRA
access-control-allow-origin: *
x-browser-version: 67
last-modified: Mon, 20 Aug 2018 19:01:06 GMT
x-timer: S1534836513.423390,VS0,VE0
etag: "5b7b0ff2-1f32d"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 67

GET
H/1.1 200
OK google-tracking.js Show response
meddeviceupdates.breaking-news-now.com/assets/ 455 B
707 B 101ms
101ms Script
application/javascript 54.84.24.164
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://meddeviceupdates.breaking-news-now.com/assets/google-tracking.js?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
Requested by: Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
Protocol: HTTP/1.1
Server: 54.84.24.164 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-84-24-164.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: fce517e48a56b76d45fd456264b90c82aa6e9ddb578f9f36d844ace5816d9841

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: meddeviceupdates.breaking-news-now.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
Cookie: EXFILGUID=9bcf44011f; link_clicked_9bcf44011f=2; _ga=GA1.2.918302295.1534836512; _gid=GA1.2.1063317120.1534836512; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 21 Aug 2018 07:28:33 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 Aug 2018 14:24:03 GMT
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000 public
Connection: keep-alive
Content-Length: 316
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK all.js Show response
meddeviceupdates.breaking-news-now.com/assets/ 28 KB
7 KB 102ms
101ms Script
application/javascript 54.84.24.164
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://meddeviceupdates.breaking-news-now.com/assets/all.js?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
Requested by: Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
Protocol: HTTP/1.1
Server: 54.84.24.164 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-84-24-164.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: bae06f323013a94b766da34246d6439db4b57a1144e7b4f4c6a18848eb7a4cf8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: meddeviceupdates.breaking-news-now.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
Cookie: EXFILGUID=9bcf44011f; link_clicked_9bcf44011f=2; _ga=GA1.2.918302295.1534836512; _gid=GA1.2.1063317120.1534836512; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 21 Aug 2018 07:28:33 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 Aug 2018 14:24:03 GMT
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000 public
Connection: keep-alive
Content-Length: 7149
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK p2ig2icx0p.json Show response
fast.wistia.com/embed/medias/ 35 KB
17 KB 12ms
6ms Script
text/javascript 151.101.14.110
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

http://fast.wistia.com/embed/medias/p2ig2icx0p.json?callback=wistiajson1

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

HTTP/1.1

Server

151.101.14.110 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

135804deeac08f3b7ef6dea26bfb8904e19ce3f74f3aac4d50aba7fe12e6e43e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 21 Aug 2018 07:28:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 61186
X-Cache: MISS, HIT, HIT
P3P: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
Connection: keep-alive
Content-Length: 16567
X-Request-Id: 4cb82927d53a274568c3cb29309adf7a
X-Served-By: cache-sea1035-SEA, cache-fra19135-FRA
X-Runtime: 0.083935
Access-Control-Allow-Origin: *
X-Browser-Version: 67
X-Timer: S1534836514.696289,VS0,VE1
Vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
Strict-Transport-Security: max-age=0
Content-Type: text/javascript; charset=utf-8
Via: 1.1 varnish, 1.1 varnish
Cache-Control: public, no-cache
X-Browser: chrome
X-ECMA-V: modern
Accept-Ranges: bytes
Timing-Allow-Origin: *
Link: <http://embed.wistia.com>; rel=preconnect; crossorigin
X-Cache-Hits: 0, 2, 1

GET
S 200 wistia-mux.js Show response
fast.wistia.com/assets/external/ 90 KB
27 KB 6ms
6ms Script
application/javascript 151.101.14.110
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/wistia-mux.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.110 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

0227ba52a18f362890495e4a8273db6073de4fa6e56bba020f27e052b88b973d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 21 Aug 2018 07:28:33 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 1372
x-cache: HIT, HIT
status: 200
content-length: 27761
x-served-by: cache-sea1040-SEA, cache-fra19127-FRA
access-control-allow-origin: *
x-browser-version: 67
last-modified: Mon, 20 Aug 2018 19:01:06 GMT
x-timer: S1534836514.689495,VS0,VE0
etag: "5b7b0ff2-6c71"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2, 50

GET
S

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

34 KB
14 KB

6ms
5ms

Script
text/javascript

2a00:1450:4001:81a::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81a::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 18 May 2018 01:10:24 GMT
server: Golfe2
age: 4544
date: Tue, 21 Aug 2018 06:12:49 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 14386
expires: Tue, 21 Aug 2018 08:12:49 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK trace
meddeviceupdates.breaking-news-now.com/ 1 B
662 B 105ms
104ms Image
text/html 54.84.24.164
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://meddeviceupdates.breaking-news-now.com/trace?id=undefined&msg=window.tracking_id%20is%20not%20set%2C%20let%27s%20get%20it&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Protocol

HTTP/1.1

Server

54.84.24.164 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-54-84-24-164.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: meddeviceupdates.breaking-news-now.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
Cookie: EXFILGUID=9bcf44011f; link_clicked_9bcf44011f=2; _ga=GA1.2.918302295.1534836512; _gid=GA1.2.1063317120.1534836512; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 21 Aug 2018 07:28:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 21
X-XSS-Protection: 1; mode=block
X-Request-Id: bb1a37fb-4c36-41dc-8ab5-50ce20a247e8
X-UA-Compatible: chrome=1
X-Runtime: 0.002213
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0b11b2b3b4a047a01 ; 4500bddbcead10162683c46597dd84ae500473f0
X-Frame-Options: SAMEORIGIN
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate

GET
H/1.1 200
OK trace
meddeviceupdates.breaking-news-now.com/ 1 B
662 B 106ms
105ms Image
text/html 54.84.24.164
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://meddeviceupdates.breaking-news-now.com/trace?id=unknown&msg=get-id%20is%20undefined&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Protocol

HTTP/1.1

Server

54.84.24.164 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-54-84-24-164.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: meddeviceupdates.breaking-news-now.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
Cookie: EXFILGUID=9bcf44011f; link_clicked_9bcf44011f=2; _ga=GA1.2.918302295.1534836512; _gid=GA1.2.1063317120.1534836512; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 21 Aug 2018 07:28:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 21
X-XSS-Protection: 1; mode=block
X-Request-Id: 9f08a0e9-e354-4d9c-854b-f76e0a3bedf6
X-UA-Compatible: chrome=1
X-Runtime: 0.002405
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0162c3d509f66c20d ; 4500bddbcead10162683c46597dd84ae500473f0
X-Frame-Options: SAMEORIGIN
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate

GET
H/1.1 200
OK trace
meddeviceupdates.breaking-news-now.com/ 1 B
662 B 207ms
105ms Image
text/html 54.84.24.164
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://meddeviceupdates.breaking-news-now.com/trace?id=unknown&msg=did%20not%20find%20guid%20in%20last%20part%20of%20location&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Protocol

HTTP/1.1

Server

54.84.24.164 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-54-84-24-164.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: meddeviceupdates.breaking-news-now.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
Cookie: EXFILGUID=9bcf44011f; link_clicked_9bcf44011f=2; _ga=GA1.2.918302295.1534836512; _gid=GA1.2.1063317120.1534836512; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 21 Aug 2018 07:28:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 21
X-XSS-Protection: 1; mode=block
X-Request-Id: 29953d40-ca8b-4558-afed-bcb25684ddcf
X-UA-Compatible: chrome=1
X-Runtime: 0.002117
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0a91c79158999fa3e ; 4500bddbcead10162683c46597dd84ae500473f0
X-Frame-Options: SAMEORIGIN
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate

GET
H/1.1 200
OK trace
meddeviceupdates.breaking-news-now.com/ 1 B
662 B 210ms
107ms Image
text/html 54.84.24.164
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://meddeviceupdates.breaking-news-now.com/trace?id=9bcf44011f&msg=BrowserDetect%20-%20localStorage%20%3D%20false&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Protocol

HTTP/1.1

Server

54.84.24.164 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-54-84-24-164.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: meddeviceupdates.breaking-news-now.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
Cookie: EXFILGUID=9bcf44011f; link_clicked_9bcf44011f=2; _ga=GA1.2.918302295.1534836512; _gid=GA1.2.1063317120.1534836512; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 21 Aug 2018 07:28:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 21
X-XSS-Protection: 1; mode=block
X-Request-Id: a995ed36-57d5-4409-9942-6530999d148f
X-UA-Compatible: chrome=1
X-Runtime: 0.003801
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0162c3d509f66c20d ; 4500bddbcead10162683c46597dd84ae500473f0
X-Frame-Options: SAMEORIGIN
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate

GET
H/1.1 200
OK trace
meddeviceupdates.breaking-news-now.com/ 1 B
662 B 209ms
106ms Image
text/html 54.84.24.164
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://meddeviceupdates.breaking-news-now.com/trace?id=9bcf44011f&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Protocol

HTTP/1.1

Server

54.84.24.164 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-54-84-24-164.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: meddeviceupdates.breaking-news-now.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
Cookie: EXFILGUID=9bcf44011f; link_clicked_9bcf44011f=2; _ga=GA1.2.918302295.1534836512; _gid=GA1.2.1063317120.1534836512; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 21 Aug 2018 07:28:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 21
X-XSS-Protection: 1; mode=block
X-Request-Id: 782f7ae9-f7b8-4446-b2d9-b9e21b50d4a8
X-UA-Compatible: chrome=1
X-Runtime: 0.003058
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0b11b2b3b4a047a01 ; 4500bddbcead10162683c46597dd84ae500473f0
X-Frame-Options: SAMEORIGIN
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate

GET
H/1.1 200
OK trace
meddeviceupdates.breaking-news-now.com/ 1 B
662 B 208ms
105ms Image
text/html 34.202.118.251
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://meddeviceupdates.breaking-news-now.com/trace?id=9bcf44011f&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Protocol

HTTP/1.1

Server

34.202.118.251 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-202-118-251.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: meddeviceupdates.breaking-news-now.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
Cookie: EXFILGUID=9bcf44011f; link_clicked_9bcf44011f=2; _ga=GA1.2.918302295.1534836512; _gid=GA1.2.1063317120.1534836512; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 21 Aug 2018 07:28:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 21
X-XSS-Protection: 1; mode=block
X-Request-Id: 98089ea7-8f0c-4591-9fbe-f98408fabcef
X-UA-Compatible: chrome=1
X-Runtime: 0.002263
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0b11b2b3b4a047a01 ; 4500bddbcead10162683c46597dd84ae500473f0
X-Frame-Options: SAMEORIGIN
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate

GET
H/1.1 200
OK trace
meddeviceupdates.breaking-news-now.com/ 1 B
662 B 105ms
104ms Image
text/html 34.202.118.251
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://meddeviceupdates.breaking-news-now.com/trace?id=9bcf44011f&msg=BrowserDetect%20-%20browser%20%3D%20Chrome&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Protocol

HTTP/1.1

Server

34.202.118.251 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-202-118-251.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: meddeviceupdates.breaking-news-now.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
Cookie: EXFILGUID=9bcf44011f; link_clicked_9bcf44011f=2; _ga=GA1.2.918302295.1534836512; _gid=GA1.2.1063317120.1534836512; _gat=1; loglevel=WARN
Connection: keep-alive
Cache-Control: no-cache
Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 21 Aug 2018 07:28:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 21
X-XSS-Protection: 1; mode=block
X-Request-Id: cf7c1c56-4524-43ef-8121-340f0ba0445b
X-UA-Compatible: chrome=1
X-Runtime: 0.001822
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0e980855f4823ebd9 ; 4500bddbcead10162683c46597dd84ae500473f0
X-Frame-Options: SAMEORIGIN
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate

GET
H/1.1 200
OK trace
meddeviceupdates.breaking-news-now.com/ 1 B
662 B 107ms
107ms Image
text/html 34.202.118.251
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://meddeviceupdates.breaking-news-now.com/trace?id=9bcf44011f&msg=BrowserDetect%20-%20browser_version%20%3D%2067&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Protocol

HTTP/1.1

Server

34.202.118.251 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-202-118-251.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: meddeviceupdates.breaking-news-now.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
Cookie: EXFILGUID=9bcf44011f; link_clicked_9bcf44011f=2; _ga=GA1.2.918302295.1534836512; _gid=GA1.2.1063317120.1534836512; _gat=1; loglevel=WARN
Connection: keep-alive
Cache-Control: no-cache
Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 21 Aug 2018 07:28:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 21
X-XSS-Protection: 1; mode=block
X-Request-Id: e7078537-5981-4d75-944c-36e4e64071e5
X-UA-Compatible: chrome=1
X-Runtime: 0.002883
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0162c3d509f66c20d ; 4500bddbcead10162683c46597dd84ae500473f0
X-Frame-Options: SAMEORIGIN
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate

GET
H/1.1 200
OK trace
meddeviceupdates.breaking-news-now.com/ 1 B
662 B 105ms
104ms Image
text/html 54.84.24.164
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://meddeviceupdates.breaking-news-now.com/trace?id=9bcf44011f&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Protocol

HTTP/1.1

Server

54.84.24.164 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-54-84-24-164.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: meddeviceupdates.breaking-news-now.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
Cookie: EXFILGUID=9bcf44011f; link_clicked_9bcf44011f=2; _ga=GA1.2.918302295.1534836512; _gid=GA1.2.1063317120.1534836512; _gat=1; loglevel=WARN
Connection: keep-alive
Cache-Control: no-cache
Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 21 Aug 2018 07:28:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 21
X-XSS-Protection: 1; mode=block
X-Request-Id: 1489216f-a17c-4f2f-a2f2-48ed45ec29fe
X-UA-Compatible: chrome=1
X-Runtime: 0.001922
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0b11b2b3b4a047a01 ; 4500bddbcead10162683c46597dd84ae500473f0
X-Frame-Options: SAMEORIGIN
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate

GET
H/1.1 200
OK trace
meddeviceupdates.breaking-news-now.com/ 1 B
662 B 114ms
111ms Image
text/html 34.202.118.251
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://meddeviceupdates.breaking-news-now.com/trace?id=9bcf44011f&msg=BrowserDetect%20-%20os_version%20%3D%2010.13.5&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Protocol

HTTP/1.1

Server

34.202.118.251 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-202-118-251.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: meddeviceupdates.breaking-news-now.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
Cookie: EXFILGUID=9bcf44011f; link_clicked_9bcf44011f=2; _ga=GA1.2.918302295.1534836512; _gid=GA1.2.1063317120.1534836512; _gat=1; loglevel=WARN
Connection: keep-alive
Cache-Control: no-cache
Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 21 Aug 2018 07:28:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 21
X-XSS-Protection: 1; mode=block
X-Request-Id: 73f300e4-85bd-4708-bcac-1848c9572389
X-UA-Compatible: chrome=1
X-Runtime: 0.001685
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0e980855f4823ebd9 ; 4500bddbcead10162683c46597dd84ae500473f0
X-Frame-Options: SAMEORIGIN
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate

GET
H/1.1 200
OK trace
meddeviceupdates.breaking-news-now.com/ 1 B
662 B 108ms
108ms Image
text/html 54.84.24.164
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://meddeviceupdates.breaking-news-now.com/trace?id=9bcf44011f&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Protocol

HTTP/1.1

Server

54.84.24.164 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-54-84-24-164.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: meddeviceupdates.breaking-news-now.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
Cookie: EXFILGUID=9bcf44011f; link_clicked_9bcf44011f=2; _ga=GA1.2.918302295.1534836512; _gid=GA1.2.1063317120.1534836512; _gat=1; loglevel=WARN
Connection: keep-alive
Cache-Control: no-cache
Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 21 Aug 2018 07:28:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 21
X-XSS-Protection: 1; mode=block
X-Request-Id: a81c39da-42e2-4ad0-b407-e73c3097db66
X-UA-Compatible: chrome=1
X-Runtime: 0.002932
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0162c3d509f66c20d ; 4500bddbcead10162683c46597dd84ae500473f0
X-Frame-Options: SAMEORIGIN
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate

GET
H/1.1 200
OK trace
meddeviceupdates.breaking-news-now.com/ 1 B
662 B 108ms
107ms Image
text/html 54.84.24.164
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://meddeviceupdates.breaking-news-now.com/trace?id=9bcf44011f&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Protocol

HTTP/1.1

Server

54.84.24.164 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-54-84-24-164.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: meddeviceupdates.breaking-news-now.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
Cookie: EXFILGUID=9bcf44011f; link_clicked_9bcf44011f=2; _ga=GA1.2.918302295.1534836512; _gid=GA1.2.1063317120.1534836512; _gat=1; loglevel=WARN
Connection: keep-alive
Cache-Control: no-cache
Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 21 Aug 2018 07:28:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 21
X-XSS-Protection: 1; mode=block
X-Request-Id: c1f5a78b-fc0b-413c-8fb3-4c5ed2364c0a
X-UA-Compatible: chrome=1
X-Runtime: 0.002060
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0e980855f4823ebd9 ; 4500bddbcead10162683c46597dd84ae500473f0
X-Frame-Options: SAMEORIGIN
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate

GET
H/1.1 200
OK trace
meddeviceupdates.breaking-news-now.com/ 1 B
662 B 107ms
107ms Image
text/html 34.202.118.251
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://meddeviceupdates.breaking-news-now.com/trace?id=9bcf44011f&msg=BrowserDetect%20-%20width%20%3D%201600&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Protocol

HTTP/1.1

Server

34.202.118.251 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-202-118-251.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: meddeviceupdates.breaking-news-now.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
Cookie: EXFILGUID=9bcf44011f; link_clicked_9bcf44011f=2; _ga=GA1.2.918302295.1534836512; _gid=GA1.2.1063317120.1534836512; _gat=1; loglevel=WARN
Connection: keep-alive
Cache-Control: no-cache
Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 21 Aug 2018 07:28:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 21
X-XSS-Protection: 1; mode=block
X-Request-Id: 764a5976-6cef-47ad-a256-96ecbbdf0e16
X-UA-Compatible: chrome=1
X-Runtime: 0.002030
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0b11b2b3b4a047a01 ; 4500bddbcead10162683c46597dd84ae500473f0
X-Frame-Options: SAMEORIGIN
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate

GET
H/1.1 200
OK trace
meddeviceupdates.breaking-news-now.com/ 1 B
662 B 110ms
109ms Image
text/html 34.202.118.251
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://meddeviceupdates.breaking-news-now.com/trace?id=9bcf44011f&msg=BrowserDetect%20-%20height%20%3D%201200&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Protocol

HTTP/1.1

Server

34.202.118.251 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-202-118-251.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: meddeviceupdates.breaking-news-now.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
Cookie: EXFILGUID=9bcf44011f; link_clicked_9bcf44011f=2; _ga=GA1.2.918302295.1534836512; _gid=GA1.2.1063317120.1534836512; _gat=1; loglevel=WARN
Connection: keep-alive
Cache-Control: no-cache
Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 21 Aug 2018 07:28:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 21
X-XSS-Protection: 1; mode=block
X-Request-Id: f05886fc-e49f-4beb-8067-cdcabd6baae9
X-UA-Compatible: chrome=1
X-Runtime: 0.002798
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0162c3d509f66c20d ; 4500bddbcead10162683c46597dd84ae500473f0
X-Frame-Options: SAMEORIGIN
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate

GET
H/1.1 200
OK trace
meddeviceupdates.breaking-news-now.com/ 1 B
662 B 105ms
104ms Image
text/html 54.84.24.164
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://meddeviceupdates.breaking-news-now.com/trace?id=9bcf44011f&msg=Chrome%20browser%2C%20using%20more%20detailed%20version&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Protocol

HTTP/1.1

Server

54.84.24.164 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-54-84-24-164.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: meddeviceupdates.breaking-news-now.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
Cookie: EXFILGUID=9bcf44011f; link_clicked_9bcf44011f=2; _ga=GA1.2.918302295.1534836512; _gid=GA1.2.1063317120.1534836512; _gat=1; loglevel=WARN; __distillery=7911322_d9c5c0b6-d60f-4e1c-a36f-21cccb734ef5-c495a0439-b34f06e20c13-0780
Connection: keep-alive
Cache-Control: no-cache
Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 21 Aug 2018 07:28:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 21
X-XSS-Protection: 1; mode=block
X-Request-Id: ff7451b3-d6de-495a-981e-97d64edd10d3
X-UA-Compatible: chrome=1
X-Runtime: 0.002223
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0e980855f4823ebd9 ; 4500bddbcead10162683c46597dd84ae500473f0
X-Frame-Options: SAMEORIGIN
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate

GET
H/1.1 200
OK trace
meddeviceupdates.breaking-news-now.com/ 1 B
662 B 113ms
108ms Image
text/html 34.202.118.251
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://meddeviceupdates.breaking-news-now.com/trace?id=9bcf44011f&msg=Skipping%20java%20detection&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Protocol

HTTP/1.1

Server

34.202.118.251 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-202-118-251.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: meddeviceupdates.breaking-news-now.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
Cookie: EXFILGUID=9bcf44011f; link_clicked_9bcf44011f=2; _ga=GA1.2.918302295.1534836512; _gid=GA1.2.1063317120.1534836512; _gat=1; loglevel=WARN; __distillery=7911322_d9c5c0b6-d60f-4e1c-a36f-21cccb734ef5-c495a0439-b34f06e20c13-0780
Connection: keep-alive
Cache-Control: no-cache
Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 21 Aug 2018 07:28:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 21
X-XSS-Protection: 1; mode=block
X-Request-Id: 00d2ae5f-a374-464c-af9d-9a894a655e25
X-UA-Compatible: chrome=1
X-Runtime: 0.002293
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0e980855f4823ebd9 ; 4500bddbcead10162683c46597dd84ae500473f0
X-Frame-Options: SAMEORIGIN
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate

GET
H/1.1 200
OK trace
meddeviceupdates.breaking-news-now.com/ 1 B
662 B 109ms
107ms Image
text/html 34.202.118.251
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://meddeviceupdates.breaking-news-now.com/trace?id=9bcf44011f&msg=Skipping%20flash%20detection&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Protocol

HTTP/1.1

Server

34.202.118.251 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-202-118-251.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: meddeviceupdates.breaking-news-now.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
Cookie: EXFILGUID=9bcf44011f; link_clicked_9bcf44011f=2; _ga=GA1.2.918302295.1534836512; _gid=GA1.2.1063317120.1534836512; _gat=1; loglevel=WARN; __distillery=7911322_d9c5c0b6-d60f-4e1c-a36f-21cccb734ef5-c495a0439-b34f06e20c13-0780
Connection: keep-alive
Cache-Control: no-cache
Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 21 Aug 2018 07:28:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 21
X-XSS-Protection: 1; mode=block
X-Request-Id: 0178597b-5128-4d11-b425-b918db493979
X-UA-Compatible: chrome=1
X-Runtime: 0.001616
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0a91c79158999fa3e ; 4500bddbcead10162683c46597dd84ae500473f0
X-Frame-Options: SAMEORIGIN
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate

GET
H/1.1 200
OK trace
meddeviceupdates.breaking-news-now.com/ 1 B
662 B 107ms
105ms Image
text/html 54.84.24.164
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://meddeviceupdates.breaking-news-now.com/trace?id=9bcf44011f&msg=Skipping%20pdf%20detection&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Protocol

HTTP/1.1

Server

54.84.24.164 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-54-84-24-164.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: meddeviceupdates.breaking-news-now.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
Cookie: EXFILGUID=9bcf44011f; link_clicked_9bcf44011f=2; _ga=GA1.2.918302295.1534836512; _gid=GA1.2.1063317120.1534836512; _gat=1; loglevel=WARN; __distillery=7911322_d9c5c0b6-d60f-4e1c-a36f-21cccb734ef5-c495a0439-b34f06e20c13-0780
Connection: keep-alive
Cache-Control: no-cache
Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 21 Aug 2018 07:28:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 21
X-XSS-Protection: 1; mode=block
X-Request-Id: 64fdac37-f5ad-4262-888b-828f33c13e08
X-UA-Compatible: chrome=1
X-Runtime: 0.001709
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0b11b2b3b4a047a01 ; 4500bddbcead10162683c46597dd84ae500473f0
X-Frame-Options: SAMEORIGIN
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate

GET
H/1.1 200
OK trace
meddeviceupdates.breaking-news-now.com/ 1 B
662 B 113ms
111ms Image
text/html 54.84.24.164
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://meddeviceupdates.breaking-news-now.com/trace?id=9bcf44011f&msg=Skipping%20quicktime%20detection&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Protocol

HTTP/1.1

Server

54.84.24.164 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-54-84-24-164.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: meddeviceupdates.breaking-news-now.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
Cookie: EXFILGUID=9bcf44011f; link_clicked_9bcf44011f=2; _ga=GA1.2.918302295.1534836512; _gid=GA1.2.1063317120.1534836512; _gat=1; loglevel=WARN; __distillery=7911322_d9c5c0b6-d60f-4e1c-a36f-21cccb734ef5-c495a0439-b34f06e20c13-0780
Connection: keep-alive
Cache-Control: no-cache
Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 21 Aug 2018 07:28:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 21
X-XSS-Protection: 1; mode=block
X-Request-Id: 18e6d817-5e58-4c5a-811e-2f8fdcbcde88
X-UA-Compatible: chrome=1
X-Runtime: 0.003012
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0e980855f4823ebd9 ; 4500bddbcead10162683c46597dd84ae500473f0
X-Frame-Options: SAMEORIGIN
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate

GET
H/1.1 200
OK trace
meddeviceupdates.breaking-news-now.com/ 1 B
662 B 109ms
107ms Image
text/html 34.202.118.251
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://meddeviceupdates.breaking-news-now.com/trace?id=9bcf44011f&msg=Skipping%20RealPlayer%20detection&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Protocol

HTTP/1.1

Server

34.202.118.251 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-202-118-251.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: meddeviceupdates.breaking-news-now.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
Cookie: EXFILGUID=9bcf44011f; link_clicked_9bcf44011f=2; _ga=GA1.2.918302295.1534836512; _gid=GA1.2.1063317120.1534836512; _gat=1; loglevel=WARN; __distillery=7911322_d9c5c0b6-d60f-4e1c-a36f-21cccb734ef5-c495a0439-b34f06e20c13-0780
Connection: keep-alive
Cache-Control: no-cache
Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 21 Aug 2018 07:28:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 21
X-XSS-Protection: 1; mode=block
X-Request-Id: a4721226-a333-42f5-9015-10a9d6e8bddd
X-UA-Compatible: chrome=1
X-Runtime: 0.002317
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0162c3d509f66c20d ; 4500bddbcead10162683c46597dd84ae500473f0
X-Frame-Options: SAMEORIGIN
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate

GET
H/1.1 200
OK trace
meddeviceupdates.breaking-news-now.com/ 1 B
662 B 107ms
107ms Image
text/html 54.84.24.164
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://meddeviceupdates.breaking-news-now.com/trace?id=9bcf44011f&msg=Skipping%20Silverlight%20detection&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Protocol

HTTP/1.1

Server

54.84.24.164 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-54-84-24-164.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: meddeviceupdates.breaking-news-now.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
Cookie: EXFILGUID=9bcf44011f; link_clicked_9bcf44011f=2; _ga=GA1.2.918302295.1534836512; _gid=GA1.2.1063317120.1534836512; _gat=1; loglevel=WARN; __distillery=7911322_d9c5c0b6-d60f-4e1c-a36f-21cccb734ef5-c495a0439-b34f06e20c13-0780
Connection: keep-alive
Cache-Control: no-cache
Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 21 Aug 2018 07:28:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 21
X-XSS-Protection: 1; mode=block
X-Request-Id: 9d263fb0-da5f-424f-880d-9a63a5836119
X-UA-Compatible: chrome=1
X-Runtime: 0.001868
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0b11b2b3b4a047a01 ; 4500bddbcead10162683c46597dd84ae500473f0
X-Frame-Options: SAMEORIGIN
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate

GET
H/1.1 200
OK trace
meddeviceupdates.breaking-news-now.com/ 1 B
662 B 114ms
113ms Image
text/html 54.84.24.164
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://meddeviceupdates.breaking-news-now.com/trace?id=9bcf44011f&msg=Skipping%20WindowsMediaPlayer%20detection&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Protocol

HTTP/1.1

Server

54.84.24.164 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-54-84-24-164.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: meddeviceupdates.breaking-news-now.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
Cookie: EXFILGUID=9bcf44011f; link_clicked_9bcf44011f=2; _ga=GA1.2.918302295.1534836512; _gid=GA1.2.1063317120.1534836512; _gat=1; loglevel=WARN; __distillery=7911322_d9c5c0b6-d60f-4e1c-a36f-21cccb734ef5-c495a0439-b34f06e20c13-0780
Connection: keep-alive
Cache-Control: no-cache
Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 21 Aug 2018 07:28:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 21
X-XSS-Protection: 1; mode=block
X-Request-Id: 9003c048-1377-4b21-8312-99442d54883a
X-UA-Compatible: chrome=1
X-Runtime: 0.002300
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0a91c79158999fa3e ; 4500bddbcead10162683c46597dd84ae500473f0
X-Frame-Options: SAMEORIGIN
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate

GET
H/1.1 200
OK trace
meddeviceupdates.breaking-news-now.com/ 1 B
662 B 109ms
109ms Image
text/html 34.202.118.251
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://meddeviceupdates.breaking-news-now.com/trace?id=9bcf44011f&msg=training_page_no_browser_post&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Protocol

HTTP/1.1

Server

34.202.118.251 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-202-118-251.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: meddeviceupdates.breaking-news-now.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
Cookie: EXFILGUID=9bcf44011f; link_clicked_9bcf44011f=2; _ga=GA1.2.918302295.1534836512; _gid=GA1.2.1063317120.1534836512; _gat=1; loglevel=WARN; __distillery=7911322_d9c5c0b6-d60f-4e1c-a36f-21cccb734ef5-c495a0439-b34f06e20c13-0780
Connection: keep-alive
Cache-Control: no-cache
Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 21 Aug 2018 07:28:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 21
X-XSS-Protection: 1; mode=block
X-Request-Id: 29bc1d0d-bb74-4ac7-acf8-3738581bad96
X-UA-Compatible: chrome=1
X-Runtime: 0.001716
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0e980855f4823ebd9 ; 4500bddbcead10162683c46597dd84ae500473f0
X-Frame-Options: SAMEORIGIN
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate

GET
H/1.1 200
OK trace
meddeviceupdates.breaking-news-now.com/ 1 B
662 B 114ms
114ms Image
text/html 34.202.118.251
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://meddeviceupdates.breaking-news-now.com/trace?id=9bcf44011f&msg=redirect_url%20is%20undefined&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Protocol

HTTP/1.1

Server

34.202.118.251 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-202-118-251.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: meddeviceupdates.breaking-news-now.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
Cookie: EXFILGUID=9bcf44011f; link_clicked_9bcf44011f=2; _ga=GA1.2.918302295.1534836512; _gid=GA1.2.1063317120.1534836512; _gat=1; loglevel=WARN; __distillery=7911322_d9c5c0b6-d60f-4e1c-a36f-21cccb734ef5-c495a0439-b34f06e20c13-0780
Connection: keep-alive
Cache-Control: no-cache
Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 21 Aug 2018 07:28:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 21
X-XSS-Protection: 1; mode=block
X-Request-Id: 02e58968-1e7b-4b55-8db4-85bdb1a8c9be
X-UA-Compatible: chrome=1
X-Runtime: 0.002490
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0162c3d509f66c20d ; 4500bddbcead10162683c46597dd84ae500473f0
X-Frame-Options: SAMEORIGIN
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate

GET
S

200

collect
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/collect?v=1&_v=j68&a=1475958155&t=pageview&_s=1&dl=http%3A%2F%2Fmeddeviceupdates.breaking-news-now.com%2Fload_training%3Fguid%3D9bcf44011f%26correlation_id%3D95ea996...
https://www.google-analytics.com/collect?v=1&_v=j68&a=1475958155&t=pageview&_s=1&dl=http%3A%2F%2Fmeddeviceupdates.breaking-news-now.com%2Fload_training%3Fguid%3D9bcf44011f%26correlation_id%3D95ea99...

35 B
99 B

7ms
7ms

Image
image/gif

2a00:1450:4001:81a::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j68&a=1475958155&t=pageview&_s=1&dl=http%3A%2F%2Fmeddeviceupdates.breaking-news-now.com%2Fload_training%3Fguid%3D9bcf44011f%26correlation_id%3D95ea9962-54d2-47c4-9c3b-e7febf44424c&ul=en-us&de=UTF-8&dt=You%27ve%20been%20phished!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=AACAAEAB~&jid=&gjid=&cid=918302295.1534836512&tid=UA-83403-17&_gid=1063317120.1534836512&z=772596921

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81a::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Aug 2018 15:16:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 317499
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/collect?v=1&_v=j68&a=1475958155&t=pageview&_s=1&dl=http%3A%2F%2Fmeddeviceupdates.breaking-news-now.com%2Fload_training%3Fguid%3D9bcf44011f%26correlation_id%3D95ea9962-54d2-47c4-9c3b-e7febf44424c&ul=en-us&de=UTF-8&dt=You%27ve%20been%20phished!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=AACAAEAB~&jid=&gjid=&cid=918302295.1534836512&tid=UA-83403-17&_gid=1063317120.1534836512&z=772596921
Non-Authoritative-Reason: HSTS

GET
S

200

collect
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/collect?v=1&_v=j68&a=1475958155&t=pageview&_s=2&dl=http%3A%2F%2Fmeddeviceupdates.breaking-news-now.com%2Fload_training%3Fguid%3D9bcf44011f%26correlation_id%3D95ea996...
https://www.google-analytics.com/collect?v=1&_v=j68&a=1475958155&t=pageview&_s=2&dl=http%3A%2F%2Fmeddeviceupdates.breaking-news-now.com%2Fload_training%3Fguid%3D9bcf44011f%26correlation_id%3D95ea99...

35 B
93 B

7ms
6ms

Image
image/gif

2a00:1450:4001:81a::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j68&a=1475958155&t=pageview&_s=2&dl=http%3A%2F%2Fmeddeviceupdates.breaking-news-now.com%2Fload_training%3Fguid%3D9bcf44011f%26correlation_id%3D95ea9962-54d2-47c4-9c3b-e7febf44424c&ul=en-us&de=UTF-8&dt=You%27ve%20been%20phished!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=QACAAEAB~&jid=&gjid=&cid=918302295.1534836512&tid=UA-83403-17&_gid=1063317120.1534836512&z=1553971972

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81a::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Aug 2018 15:16:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 317499
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/collect?v=1&_v=j68&a=1475958155&t=pageview&_s=2&dl=http%3A%2F%2Fmeddeviceupdates.breaking-news-now.com%2Fload_training%3Fguid%3D9bcf44011f%26correlation_id%3D95ea9962-54d2-47c4-9c3b-e7febf44424c&ul=en-us&de=UTF-8&dt=You%27ve%20been%20phished!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=QACAAEAB~&jid=&gjid=&cid=918302295.1534836512&tid=UA-83403-17&_gid=1063317120.1534836512&z=1553971972
Non-Authoritative-Reason: HSTS

GET
S 200 captions.js Show response
fast.wistia.com/assets/external/ 108 KB
21 KB 8ms
7ms Script
application/javascript 151.101.14.110
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/captions.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.110 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

74807e869a9facb50ffa482ff479c8f2f6a62aa4c63777d22c36878015b61b21

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 21 Aug 2018 07:28:33 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 1368
x-cache: HIT, HIT
status: 200
content-length: 21446
x-served-by: cache-sea1027-SEA, cache-fra19127-FRA
access-control-allow-origin: *
x-browser-version: 67
last-modified: Mon, 20 Aug 2018 19:01:06 GMT
x-timer: S1534836514.896163,VS0,VE0
etag: "5b7b0ff2-53c6"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 5

GET
S 200 p2ig2icx0p.json Show response
fast.wistia.com/embed/captions/ 50 KB
17 KB 197ms
197ms Script
text/javascript 151.101.14.110
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/captions/p2ig2icx0p.json?callback=wistiajson2

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.110 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

dc832bb99984980bdeca85f663c1211e2aef0b8041fe79fdc4431cd9fdeb41a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 21 Aug 2018 07:28:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-cache: MISS, MISS, MISS
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
status: 200
vary: Accept-Encoding,X-Forwarded-Proto,Accept-Language
content-length: 17065
x-request-id: 2eec8622cf69f5fa8eae7bb8212f0be0
x-served-by: cache-sea1043-SEA, cache-fra19127-FRA
x-runtime: 0.027380
access-control-allow-origin: *
x-browser-version: 67
x-timer: S1534836514.940816,VS0,VE188
strict-transport-security: max-age=0
content-type: text/javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 0, 0

GET
DATA 200
OK truncated
/ 4 KB
0 Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d12183924739a0c3a90d68d21aaa347e62a901671d5a836455935dda54bf0caf

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
Origin: http://meddeviceupdates.breaking-news-now.com

Response headers

Access-Control-Allow-Origin: *
Content-Type: application/x-font-ttf;charset=utf-8

GET
S 200 manual_quality_video.js Show response
fast.wistia.com/assets/external/engines/ 89 KB
16 KB 8ms
7ms Script
application/javascript 151.101.14.110
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/engines/manual_quality_video.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.110 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

ac381862f3c4723fe0e70ccb951edf2f92a3c3430a3a36d8b2de7b169c736b10

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 21 Aug 2018 07:28:34 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 1369
x-cache: HIT, HIT
status: 200
content-length: 15994
x-served-by: cache-sea1023-SEA, cache-fra19127-FRA
access-control-allow-origin: *
x-browser-version: 67
last-modified: Mon, 20 Aug 2018 19:01:06 GMT
x-timer: S1534836514.029914,VS0,VE0
etag: "5b7b0ff2-3e7a"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 28

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
S 200 blank.gif
fast.wistia.com/assets/images/ 1 KB
2 KB 23ms
9ms Image
image/gif 151.101.114.110
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.com/assets/images/blank.gif

Requested by

Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.110 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
Origin: http://meddeviceupdates.breaking-news-now.com

Response headers

date: Tue, 21 Aug 2018 07:28:34 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
age: 37374
x-cache: HIT, HIT
status: 200
x-cache-hits: 3, 1945
content-length: 1214
x-served-by: cache-sea1046-SEA, cache-hhn1528-HHN
x-browser-version: 67
last-modified: Mon, 20 Aug 2018 18:29:48 GMT
x-timer: S1534836514.289713,VS0,VE0
etag: "5b7b089c-4be"
strict-transport-security: max-age=0
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000, public
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 206
Partial Content file.mp4
embed.wistia.com/deliveries/b691a0ca222f63561be863b0d3bcc245eb08be82/ 3 MB
0 51ms
36ms Media
video/mp4 2.16.186.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://embed.wistia.com/deliveries/b691a0ca222f63561be863b0d3bcc245eb08be82/file.mp4
Requested by: Host: meddeviceupdates.breaking-news-now.com
URL: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
Protocol: HTTP/1.1
Server: 2.16.186.26 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-26.deploy.static.akamaitechnologies.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash

Request headers

Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
Origin: http://meddeviceupdates.breaking-news-now.com
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Range: bytes=0-
chrome-proxy: frfr

Response headers

x-amz-version-id: 1nF.2QJUjeCq_qWCbV8wnoyx0PzvsmaV
Access-Control-Request-Method: *
x-amz-storage-class: STANDARD_IA
Connection: keep-alive
Content-Length: 9362110
X-Served-By: bakeryaws-breadroute-potbrood,bakeryaws-prime-ahab
Content-Range: bytes 0-9362109/9362110
Last-Modified: Wed, 30 Sep 2015 15:54:56 GMT
Server: nginx/1.4.6 (Ubuntu)
Date: Tue, 21 Aug 2018 07:28:34 GMT
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
Cache-Control: max-age=30866277
Accept-Ranges: bytes

OPTIONS
H/1.1 200
OK file.jpg Show response
embed-e.wistia.com/deliveries/6992339c876a95a37250fbe5b0a0eaecca3018a5/ 0
437 B 188ms
171ms XHR
text/html 93.184.221.133
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: http://embed-e.wistia.com/deliveries/6992339c876a95a37250fbe5b0a0eaecca3018a5/file.jpg?bust=2015-12-29a
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol: HTTP/1.1
Server: 93.184.221.133 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (lha/8D04) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: GET
Origin: http://meddeviceupdates.breaking-news-now.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers: range

Response headers

Date: Tue, 21 Aug 2018 07:28:34 GMT
Access-Control-Request-Method: *
Server: ECAcc (lha/8D04)
Status: 200 OK
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: text/html;charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Range
Content-Length: 0
X-Served-By: bakeryaws-breadroute-sangak

POST
H/1.1 204
No Content x Show response
distillery.wistia.com/ 0
191 B 393ms
197ms XHR
text/plain 54.213.59.188
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://distillery.wistia.com/x
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol: HTTP/1.1
Server: 54.213.59.188 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-213-59-188.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
Origin: http://meddeviceupdates.breaking-news-now.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
Date: Tue, 21 Aug 2018 07:28:34 GMT
cache-control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
S 200 overpassFontFace.js Show response
fast.wistia.com/assets/external/ 37 KB
19 KB 32ms
30ms Script
application/javascript 151.101.14.110
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/overpassFontFace.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.110 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

2a2eac9e02311001779b0d634672eeee38d4c134a1d7f2e95178697f81805c49

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 21 Aug 2018 07:28:34 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 1367
x-cache: HIT, HIT
status: 200
content-length: 19116
x-served-by: cache-sea1032-SEA, cache-fra19127-FRA
access-control-allow-origin: *
x-browser-version: 67
last-modified: Mon, 20 Aug 2018 19:01:06 GMT
x-timer: S1534836514.421087,VS0,VE0
etag: "5b7b0ff2-4aac"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 4

GET
H/1.1 200
OK p2ig2icx0p.vtt
fast.wistia.net/embed/captions/ 2 KB
3 KB 201ms
182ms TextTrack
text/vtt 151.101.114.110
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

http://fast.wistia.net/embed/captions/p2ig2icx0p.vtt?language=ara

Protocol

HTTP/1.1

Server

151.101.114.110 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

1cc464861054e7e0dfe29c1ff0dbceed722b7579d222b0669b75d07cf445cb78

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
Origin: http://meddeviceupdates.breaking-news-now.com

Response headers

Date: Tue, 21 Aug 2018 07:28:34 GMT
Via: 1.1 varnish, 1.1 varnish
X-Content-Type-Options: nosniff
Age: 0
X-Cache: MISS, MISS, MISS
P3P: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
Connection: keep-alive
Content-Length: 2023
X-Request-Id: bba0b760f853218640330c3b0f87dc36
X-Served-By: cache-sea1029-SEA, cache-hhn1525-HHN
X-Runtime: 0.007365
X-Browser-Version: 67
X-Timer: S1534836514.474251,VS0,VE176
Vary: Accept-Encoding,X-Forwarded-Proto,Accept-Language
Strict-Transport-Security: max-age=0
Content-Type: text/vtt; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, no-cache
X-Browser: chrome
X-ECMA-V: modern
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Cache-Hits: 0, 0, 0

GET
DATA 200
OK truncated
/ 24 KB
0 Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 15e911b518667418fd25c7c64193a29ccc949965f14fffa79286a3e5efde4440

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
Origin: http://meddeviceupdates.breaking-news-now.com

Response headers

Access-Control-Allow-Origin: *
Content-Type: application/x-font-ttf;charset=utf-8

GET
H/1.1 206
Partial Content file.jpg Show response
embed-e.wistia.com/deliveries/6992339c876a95a37250fbe5b0a0eaecca3018a5/ 977 KB
977 KB 7ms
6ms XHR
image/png 93.184.221.133
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: http://embed-e.wistia.com/deliveries/6992339c876a95a37250fbe5b0a0eaecca3018a5/file.jpg?bust=2015-12-29a
Protocol: HTTP/1.1
Server: 93.184.221.133 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8E91) /
Resource Hash: 05a0cfecd5fcf1ffb884a21e3f2f4544628fb99636a0541d8343c2acdcba4f5b

Request headers

Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
Origin: http://meddeviceupdates.breaking-news-now.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Range: bytes=80000000-80999999

Response headers

Date: Tue, 21 Aug 2018 07:28:34 GMT
Access-Control-Request-Method: *
X-Cache: HIT
Content-Range: bytes 80000000-80999999/100000000
Content-Length: 1000000
X-Served-By: bakeryaws-breadroute-teacake,bakeryaws-prime-trask
Last-Modified: Tue, 29 Dec 2015 17:34:46 GMT
Server: ECAcc (frc/8E91)
Etag: "ed1d8f09890513d901a56601bc1c5e49"
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
x-amz-version-id: nReF_A5ArnN.bpF7do6KoPUtjM.vxu3Y
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Type: image/png

POST
H/1.1 204
No Content x Show response
distillery.wistia.com/ 0
191 B 198ms
198ms XHR
text/plain 54.213.59.188
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://distillery.wistia.com/x
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol: HTTP/1.1
Server: 54.213.59.188 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-213-59-188.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
Origin: http://meddeviceupdates.breaking-news-now.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
Date: Tue, 21 Aug 2018 07:28:34 GMT
cache-control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200
OK mput Show response
pipedream.wistia.com/ 2 B
312 B 402ms
205ms XHR
text/html 54.201.248.127
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

http://pipedream.wistia.com/mput?topic=metrics

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

HTTP/1.1

Server

54.201.248.127 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-54-201-248-127.us-west-2.compute.amazonaws.com

Software

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
Origin: http://meddeviceupdates.breaking-news-now.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Tue, 21 Aug 2018 07:28:35 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: POST, OPTIONS
Content-Type: text/html;charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 2
X-XSS-Protection: 1; mode=block

GET
S 200 allIntegrations.js Show response
fast.wistia.com/assets/external/ 17 KB
4 KB 6ms
6ms Script
application/javascript 151.101.14.110
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/allIntegrations.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.110 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

134967f6df4a6a99f28b0888d37f73422ea8c849633f643a6fcd737071051f7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: http://meddeviceupdates.breaking-news-now.com/load_training?guid=9bcf44011f&correlation_id=95ea9962-54d2-47c4-9c3b-e7febf44424c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 21 Aug 2018 07:28:35 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 1372
x-cache: HIT, HIT
status: 200
content-length: 4167
x-served-by: cache-sea1023-SEA, cache-fra19127-FRA
access-control-allow-origin: *
x-browser-version: 67
last-modified: Mon, 20 Aug 2018 19:01:06 GMT
x-timer: S1534836515.416736,VS0,VE0
etag: "5b7b0ff2-1047"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 41

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
meddeviceupdates.breaking-news-now.com/	1970-01-19 03:06:12	Name: __distillery Value: 7911322_d9c5c0b6-d60f-4e1c-a36f-21cccb734ef5-c495a0439-b34f06e20c13-0780
meddeviceupdates.breaking-news-now.com/	1969-12-31 23:59:59	Name: loglevel Value: WARN
.breaking-news-now.com/	1970-01-18 18:20:36	Name: _gat Value: 1
.breaking-news-now.com/	1970-01-18 18:22:02	Name: _gid Value: GA1.2.1063317120.1534836512
.breaking-news-now.com/	1970-01-19 11:51:48	Name: _ga Value: GA1.2.918302295.1534836512
meddeviceupdates.breaking-news-now.com/	1969-12-31 23:59:59	Name: link_clicked_9bcf44011f Value: 2
meddeviceupdates.breaking-news-now.com/	1969-12-31 23:59:59	Name: EXFILGUID Value: 9bcf44011f

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
d2wy8f7a9ursnm.cloudfront.net
dataentry.threatsim.com
distillery.wistia.com
embed-e.wistia.com
embed.wistia.com
fast.wistia.com
fast.wistia.net
meddeviceupdates.breaking-news-now.com
pipedream.wistia.com
stats.g.doubleclick.net
ts-uploads.s3.amazonaws.com
tslp.s3.amazonaws.com
www.google-analytics.com
151.101.114.110
151.101.14.110
2.16.186.26
2a00:1450:4001:806::200a
2a00:1450:4001:818::200a
2a00:1450:4001:81a::200e
2a00:1450:400c:c00::9b
34.202.118.251
52.216.16.8
52.216.165.115
52.85.182.131
54.201.248.127
54.213.59.188
54.84.24.164
93.184.221.133
0039a30ddb258ec8dad42579c019721b04623fc0d8434292a254b53ef2f778e9
0227ba52a18f362890495e4a8273db6073de4fa6e56bba020f27e052b88b973d
05a0cfecd5fcf1ffb884a21e3f2f4544628fb99636a0541d8343c2acdcba4f5b
134967f6df4a6a99f28b0888d37f73422ea8c849633f643a6fcd737071051f7c
135804deeac08f3b7ef6dea26bfb8904e19ce3f74f3aac4d50aba7fe12e6e43e
15e911b518667418fd25c7c64193a29ccc949965f14fffa79286a3e5efde4440
161dcf939c7055dd53a1277e32655f33f7b8a7111f232b2995afa7555071bbf2
1cc464861054e7e0dfe29c1ff0dbceed722b7579d222b0669b75d07cf445cb78
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
2a2eac9e02311001779b0d634672eeee38d4c134a1d7f2e95178697f81805c49
313351551b03b0e7c22b82d671dcb58ad4672cde06b2f4413e46f909761576ca
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
74807e869a9facb50ffa482ff479c8f2f6a62aa4c63777d22c36878015b61b21
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
ac381862f3c4723fe0e70ccb951edf2f92a3c3430a3a36d8b2de7b169c736b10
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
bae06f323013a94b766da34246d6439db4b57a1144e7b4f4c6a18848eb7a4cf8
bcb848908b67f2b6864e2fc8bc8e6cab1efbdce186ca3a749e7cce592cc12550
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
d12183924739a0c3a90d68d21aaa347e62a901671d5a836455935dda54bf0caf
dc832bb99984980bdeca85f663c1211e2aef0b8041fe79fdc4431cd9fdeb41a0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fce517e48a56b76d45fd456264b90c82aa6e9ddb578f9f36d844ace5816d9841

meddeviceupdates.breaking-news-now.com Open in urlscan Pro 54.84.24.164 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

83 Requests

48 %HTTPS

27 %IPv6

9 Domains

14 Subdomains

16 IPs

3 Countries

1545 kBTransfer

5872 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

83 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

meddeviceupdates.breaking-news-now.com Open in urlscan Pro
54.84.24.164 Public Scan

Screenshot
Live screenshot

Full Image

83
Requests

48 %
HTTPS

27 %
IPv6

9
Domains

14
Subdomains

16
IPs

3
Countries

1545 kB
Transfer

5872 kB
Size

7
Cookies

83 HTTP transactions
4 data transactions