request.corp-internal.org Open in urlscan Pro
52.49.179.68 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8...
Effective URL:
http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
Submission: On March 16 via manual (March 16th 2022, 4:46:49 pm UTC) from IT — Scanned from IT

Summary HTTP 127 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 8 domains to perform 127 HTTP transactions. The main IP is 52.49.179.68, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is request.corp-internal.org.

This is the only time request.corp-internal.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
80	52.49.179.68 52.49.179.68	16509 (AMAZON-02) (AMAZON-02)
34	52.216.25.140 52.216.25.140	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:fb:... 2a02:26f0:fb:59a::196	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	13.227.211.71 13.227.211.71	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
2	162.247.243.147 162.247.243.147	13335 (CLOUDFLAR...) (CLOUDFLARENET)
127	10

80 52.49.179.68 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

request.corp-internal.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 52.216.25.140 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

tslp.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:fb:59a::196 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

java.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.227.211.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-211-71.ams54.r.cloudfront.net

d2wy8f7a9ursnm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.147 (United States)

ASN13335 (CLOUDFLARENET, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
80	corp-internal.org request.corp-internal.org	160 KB
34	amazonaws.com tslp.s3.amazonaws.com — Cisco Umbrella Rank: 221810	643 KB
3	gstatic.com fonts.gstatic.com	69 KB
2	nr-data.net bam-cell.nr-data.net — Cisco Umbrella Rank: 309	1 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35 ajax.googleapis.com — Cisco Umbrella Rank: 251	84 KB
2	cloudfront.net d2wy8f7a9ursnm.cloudfront.net	7 KB
2	java.com java.com — Cisco Umbrella Rank: 29682	12 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 306	18 KB
127	8

	Domain	Requested by
80	request.corp-internal.org	request.corp-internal.org
34	tslp.s3.amazonaws.com	request.corp-internal.org
3	fonts.gstatic.com	fonts.googleapis.com
2	bam-cell.nr-data.net	request.corp-internal.org
2	d2wy8f7a9ursnm.cloudfront.net	request.corp-internal.org
2	java.com	request.corp-internal.org
1	js-agent.newrelic.com	request.corp-internal.org
1	ajax.googleapis.com	request.corp-internal.org
1	fonts.googleapis.com	request.corp-internal.org
127	9

This site contains links to these domains. Also see Links.

Domain
www.wombatsecurity.com

Subject Issuer	Validity	Valid
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-12-13` - `2022-12-13`	a year	crt.sh
www.java.com DigiCert SHA2 Extended Validation Server CA	`2022-02-03` - `2023-01-25`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
Frame ID: 367D40F615C2932F8B7CA7EC3BB51EA7
Requests: 127 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PHISHING 101

Page URL History Show full URLs

http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_... Page URL
http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5... Page URL

Detected technologies

BugSnag (Analytics) Expand

Overall confidence: 100%
Detected patterns

/bugsnag.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

127
Requests

28 %
HTTPS

44 %
IPv6

8
Domains

9
Subdomains

10
IPs

3
Countries

993 kB
Transfer

1205 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.wombatsecurity.com/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$ Page URL
http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

127 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK a4db53a3c6975777 Show response
request.corp-internal.org/ 35 KB
12 KB 177ms
69ms Document
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

10de3a6673ae6a601f8dcdc2fe03ac5eef2d28c9a8a24fd9e74a1fd5189a50f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: it-IT,it;q=0.9

Response headers

Date: Wed, 16 Mar 2022 16:46:43 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
ETag: W/"10de3a6673ae6a601f8dcdc2fe03ac5e"
Cache-Control: max-age=0, private, must-revalidate
X-Request-Id: 84f9b876-9ae0-47fb-a948-c7b9bef2beff
X-Runtime: 0.015102
X-Host-Info: lw-prod-eu-i-05b83385bbc433ffa ; 93054444294e281c2315830ff4b3856ef4a48b93
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

GET alt_pixel_click_db53a69757.gif
request.corp-internal.org/ 0
0

GET
H/1.1 200
OK plugin_detect.js Show response
tslp.s3.amazonaws.com/detect/ 49 KB
49 KB 460ms
129ms Script
text/javascript 52.216.25.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=db53a69757&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
Requested by: Host: request.corp-internal.org
URL: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.25.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:45 GMT
Last-Modified: Wed, 15 Feb 2017 17:56:07 GMT
Server: AmazonS3
x-amz-request-id: WWSGRTWAF0DKFGG5
ETag: "00a513f07603df01e3b99be00f370754"
Content-Type: text/javascript
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 50085
x-amz-id-2: qnW+Frc/6yW1pS9/TUgfaR3i7JeFiiEJ0Lo7exnVh1xIrCFL3qGHWY+NjpDMO6oLwwKs5kVHwkw=

GET
H/1.1 200
OK java.js Show response
tslp.s3.amazonaws.com/detect/ 50 KB
50 KB 470ms
139ms Script
text/javascript 52.216.25.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/java.js?guid=db53a69757&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
Requested by: Host: request.corp-internal.org
URL: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.25.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4805fc6abdad8075af2165e241b781c3073d4769ae725e4004bf79064acb5f24

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:45 GMT
Last-Modified: Wed, 15 Feb 2017 14:38:28 GMT
Server: AmazonS3
x-amz-request-id: WWSTGZZQ6822YK8J
ETag: "2bec0061039dc3fb25fc20aaf611d5b9"
Content-Type: text/javascript
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 50717
x-amz-id-2: EvqvBQjZpbRFd+mVT2+LEl/a8d98pVl7IvVTrtkENOcIeTin1FwHOcn67leo/Kc44ySNzg8dbWA=

GET
H2 200 deployJava.js Show response
java.com/js/ 18 KB
6 KB 502ms
160ms Script
application/javascript 2a02:26f0:fb:59a::196
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://java.com/js/deployJava.js

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:59a::196 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

358bb442f5d81ddc8e393d922458a9d84010efee2c346763ae87a45be92224d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 16:46:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
etag: D07B023847CD4DC5C4ED4AB4FC46AD47BDD6E99A0663:19
vary: Accept-Encoding
x-oracle-dms-ecid: 70a95e0d-f83e-4ae3-b228-b8b037fd3570-04432260
content-type: application/javascript
x-oracle-dms-rid: 0
cache-control: public, max-age=86400
content-disposition: attachment; filename="deployJava.js";filename*=UTF-8''deployJava.js
server-timing: cdn-cache; desc=HIT, edge; dur=13
content-length: 5512
x-xss-protection: 1
expires: Thu, 17 Mar 2022 16:46:44 GMT

GET
H/1.1 200
OK flash.js Show response
tslp.s3.amazonaws.com/detect/ 7 KB
7 KB 471ms
134ms Script
text/javascript 52.216.25.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/flash.js?guid=db53a69757&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
Requested by: Host: request.corp-internal.org
URL: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.25.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: a26d01d5912459798481786640dc44fd7605d09f2f9e6dd24720205efcab6861

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:45 GMT
Last-Modified: Wed, 15 Feb 2017 03:54:01 GMT
Server: AmazonS3
x-amz-request-id: WWSXHWCFF9RGR1F0
ETag: "f9ad9a096894ba248e4a1f73e7eba1be"
Content-Type: text/javascript
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 6680
x-amz-id-2: CC27GC/MU1xximC+gYJtbjkhKWs3tTzLJPx+VhOG6TKbROhVaXFPfP4voe9ciLQiK6sr0n6CpJk=

GET
H/1.1 200
OK pdf.js Show response
tslp.s3.amazonaws.com/detect/ 22 KB
23 KB 478ms
137ms Script
text/javascript 52.216.25.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/pdf.js?guid=db53a69757&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
Requested by: Host: request.corp-internal.org
URL: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.25.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d9b7c6163477008469af64b211e2dbd4f4171b85b51e3714f11c99f9ba2c32f9

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:45 GMT
Last-Modified: Wed, 15 Feb 2017 14:39:34 GMT
Server: AmazonS3
x-amz-request-id: WWSVV69NJXHHJNXF
ETag: "0d5882d41c8b6e40059c8d9acbcf1518"
Content-Type: text/javascript
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 22855
x-amz-id-2: mAMn71N6/2aPnBC977KWc07R1VcASM9/VZC3AxEHKtWqSJQDkFBIDEwwjqkM+sWgCuwdnw11YYQ=

GET
H/1.1 200
OK quicktime.js Show response
tslp.s3.amazonaws.com/detect/ 7 KB
7 KB 493ms
146ms Script
text/javascript 52.216.25.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/quicktime.js?guid=db53a69757&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
Requested by: Host: request.corp-internal.org
URL: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.25.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6ae53963f41133561c78b4332b564c01f551c471cd91d980436a9f5dacdd8f19

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:45 GMT
Last-Modified: Wed, 15 Feb 2017 14:41:05 GMT
Server: AmazonS3
x-amz-request-id: WWSNAY0G7ECP6WZ3
ETag: "ee73f2f47d51116dc40b85a6b57eaf20"
Content-Type: text/javascript
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 6999
x-amz-id-2: 30+6jUXKV/aXtmZni0MBXyTEt+IjjXpJmFB8SXWjo3oRdtygKthQBz3GYBC7vspESDHRcz3ZsfY=

GET
H/1.1 200
OK realplayer.js Show response
tslp.s3.amazonaws.com/detect/ 10 KB
10 KB 503ms
143ms Script
text/javascript 52.216.25.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/realplayer.js?guid=db53a69757&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
Requested by: Host: request.corp-internal.org
URL: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.25.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 88be902cc76b5ec1ec932b6ae93457b6b0ca69d7a36bfadefc2f24db225dc238

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:45 GMT
Last-Modified: Wed, 15 Feb 2017 14:45:02 GMT
Server: AmazonS3
x-amz-request-id: WWSG4ERHZ01F9ZZX
ETag: "3d7be656672c16a34806c13388410325"
Content-Type: text/javascript
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 9775
x-amz-id-2: 7rNfjkNnRGnTqEgBIM6ruDcT8vRWzkRfyREv07knCbRxbV6AQF/iGxi/3NP42zk7uoCNKwUaa1s=

GET
H/1.1 200
OK silverlight.js Show response
tslp.s3.amazonaws.com/detect/ 4 KB
5 KB 123ms
123ms Script
text/javascript 52.216.25.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/silverlight.js?guid=db53a69757&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
Requested by: Host: request.corp-internal.org
URL: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.25.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0730a7e6770925fa4232096e4d9874514985ec791a63fe873f0e4e3cd7722381

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:45 GMT
Last-Modified: Wed, 15 Feb 2017 18:00:03 GMT
Server: AmazonS3
x-amz-request-id: WWSVNVXS3B1J33TV
ETag: "e6dd596d2bc204ea573b868b92028c26"
Content-Type: text/javascript
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 4234
x-amz-id-2: HQyL0g/66WxeAQQsrbbyqOlJmN+o67Cuam22aL0y2Ngw8/Aab1iKIgOXZsc2BJ8GzKeEKnsTJwo=

GET
H/1.1 200
OK wmp.js Show response
tslp.s3.amazonaws.com/detect/ 6 KB
6 KB 132ms
131ms Script
text/javascript 52.216.25.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/wmp.js?guid=db53a69757&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
Requested by: Host: request.corp-internal.org
URL: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.25.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: cdb16ca3ddd3cead71121799751fa80d3033375abcdbc5fc84d35fb82c7fc9de

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:45 GMT
Last-Modified: Wed, 15 Feb 2017 15:07:14 GMT
Server: AmazonS3
x-amz-request-id: WWSVCF0FMMA5HTPK
ETag: "ffd2cc77bb64d40beeb5d561fffe1f79"
Content-Type: text/javascript
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 5941
x-amz-id-2: 7zVXKtDh2DblQkFdtWWxLH14lTp6Gx1T2OKSGMJW8nOernxMrA++U27PHcoNwbJg36EN+rN/rF0=

GET
H/1.1 200
OK bugsnag-2.min.js Show response
d2wy8f7a9ursnm.cloudfront.net/ 6 KB
3 KB 82ms
37ms Script
application/javascript 13.227.211.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
Requested by: Host: request.corp-internal.org
URL: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$
Protocol: HTTP/1.1
Server: 13.227.211.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-211-71.ams54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 03:25:23 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 10 Aug 2016 00:30:49 GMT
Server: AmazonS3
Age: 134506
ETag: "6103bb5e4ec6141e19e1100caafc780c"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 f655cacd0d6f7c5dc935ea687af6f3c0.cloudfront.net (CloudFront)
Cache-Control: public, max-age=604800
X-Amz-Cf-Pop: AMS54-C1
Accept-Ranges: bytes
Content-Length: 2962
X-Amz-Cf-Id: S9UrygTxjdR1eUXCPAavOsnnHadxfgp8Ie1q6Ca1TQxl_G3sbn6EfA==

GET
H/1.1 200
OK jquery.min.js Show response
request.corp-internal.org/assets/ajax/libs/jquery/1.9.1/ 90 KB
32 KB 55ms
55ms Script
application/javascript 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://request.corp-internal.org/assets/ajax/libs/jquery/1.9.1/jquery.min.js
Requested by: Host: request.corp-internal.org
URL: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$
Protocol: HTTP/1.1
Server: 52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-179-68.eu-west-1.compute.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:43 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Feb 2022 13:36:16 GMT
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK all.js Show response
request.corp-internal.org/assets/ 28 KB
7 KB 106ms
54ms Script
application/javascript 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://request.corp-internal.org/assets/all.js?g=db53a69757
Requested by: Host: request.corp-internal.org
URL: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$
Protocol: HTTP/1.1
Server: 52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-179-68.eu-west-1.compute.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: 39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:44 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Feb 2022 13:35:57 GMT
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Content-Length: 7191
Expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H/1.1 200
OK browser_post Show response
request.corp-internal.org/secure/ 0
716 B 62ms
62ms XHR
image/gif 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

http://request.corp-internal.org/secure/browser_post

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: XQ4GVVFACQAAU1VQDwQHUw==
tracestate: 1506924@nr=0-1-98147-1307432040-34786eb602b7f1e7----1647449204671
traceparent: 00-3a08554098039d74c4542fd7d3ed7d10-34786eb602b7f1e7-01
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6Ijk4MTQ3IiwiYXAiOiIxMzA3NDMyMDQwIiwiaWQiOiIzNDc4NmViNjAyYjdmMWU3IiwidHIiOiIzYTA4NTU0MDk4MDM5ZDc0YzQ1NDJmZDdkM2VkN2QxMCIsInRpIjoxNjQ3NDQ5MjA0NjcxLCJ0ayI6IjE1MDY5MjQifX0=
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: */*
Referer: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$
X-Requested-With: XMLHttpRequest

Response headers

Date: Wed, 16 Mar 2022 16:46:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 63a8aa39-2da7-4c90-99c5-3bc4613dbc7b
X-Runtime: 0.007708
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0c6c04771e443e757, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding, Accept
Content-Type: image/gif; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 55ms
54ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=db53a69757&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 1280b890-4a94-47d9-a7dd-22333494616f
X-Runtime: 0.002387
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0319bb55abd34bb33, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 101ms
53ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=db53a69757&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: d180122b-482a-45e8-9b0f-6a064db4a75c
X-Runtime: 0.002343
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-06ea2245f27261543, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 101ms
51ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=db53a69757&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 1377215c-2056-44a7-90e1-ed5e2ae1c16d
X-Runtime: 0.002052
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-05b83385bbc433ffa, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 103ms
54ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=db53a69757&msg=BrowserDetect%20-%20browser%20%3D%20Chrome&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: a39c77b2-4fee-440f-9c6b-68f9fbcf71d8
X-Runtime: 0.002313
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0319bb55abd34bb33, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 102ms
53ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=db53a69757&msg=BrowserDetect%20-%20browser_version%20%3D%2099&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 7f3fb01f-471a-4d28-9649-f82a71515ede
X-Runtime: 0.002303
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0c6c04771e443e757, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 53ms
52ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=db53a69757&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 0ff33fd6-1d3e-45d3-b767-9c7cfe7a3326
X-Runtime: 0.001883
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-05b83385bbc433ffa, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 56ms
56ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=db53a69757&msg=BrowserDetect%20-%20os_version%20%3D%2010&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 1f7b7385-1d23-4018-a443-782968402d00
X-Runtime: 0.002072
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0319bb55abd34bb33, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 52ms
52ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=db53a69757&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 2d59321e-cdd1-42e2-b4d3-4ccf8a662b90
X-Runtime: 0.002314
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0c6c04771e443e757, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 53ms
53ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=db53a69757&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 5ee9cf68-d7a7-4797-aa09-53c34a7b903b
X-Runtime: 0.002548
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-06ea2245f27261543, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 55ms
54ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=db53a69757&msg=BrowserDetect%20-%20width%20%3D%201600&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: d9af6aab-f3d7-493c-b99f-84de315d72fb
X-Runtime: 0.002369
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-05b83385bbc433ffa, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 54ms
53ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=db53a69757&msg=BrowserDetect%20-%20height%20%3D%201200&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 6f7cf335-13e3-423f-b2af-b0bff00c0168
X-Runtime: 0.002316
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0319bb55abd34bb33, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 54ms
54ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=db53a69757&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Plugin&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 7fd895a7-b240-44d6-9b03-ff246946c5dd
X-Runtime: 0.002269
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-06ea2245f27261543, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 56ms
56ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=db53a69757&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Viewer&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: e1f4672c-c53a-4a7c-962c-7ccf75522a5c
X-Runtime: 0.002295
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-05b83385bbc433ffa, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 55ms
54ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=db53a69757&msg=BrowserDetect%20-%20plugin%20Native%20Client&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 089a0a69-7415-4ed6-ba8c-906c96b11eb7
X-Runtime: 0.001980
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0319bb55abd34bb33, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 52ms
52ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=db53a69757&msg=Chrome%20browser%2C%20using%20more%20detailed%20version&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 4831ae1a-1ac9-4550-9dcf-59a59c27e05e
X-Runtime: 0.001915
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0c6c04771e443e757, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 54ms
53ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=db53a69757&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 0e7a5ed7-95d0-45c8-a909-8c04fab02dd2
X-Runtime: 0.002293
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-06ea2245f27261543, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 57ms
56ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=db53a69757&msg=java_version_pl%20%3D%20unknown&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 331fb70c-e8d7-49f0-a29e-5423c594c42b
X-Runtime: 0.002213
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-05b83385bbc433ffa, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 58ms
57ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=db53a69757&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 7af6f6fe-ae4e-43de-9ffd-c07829bceee2
X-Runtime: 0.001782
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0c6c04771e443e757, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 57ms
57ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=db53a69757&msg=java_version_jres%20%3D%20unknown&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 8e9019af-74e6-4558-a1c0-3b27a7ca22ee
X-Runtime: 0.002159
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-06ea2245f27261543, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 55ms
54ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=db53a69757&msg=java_version%20%3D%20undefined&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 2704654f-d1ff-445c-a6e7-a77ce169e011
X-Runtime: 0.002354
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0319bb55abd34bb33, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 57ms
57ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=db53a69757&msg=Loading%20flash%20version&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 14c759ec-14b9-4b7d-8153-6f13c91ed24f
X-Runtime: 0.002750
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-05b83385bbc433ffa, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 53ms
53ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=db53a69757&msg=flash%20%3D%20unknown&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 7c7df796-611a-436f-83bb-4969787fb55d
X-Runtime: 0.001897
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0c6c04771e443e757, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 56ms
56ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=db53a69757&msg=Loading%20pdf%20version&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 69535837-0270-42ca-a267-d740de116e58
X-Runtime: 0.002427
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-06ea2245f27261543, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 57ms
57ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=db53a69757&msg=Could%20not%20find%20AdobeReader%20version&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 2e38ba27-8202-483e-ab6b-a3e8c34ce4a8
X-Runtime: 0.002174
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0319bb55abd34bb33, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 55ms
54ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=db53a69757&msg=pdf%20%3D%20unknown&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 3dffa296-cfd0-406b-8585-525bf1acb51e
X-Runtime: 0.001790
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0c6c04771e443e757, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 54ms
54ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=db53a69757&msg=Loading%20quicktime%20version&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: cc4b6a53-8d33-4a7f-a7b7-27e86ed74488
X-Runtime: 0.002324
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-05b83385bbc433ffa, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 58ms
57ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=db53a69757&msg=quicktime%20%3D%20unknown&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: b47af5b9-f0ee-41a7-8094-d99f3b6fffc8
X-Runtime: 0.002319
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-06ea2245f27261543, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 54ms
54ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=db53a69757&msg=Loading%20RealPlayer%20version&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: a9742e7c-d225-411f-98cd-f7fabf6d7b3b
X-Runtime: 0.002335
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0319bb55abd34bb33, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 57ms
57ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=db53a69757&msg=realplayer%20%3D%20unknown&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 9fb03edd-58d5-4c96-a551-fa4cc98373c6
X-Runtime: 0.002232
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0c6c04771e443e757, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 58ms
58ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=db53a69757&msg=Loading%20Silverlight%20version&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 2ae46e57-40e8-47d9-9379-21b6b5c6212d
X-Runtime: 0.002257
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-05b83385bbc433ffa, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 55ms
55ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=db53a69757&msg=silverlight%20%3D%20unknown&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 930d2eb5-14de-4c8f-99fe-505b901778d5
X-Runtime: 0.002033
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0319bb55abd34bb33, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 53ms
53ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=db53a69757&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 7d1d2cec-99ac-45f8-8114-ebd5c18b3876
X-Runtime: 0.002308
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-06ea2245f27261543, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 53ms
53ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=db53a69757&msg=wmp%20%3D%20unknown&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: c6b497ce-da48-44d0-9efe-2f5c0a3b1736
X-Runtime: 0.002409
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-05b83385bbc433ffa, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 57ms
57ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=db53a69757&msg=redirecting%20to%20%2Fload_training%3Fguid%3D47db53a9469757a5%26correlation_id%3Dc8ab907e-c806-4448-90ab-5773a5865c47&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: c394b2d7-4041-4e45-be85-82bf88cc12f0
X-Runtime: 0.002342
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0c6c04771e443e757, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 61ms
60ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=db53a69757&msg=browser_post_successful&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 71d27bb9-9fd6-42d7-8dc3-0d94fb3b4862
X-Runtime: 0.002326
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0319bb55abd34bb33, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK Primary Request load_training Show response
request.corp-internal.org/ 53 KB
18 KB 70ms
69ms Document
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/assets/all.js?g=db53a69757

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

0ada961fe0cbc2f8b3f2f54561ec6a8921d81ccc709888873f8d7c07f20a84ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/a4db53a3c6975777?l=21__;!!OjemSMKBgg!xRsLSqLL9vFZK6qhT1-VezGMcix5aF2fxE38vL_8W-1KBujWs_PAq2syOg8-Z9vh$

Response headers

Date: Wed, 16 Mar 2022 16:46:45 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
ETag: W/"0ada961fe0cbc2f8b3f2f54561ec6a89"
Cache-Control: max-age=0, private, must-revalidate
X-Request-Id: 38c0030d-25d2-4d4c-b51a-e32ebf613498
X-Runtime: 0.015234
X-Host-Info: lw-prod-eu-i-06ea2245f27261543 ; 93054444294e281c2315830ff4b3856ef4a48b93
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

GET
H2 200 css
fonts.googleapis.com/ 2 KB
916 B 153ms
77ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,900

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

baf5ae1d3bbf736d5936b49d47b2cb3d9ba9557886bb3ee6f2b5a23aa689e257

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 16:13:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 16 Mar 2022 16:46:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Mar 2022 16:46:45 GMT

GET
H/1.1 200
OK bugsnag-2.min.js Show response
d2wy8f7a9ursnm.cloudfront.net/ 6 KB
3 KB 37ms
37ms Script
application/javascript 13.227.211.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
Requested by: Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
Protocol: HTTP/1.1
Server: 13.227.211.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-211-71.ams54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 03:25:23 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 10 Aug 2016 00:30:49 GMT
Server: AmazonS3
Age: 134507
ETag: "6103bb5e4ec6141e19e1100caafc780c"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 f655cacd0d6f7c5dc935ea687af6f3c0.cloudfront.net (CloudFront)
Cache-Control: public, max-age=604800
X-Amz-Cf-Pop: AMS54-C1
Accept-Ranges: bytes
Content-Length: 2962
X-Amz-Cf-Id: AtaBn9hL3Z1aIkb--_vqQc8uQr70PiZtKsA4SuTmVszohkow1e_mTQ==

GET
H/1.1 200
OK jquery.min.js Show response
request.corp-internal.org/assets/ajax/libs/jquery/1.11.0/ 94 KB
33 KB 55ms
55ms Script
application/javascript 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://request.corp-internal.org/assets/ajax/libs/jquery/1.11.0/jquery.min.js
Requested by: Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
Protocol: HTTP/1.1
Server: 52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-179-68.eu-west-1.compute.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:45 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Feb 2022 13:35:57 GMT
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK plugin_detect.js Show response
tslp.s3.amazonaws.com/detect/ 49 KB
49 KB 120ms
119ms Script
text/javascript 52.216.25.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=db53a69757&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
Requested by: Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.25.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:46 GMT
Last-Modified: Wed, 15 Feb 2017 17:56:07 GMT
Server: AmazonS3
x-amz-request-id: Z44VJ9EYT5WTAEDT
ETag: "00a513f07603df01e3b99be00f370754"
Content-Type: text/javascript
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 50085
x-amz-id-2: bgwnyXClFvICnchM1QrJsePI53j38VW5beeSLNU5LS/33dUF1AKQSYd2VqFISc6lrF0ra+g+Nlo=

GET
H/1.1 200
OK java.js Show response
tslp.s3.amazonaws.com/detect/ 50 KB
50 KB 124ms
124ms Script
text/javascript 52.216.25.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/java.js?guid=db53a69757&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
Requested by: Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.25.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4805fc6abdad8075af2165e241b781c3073d4769ae725e4004bf79064acb5f24

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:46 GMT
Last-Modified: Wed, 15 Feb 2017 14:38:28 GMT
Server: AmazonS3
x-amz-request-id: Z44Y221RH5MNQ0AG
ETag: "2bec0061039dc3fb25fc20aaf611d5b9"
Content-Type: text/javascript
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 50717
x-amz-id-2: xpAHfbl7fP6DwfK86xmUsUK07CKu0I3ZudEJ59B3xujSkbrd4RPjURI0o/OUYYWVJI044+yfJVg=

GET
H2 200 deployJava.js Show response
java.com/js/ 18 KB
6 KB 38ms
37ms Script
application/javascript 2a02:26f0:fb:59a::196
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://java.com/js/deployJava.js

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:59a::196 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

358bb442f5d81ddc8e393d922458a9d84010efee2c346763ae87a45be92224d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 16:46:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
etag: D07B023847CD4DC5C4ED4AB4FC46AD47BDD6E99A0663:19
vary: Accept-Encoding
x-oracle-dms-ecid: 70a95e0d-f83e-4ae3-b228-b8b037fd3570-04432260
content-type: application/javascript
x-oracle-dms-rid: 0
cache-control: public, max-age=86400
content-disposition: attachment; filename="deployJava.js";filename*=UTF-8''deployJava.js
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 5512
x-xss-protection: 1
expires: Thu, 17 Mar 2022 16:46:45 GMT

GET
H/1.1 200
OK flash.js Show response
tslp.s3.amazonaws.com/detect/ 7 KB
7 KB 138ms
137ms Script
text/javascript 52.216.25.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/flash.js?guid=db53a69757&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
Requested by: Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.25.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: a26d01d5912459798481786640dc44fd7605d09f2f9e6dd24720205efcab6861

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:46 GMT
Last-Modified: Wed, 15 Feb 2017 03:54:01 GMT
Server: AmazonS3
x-amz-request-id: Z44HY9P67M002GCX
ETag: "f9ad9a096894ba248e4a1f73e7eba1be"
Content-Type: text/javascript
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 6680
x-amz-id-2: y+sbt3OQ0kNplh00qIyuTWidWGqp1IFdHMt4HxI+4mkVqNwUX91QOrv3AS4kSjKjr2yV8ynzeLg=

GET
H/1.1 200
OK pdf.js Show response
tslp.s3.amazonaws.com/detect/ 22 KB
23 KB 123ms
123ms Script
text/javascript 52.216.25.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/pdf.js?guid=db53a69757&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
Requested by: Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.25.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d9b7c6163477008469af64b211e2dbd4f4171b85b51e3714f11c99f9ba2c32f9

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:46 GMT
Last-Modified: Wed, 15 Feb 2017 14:39:34 GMT
Server: AmazonS3
x-amz-request-id: Z44M7AVN8HTYWWFD
ETag: "0d5882d41c8b6e40059c8d9acbcf1518"
Content-Type: text/javascript
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 22855
x-amz-id-2: PE7uSaKUAEGlo9RCKiySyYdFnVRCNaQxsiyMxVSUmwvEBU8iH/W5luUP0dm8zNkta6vpmxol0Y0=

GET
H/1.1 200
OK quicktime.js Show response
tslp.s3.amazonaws.com/detect/ 7 KB
7 KB 129ms
129ms Script
text/javascript 52.216.25.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/quicktime.js?guid=db53a69757&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
Requested by: Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.25.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6ae53963f41133561c78b4332b564c01f551c471cd91d980436a9f5dacdd8f19

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:46 GMT
Last-Modified: Wed, 15 Feb 2017 14:41:05 GMT
Server: AmazonS3
x-amz-request-id: Z44KPRKEKT1293ZN
ETag: "ee73f2f47d51116dc40b85a6b57eaf20"
Content-Type: text/javascript
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 6999
x-amz-id-2: /UNwHTXqgthRDtM7Qia4lPfrD8n1mFk10CedpZL8l9HJcVaZW7xbz80NEL6b3gA0//4uvnqJnsg=

GET
H/1.1 200
OK realplayer.js Show response
tslp.s3.amazonaws.com/detect/ 10 KB
10 KB 138ms
138ms Script
text/javascript 52.216.25.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/realplayer.js?guid=db53a69757&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
Requested by: Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.25.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 88be902cc76b5ec1ec932b6ae93457b6b0ca69d7a36bfadefc2f24db225dc238

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:46 GMT
Last-Modified: Wed, 15 Feb 2017 14:45:02 GMT
Server: AmazonS3
x-amz-request-id: Z44QQ1H86GMZA5TQ
ETag: "3d7be656672c16a34806c13388410325"
Content-Type: text/javascript
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 9775
x-amz-id-2: x/82laIl/6BkgPK8WXQaeCP6h/WM5XfPiub2uS3rv9EiALsr7FPhhKAWg2x5WE4DILlB+ZpNiOo=

GET
H/1.1 200
OK silverlight.js Show response
tslp.s3.amazonaws.com/detect/ 4 KB
5 KB 241ms
117ms Script
text/javascript 52.216.25.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/silverlight.js?guid=db53a69757&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
Requested by: Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.25.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0730a7e6770925fa4232096e4d9874514985ec791a63fe873f0e4e3cd7722381

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:46 GMT
Last-Modified: Wed, 15 Feb 2017 18:00:03 GMT
Server: AmazonS3
x-amz-request-id: Z44VP0B6C5VEKPBF
ETag: "e6dd596d2bc204ea573b868b92028c26"
Content-Type: text/javascript
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 4234
x-amz-id-2: LhdLDg64CrBvLm9GKIdilcxhDMftodih48j/G09UplWzbaMR88YudnztEzUID5kzJHbtxh03daQ=

GET
H/1.1 200
OK wmp.js Show response
tslp.s3.amazonaws.com/detect/ 6 KB
6 KB 249ms
121ms Script
text/javascript 52.216.25.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/wmp.js?guid=db53a69757&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
Requested by: Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.25.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: cdb16ca3ddd3cead71121799751fa80d3033375abcdbc5fc84d35fb82c7fc9de

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:46 GMT
Last-Modified: Wed, 15 Feb 2017 15:07:14 GMT
Server: AmazonS3
x-amz-request-id: Z44ZRAHRW0K10M59
ETag: "ffd2cc77bb64d40beeb5d561fffe1f79"
Content-Type: text/javascript
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 5941
x-amz-id-2: 1mUsUgUEypcxL2JEphshvJ4SLpa5Hkj6zd+VKUZKyTTlEU5u9ZgHvhqaAx+zHl5MqvXRIxLV9+0=

GET
H/1.1 200
OK logo-to-replace.svg
tslp.s3.amazonaws.com/training/basic_phishing_training/ 1 KB
2 KB 132ms
131ms Image
image/svg+xml 52.216.25.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tslp.s3.amazonaws.com/training/basic_phishing_training/logo-to-replace.svg
Requested by: Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.25.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 33c9e0aa683893d7bc5ae20735a275d00f1fb740e416c244191b543cd6f1a74a

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:47 GMT
Last-Modified: Thu, 14 Nov 2019 18:45:07 GMT
Server: AmazonS3
x-amz-request-id: CVBBPX8V56J1FB7X
ETag: "239e03691a10c89bb850d10173718a69"
Content-Type: image/svg+xml
x-amz-version-id: G_HQdI5CS2udyHFsQCouamff8AawAyQY
Accept-Ranges: bytes
Content-Length: 1259
x-amz-id-2: jL89fXTX02wqWEaOcGekm4EEDOgpMx7qgYGGLpAkrX7kRtWRmgx9VEcRF1zqdp4rK1RyiYao97g=

GET
H/1.1 200
OK how-it-works-01.png
tslp.s3.amazonaws.com/training/basic_phishing_training/ 34 KB
35 KB 133ms
132ms Image
image/png 52.216.25.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tslp.s3.amazonaws.com/training/basic_phishing_training/how-it-works-01.png
Requested by: Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.25.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2da59317e2f0fa43a6f4eb835a0e63f16e6327fae2601dca409059671f0953a1

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:47 GMT
Last-Modified: Thu, 14 Nov 2019 18:45:08 GMT
Server: AmazonS3
x-amz-request-id: CVB43PVNVJM67BBK
ETag: "17d02b27764c194174949bade4bd7282"
Content-Type: image/png
x-amz-version-id: KTAmMhhGMfyJSB7xp4Vm5CqvoRTZpBMl
Accept-Ranges: bytes
Content-Length: 35149
x-amz-id-2: ARtGK5AUdhafaDxDSO1KJIcAGc2k+vQMa9bwDF0MYETJgXZV8H45OeM6Vxi2N+Ukax3zJcVXKyQ=

GET
H/1.1 200
OK how-it-works-02.png
tslp.s3.amazonaws.com/training/basic_phishing_training/ 24 KB
25 KB 138ms
137ms Image
image/png 52.216.25.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tslp.s3.amazonaws.com/training/basic_phishing_training/how-it-works-02.png
Requested by: Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.25.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: f923049d4481003d039447fbfd735eecfb231c27ed8aa45f895909a4c25c1773

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:47 GMT
Last-Modified: Thu, 14 Nov 2019 18:45:07 GMT
Server: AmazonS3
x-amz-request-id: CVB2PW1ZE1GJKQ5W
ETag: "b0ff373e614eb9be6b2f83c7d43af396"
Content-Type: image/png
x-amz-version-id: 9LNkkyXHrqzW2bCw_pPPADoz2GMUqiHb
Accept-Ranges: bytes
Content-Length: 24751
x-amz-id-2: 0LmWG5c11mS5Y2Eheq0QRKhxbNthjfao2c7j8HIfrc21BFcgWW5/SyM0ismQBl7A1zF3svc1TN4=

GET
H/1.1 200
OK how-it-works-03.png
tslp.s3.amazonaws.com/training/basic_phishing_training/ 25 KB
26 KB 140ms
139ms Image
image/png 52.216.25.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tslp.s3.amazonaws.com/training/basic_phishing_training/how-it-works-03.png
Requested by: Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.25.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: c8f97b01d2e7ab26485c094fe3b7d87eca76256dff3baba9613ff0502e69fa66

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:47 GMT
Last-Modified: Thu, 14 Nov 2019 18:45:07 GMT
Server: AmazonS3
x-amz-request-id: CVB8RTG0Z0K7V13C
ETag: "7c7f0d45ded698440d05c9a59faceaf0"
Content-Type: image/png
x-amz-version-id: 25m4O3FuOzCRA1NvR13PefXF9VEubBX6
Accept-Ranges: bytes
Content-Length: 26021
x-amz-id-2: HXMbiXYxTmhaRIly4GE+tvkw9Z6rlBwlhQ3FAp3GiGllXTHe0IYHsbhwBYjNeWdBv/Nh5np+u8k=

GET
H/1.1 200
OK how-it-works-04.png
tslp.s3.amazonaws.com/training/basic_phishing_training/ 28 KB
28 KB 135ms
134ms Image
image/png 52.216.25.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tslp.s3.amazonaws.com/training/basic_phishing_training/how-it-works-04.png
Requested by: Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.25.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 35f3829fcb985ffd25778fccfbeba9600a2d787b3dfe4b32fd090f5ad17b9ba3

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:47 GMT
Last-Modified: Thu, 14 Nov 2019 18:45:08 GMT
Server: AmazonS3
x-amz-request-id: CVB02NY64GBNWVJN
ETag: "836480a3bdc0cd940f76835911acf888"
Content-Type: image/png
x-amz-version-id: 4XH.2wcP1LFOE14TK4Qh2SJ18bUcRbTa
Accept-Ranges: bytes
Content-Length: 28667
x-amz-id-2: kFrBdWJFbhMNR4fo1NEVbDw7cg6ivxqZOuuy5K7fXYidUgvACZ3rtjz3l72oqGeYR8EiGhOOAcc=

GET
H/1.1 200
OK how-it-works-05.png
tslp.s3.amazonaws.com/training/basic_phishing_training/ 24 KB
25 KB 234ms
121ms Image
image/png 52.216.25.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tslp.s3.amazonaws.com/training/basic_phishing_training/how-it-works-05.png
Requested by: Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.25.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d43980cdc0221392e0426ac33c54195ed793a5f1f936639507cd1c22922cc423

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:47 GMT
Last-Modified: Thu, 14 Nov 2019 18:45:07 GMT
Server: AmazonS3
x-amz-request-id: CVB2103KNSN274Z2
ETag: "c7a95b34e584640c0b01ed95bee85536"
Content-Type: image/png
x-amz-version-id: GU799rtp4d_w3urFIXq5KcNl0dgAumBb
Accept-Ranges: bytes
Content-Length: 24975
x-amz-id-2: rD5Q3NQqqBEYxID3u6KafXxbhHJGp8Ww9AxeLwZk2MvTOuqXk2lJHsjULqNMtX8Q2NYkUJJUvks=

GET
H/1.1 200
OK the-crew.svg
tslp.s3.amazonaws.com/training/basic_phishing_training/ 23 KB
23 KB 124ms
123ms Image
image/svg+xml 52.216.25.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tslp.s3.amazonaws.com/training/basic_phishing_training/the-crew.svg
Requested by: Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.25.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6cd70df38cb6b1289cb2dc28fbb1bca07cbbc0b8e1fde98a9b217d29c5319582

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:47 GMT
Last-Modified: Thu, 14 Nov 2019 18:45:07 GMT
Server: AmazonS3
x-amz-request-id: CVBEQ2AV60E3QKY2
ETag: "ac36dc74e268fff7295a1f1696770fb1"
Content-Type: image/svg+xml
x-amz-version-id: QCBfL1yux3vxRFOwMqOdeZsGhc4BiOdN
Accept-Ranges: bytes
Content-Length: 23399
x-amz-id-2: piwQhdDvn4ApdN6nc8IY2DoHnGHgrbmYpJajAT+O/C6Zbbwctz/a7RjEds79od/OeEkGyfwRjg4=

GET
H/1.1 200
OK sad-laptop.png
tslp.s3.amazonaws.com/training/basic_phishing_training/ 21 KB
21 KB 122ms
122ms Image
image/png 52.216.25.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tslp.s3.amazonaws.com/training/basic_phishing_training/sad-laptop.png
Requested by: Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.25.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: aa511999a208b7ff5c1e99c88ecdb513cc956b56d1dc9a7c4c34548aa0967f3b

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:47 GMT
Last-Modified: Thu, 14 Nov 2019 18:45:08 GMT
Server: AmazonS3
x-amz-request-id: CVB1V28R2EDQQDNK
ETag: "4da1e1f79c36a0b82d5b5e4194995095"
Content-Type: image/png
x-amz-version-id: _mhcawOkZr2bb_8sc2EUEQ27CqOBS8np
Accept-Ranges: bytes
Content-Length: 21058
x-amz-id-2: JwnpgGoeebZRD9kKliHAmSI4lHSG+NhESvDVeYKnY8445lnTyR+1qtRsTIXxAL685SUr5zpMpEI=

GET
H/1.1 200
OK activity.gif
tslp.s3.amazonaws.com/training/basic_phishing_training/ 529 B
937 B 160ms
159ms Image
image/gif 52.216.25.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tslp.s3.amazonaws.com/training/basic_phishing_training/activity.gif
Requested by: Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.25.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 990a0fd9c3460b9107723d41fbe655a9e05d503c1578fddedef76aad9b124fde

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:47 GMT
Last-Modified: Thu, 14 Nov 2019 18:45:07 GMT
Server: AmazonS3
x-amz-request-id: CVBFEDYKWM62E5J1
ETag: "8bc5952e9031e6be555c8937c1d73140"
Content-Type: image/gif
x-amz-version-id: heB0iB59lWCFkTUBauFZRnZ4ZIY82VqM
Accept-Ranges: bytes
Content-Length: 529
x-amz-id-2: 8LoPm7fCqITijH5fStIIZ88JzIiT1EnIsSf+OqKE/zaygmuVpWGI2FCwhrWzAtf3q/fbidpOKEQ=

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.4/ 82 KB
83 KB 148ms
43ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 14:17:10 GMT
x-content-type-options: nosniff
age: 440976
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84380
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Mar 2023 14:17:10 GMT

GET
H/1.1 200
OK easySlider.js Show response
tslp.s3.amazonaws.com/training/basic_phishing_training/ 6 KB
7 KB 134ms
133ms Script
application/ecmascript 52.216.25.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/training/basic_phishing_training/easySlider.js
Requested by: Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.25.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 483c8b1b603c6c0ce0b66e4fe0dae8cb1a06fce86fa1103cf1a6d077e2984303

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:47 GMT
Last-Modified: Thu, 14 Nov 2019 18:45:08 GMT
Server: AmazonS3
x-amz-request-id: CVBA9QE7ACT0YRTJ
ETag: "3aad93ed6fea3e49dec1f2aa80e73072"
Content-Type: application/ecmascript
x-amz-version-id: nBC0sqtLvstn0Ib1Hmr3dT91_GmbOfkX
Accept-Ranges: bytes
Content-Length: 6266
x-amz-id-2: b6mSn/63LcslKWXfpDrEPltcDJJib+zEhaXSXzGp+EzNot50DSLi8ab1fOXWZzFN4YcsP42EM4M=

GET
H/1.1 200
OK training.js Show response
tslp.s3.amazonaws.com/assets/js/ 352 B
773 B 255ms
133ms Script
application/ecmascript 52.216.25.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://tslp.s3.amazonaws.com/assets/js/training.js
Requested by: Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
Protocol: HTTP/1.1
Server: 52.216.25.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8a1170223599205267c6ee3a3072855f1727461d9dd1066bb94f39180f963af9

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:47 GMT
Last-Modified: Thu, 14 Nov 2019 18:45:04 GMT
Server: AmazonS3
x-amz-request-id: CVB1K7Z4ZNVFNW2S
ETag: "029ab28ca3c245dc425e3f3f6599d480"
Content-Type: application/ecmascript
x-amz-version-id: oPMJQR4dr8a8GRwpJLphOcsbzTKMfWQa
Accept-Ranges: bytes
Content-Length: 352
x-amz-id-2: RMvg92SUgju33M9hCLijU7jANIqvN4gZr/SVfDnRjCjS224v3OrF0m0LRgADnpQ/yHipwSpxzeU=

GET
H/1.1 200
OK all.js Show response
request.corp-internal.org/assets/ 28 KB
7 KB 62ms
61ms Script
application/javascript 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://request.corp-internal.org/assets/all.js?guid=db53a69757&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
Requested by: Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
Protocol: HTTP/1.1
Server: 52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-179-68.eu-west-1.compute.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: 39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Feb 2022 13:35:57 GMT
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Content-Length: 7191
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK helen.svg
tslp.s3.amazonaws.com/training/basic_phishing_training/ 3 KB
4 KB 271ms
133ms Image
image/svg+xml 52.216.25.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tslp.s3.amazonaws.com/training/basic_phishing_training/helen.svg
Requested by: Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
Protocol: HTTP/1.1
Server: 52.216.25.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0ec89f6fe10b31d4f656335743585de5bc81f093e0740b4e46e1edae6daf3383

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:47 GMT
Last-Modified: Thu, 14 Nov 2019 18:45:08 GMT
Server: AmazonS3
x-amz-request-id: CVB996HZZ58HMXQ1
ETag: "8973ad48bad22d8603f058f7d58c2b55"
Content-Type: image/svg+xml
x-amz-version-id: h3E2bwLaeNNBGUkuEqILfTRXQOu2gS3k
Accept-Ranges: bytes
Content-Length: 3497
x-amz-id-2: OG5qs73E2EZoKQAyx6Y39VphIuVjP/rmi+wWumZqbelageqA16/gLVBn35f8/vkMkzN8XiztpPI=

GET
H/1.1 200
OK what-is-phishing.png
tslp.s3.amazonaws.com/training/basic_phishing_training/ 15 KB
15 KB 226ms
128ms Image
image/png 52.216.25.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tslp.s3.amazonaws.com/training/basic_phishing_training/what-is-phishing.png
Requested by: Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
Protocol: HTTP/1.1
Server: 52.216.25.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 31dcfb287349b6530ceb12bbcd614650b82374b2b78bed318bfbbd8ab75ba72f

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:47 GMT
Last-Modified: Thu, 14 Nov 2019 18:45:07 GMT
Server: AmazonS3
x-amz-request-id: CVB2M4A6MJ3M830C
ETag: "07abc2e8470ff1c052cdd4e08e8a924c"
Content-Type: image/png
x-amz-version-id: 7UpNyR7e8m3s9gfdVg5kDeBvrys03eJH
Accept-Ranges: bytes
Content-Length: 15151
x-amz-id-2: 08mmq8vOheptOdHj/DZO6+zuiqSUaSYOKYkanBqJWqyon68XCy1oHRILObCiML8phI1IiZfcU3g=

GET
H/1.1 200
OK bg-who-what.png
tslp.s3.amazonaws.com/training/basic_phishing_training/ 831 B
1 KB 251ms
134ms Image
image/png 52.216.25.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tslp.s3.amazonaws.com/training/basic_phishing_training/bg-who-what.png
Requested by: Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
Protocol: HTTP/1.1
Server: 52.216.25.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 74545237850feda99ce1c7d03e99cb7b475579adc053cf1c0880a1dfc98993ce

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:47 GMT
Last-Modified: Thu, 14 Nov 2019 18:45:08 GMT
Server: AmazonS3
x-amz-request-id: CVB076REGY0CFF6B
ETag: "4ed7bbf794c6db4cccfb6529bb11d056"
Content-Type: image/png
x-amz-version-id: 5vkfLQH0naGKzKMpixKEkxLPzsFgQqHT
Accept-Ranges: bytes
Content-Length: 831
x-amz-id-2: ySNWrQPuPGrGAQfJuMndg6Q+1ahkQWm3OqXDylpR43u+RznxavCd76M1A66eb2HXnV/NMzkYlLg=

GET
H/1.1 200
OK blackboard.jpg
tslp.s3.amazonaws.com/training/basic_phishing_training/ 54 KB
54 KB 255ms
137ms Image
image/jpeg 52.216.25.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tslp.s3.amazonaws.com/training/basic_phishing_training/blackboard.jpg
Requested by: Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
Protocol: HTTP/1.1
Server: 52.216.25.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: a5fa9b14f651f6ea4e03fb9be9a064efa17b5e1a986c88f023f79c49abf6d07a

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:47 GMT
Last-Modified: Thu, 14 Nov 2019 18:45:08 GMT
Server: AmazonS3
x-amz-request-id: CVB8XB87Y75QXCZS
ETag: "4b6c56dfb5b8535fc3f5ae55a9ac5f59"
Content-Type: image/jpeg
x-amz-version-id: dU442HLf13rUWgPZf82tcsiibKnN_nCS
Accept-Ranges: bytes
Content-Length: 54882
x-amz-id-2: asTxzyxoJUI/cjWT6DFQtDEE6cWF02aACInoZGeUY1dfo5Cf7D5IuOOKXKUstobWOdXEai7sC7k=

GET
H/1.1 200
OK professor.png
tslp.s3.amazonaws.com/training/basic_phishing_training/ 60 KB
61 KB 253ms
135ms Image
image/png 52.216.25.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tslp.s3.amazonaws.com/training/basic_phishing_training/professor.png
Requested by: Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
Protocol: HTTP/1.1
Server: 52.216.25.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d2291765846dcadaa1195532f05e650900aed67b9a533cc37c1cd1909469a1dc

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:47 GMT
Last-Modified: Thu, 14 Nov 2019 18:45:07 GMT
Server: AmazonS3
x-amz-request-id: CVBB5RM1Q6ZKPWHY
ETag: "141c56d331a5feb642c3f84d1a8a2e0d"
Content-Type: image/png
x-amz-version-id: Mg2688RzNyhgIgkpHhu2pc_BMjowc2mp
Accept-Ranges: bytes
Content-Length: 61866
x-amz-id-2: EhWKKo6JImOFLrv0vJQ87p6TWjbl5py3TZy4aCO9fQyKSB+61iiBQBxIuDZ01aFwt+gccKr/194=

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
23 KB 142ms
62ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://request.corp-internal.org
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:30:55 GMT
x-content-type-options: nosniff
age: 594951
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:14:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Mar 2023 19:30:55 GMT

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ 22 KB
23 KB 119ms
39ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://request.corp-internal.org
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:48:01 GMT
x-content-type-options: nosniff
age: 593925
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22504
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:12:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Mar 2023 19:48:01 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
23 KB 164ms
84ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://request.corp-internal.org
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:31:18 GMT
x-content-type-options: nosniff
age: 594928
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23236
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:18:07 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Mar 2023 19:31:18 GMT

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 56ms
56ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=undefined&msg=window.tracking_id%20is%20not%20set%2C%20let%27s%20get%20it&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: e79c70ac-22f5-4c48-9b0e-426fe2be2f99
X-Runtime: 0.003119
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-06ea2245f27261543, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 55ms
55ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=unknown&msg=get-id%20is%20undefined&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 20628d56-5ce1-459d-9d2b-f27f7f5d38f8
X-Runtime: 0.003007
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-06ea2245f27261543, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 54ms
54ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=unknown&msg=did%20not%20find%20guid%20in%20last%20part%20of%20location&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 49ed37ca-27e4-45cc-807e-eeb14462aa3c
X-Runtime: 0.002388
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0c6c04771e443e757, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK chevronleft.png
tslp.s3.amazonaws.com/training/basic_phishing_training/ 662 B
1 KB 123ms
123ms Image
image/png 52.216.25.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tslp.s3.amazonaws.com/training/basic_phishing_training/chevronleft.png
Requested by: Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
Protocol: HTTP/1.1
Server: 52.216.25.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7cd828f44f2cce1f50f681a8653aff3637b0e57c2e95fa54987532477a9a031d

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:47 GMT
Last-Modified: Thu, 14 Nov 2019 18:45:07 GMT
Server: AmazonS3
x-amz-request-id: CVBF349W5ZFY9PBJ
ETag: "7a8ee0dcfdab5f4a729edc782c28daee"
Content-Type: image/png
x-amz-version-id: s9I57jhPAvSndW6CjVMK3x4Pr1.Iggsj
Accept-Ranges: bytes
Content-Length: 662
x-amz-id-2: rnOKNASIqwEXpOb7nsRywvxOm1VKZwxKZZW59kLIv3L9bVUjZCnscGF/nf4LV5rPo8ksB772gZI=

GET
H/1.1 200
OK chevronright.png
tslp.s3.amazonaws.com/training/basic_phishing_training/ 669 B
1 KB 135ms
133ms Image
image/png 52.216.25.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tslp.s3.amazonaws.com/training/basic_phishing_training/chevronright.png
Requested by: Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
Protocol: HTTP/1.1
Server: 52.216.25.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: cb5d17babe64027f3e1bba5cd863a785195e4733808a0b857d30e286af417da8

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:47 GMT
Last-Modified: Thu, 14 Nov 2019 18:45:07 GMT
Server: AmazonS3
x-amz-request-id: CVBDFM8V45P2RNZ9
ETag: "5cba41acab1a6fd5fcc4773fd701a14a"
Content-Type: image/png
x-amz-version-id: 4VjyV1EkDFDZZq9hrarb6YKxGrR8iQpb
Accept-Ranges: bytes
Content-Length: 669
x-amz-id-2: tinzqJKOmmXElOxITkRocGdoJ7/xg/NzyXiWCG7RRbnwago60/jJezGgaR8v++CJ9Y6JB+b9srM=

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 64ms
63ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=47db53a9469757a5&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 4400d760-c0c0-4903-9af9-0c6d40da2c20
X-Runtime: 0.003093
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-05b83385bbc433ffa, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 64ms
63ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=47db53a9469757a5&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 2d0c650b-edb4-4ff3-bb7c-15dee413d2a2
X-Runtime: 0.003002
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-05b83385bbc433ffa, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 56ms
55ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=47db53a9469757a5&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 24a2ef69-9f77-45f9-ab2f-80a7e454b9f9
X-Runtime: 0.002357
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0319bb55abd34bb33, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 57ms
56ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=47db53a9469757a5&msg=BrowserDetect%20-%20browser%20%3D%20Chrome&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 7c075071-d4a6-4d3f-917c-f1f3836e2dcd
X-Runtime: 0.003017
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0c6c04771e443e757, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 58ms
57ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=47db53a9469757a5&msg=BrowserDetect%20-%20browser_version%20%3D%2099&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: e181e55c-a70c-45b6-af53-22ec2a998578
X-Runtime: 0.003397
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0c6c04771e443e757, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 57ms
56ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=47db53a9469757a5&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: fdaa6f79-3d41-4b5e-8f17-a6f7aba815ed
X-Runtime: 0.002117
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0319bb55abd34bb33, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 57ms
56ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=47db53a9469757a5&msg=BrowserDetect%20-%20os_version%20%3D%2010&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 160b7588-b4eb-4b99-bdfc-d75a0a81c936
X-Runtime: 0.003126
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-06ea2245f27261543, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 54ms
54ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=47db53a9469757a5&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: f54c052c-5e05-482d-b967-aa78f5abf036
X-Runtime: 0.003332
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-06ea2245f27261543, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 60ms
59ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=47db53a9469757a5&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 47b081a4-e2e1-4681-8b8d-7bd4ea095b96
X-Runtime: 0.002317
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-05b83385bbc433ffa, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 62ms
62ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=47db53a9469757a5&msg=BrowserDetect%20-%20width%20%3D%201600&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 52c4d8b9-a31f-4c20-a21e-ee1f53e9ff90
X-Runtime: 0.003121
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0319bb55abd34bb33, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 65ms
64ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=47db53a9469757a5&msg=BrowserDetect%20-%20height%20%3D%201200&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: a3c5cbb7-2b3e-426f-9a31-653cd4bc88a7
X-Runtime: 0.012288
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-05b83385bbc433ffa, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 63ms
62ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=47db53a9469757a5&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Plugin&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 5c3b0f37-f2c0-45eb-a7f7-5e591b29fab3
X-Runtime: 0.002880
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0319bb55abd34bb33, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 53ms
52ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=47db53a9469757a5&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Viewer&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: f155110d-2ac9-40e9-a47c-74982a684d06
X-Runtime: 0.002380
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0c6c04771e443e757, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 57ms
56ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=47db53a9469757a5&msg=BrowserDetect%20-%20plugin%20Native%20Client&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: b3dbf599-36da-4f95-9635-1740ef4a7351
X-Runtime: 0.002296
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0c6c04771e443e757, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 66ms
66ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=47db53a9469757a5&msg=Chrome%20browser%2C%20using%20more%20detailed%20version&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 40a64fe2-2789-4f4e-8c44-91dc0a318a4b
X-Runtime: 0.002402
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-06ea2245f27261543, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 53ms
53ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=47db53a9469757a5&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 3a3f1ce6-7201-4a48-86b6-d5a805092a8d
X-Runtime: 0.002047
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-06ea2245f27261543, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 55ms
54ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=47db53a9469757a5&msg=java_version_pl%20%3D%20unknown&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: ce56b69c-0c8f-4e69-b4c3-cfb014820620
X-Runtime: 0.002818
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-05b83385bbc433ffa, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 55ms
55ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=47db53a9469757a5&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: eb1a589f-6a40-49b9-857a-abb78cef1341
X-Runtime: 0.003050
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-05b83385bbc433ffa, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 53ms
52ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=47db53a9469757a5&msg=java_version_jres%20%3D%20unknown&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: eb6072af-ac2d-4105-bf01-9a17cf65ddd6
X-Runtime: 0.002579
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0319bb55abd34bb33, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 70ms
70ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=47db53a9469757a5&msg=java_version%20%3D%20undefined&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: a5a04adb-e59f-4bef-b9fa-dc32965d076f
X-Runtime: 0.002429
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0319bb55abd34bb33, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 67ms
67ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=47db53a9469757a5&msg=Loading%20flash%20version&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 83cf29e9-39e8-440b-affb-44a03d1e2515
X-Runtime: 0.002180
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0c6c04771e443e757, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 58ms
58ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=47db53a9469757a5&msg=flash%20%3D%20unknown&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: a853593d-6649-4c78-8696-ef44ac4e3e32
X-Runtime: 0.002274
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0c6c04771e443e757, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 57ms
57ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=47db53a9469757a5&msg=Loading%20pdf%20version&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 7301f025-19b7-40fb-ad5d-48d4bd21709f
X-Runtime: 0.002159
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-06ea2245f27261543, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 56ms
55ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=47db53a9469757a5&msg=Could%20not%20find%20AdobeReader%20version&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: e40922a6-90ce-4838-b016-c165ab52a521
X-Runtime: 0.002270
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-06ea2245f27261543, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 54ms
53ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=47db53a9469757a5&msg=pdf%20%3D%20unknown&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: dd3799ea-a90a-49ed-8ad4-a2c1819bd240
X-Runtime: 0.002315
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-05b83385bbc433ffa, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 72ms
72ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=47db53a9469757a5&msg=Loading%20quicktime%20version&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 64dd4340-e180-463f-be0d-8c210e4d2c9f
X-Runtime: 0.002538
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0319bb55abd34bb33, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 53ms
52ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=47db53a9469757a5&msg=quicktime%20%3D%20unknown&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 26b397e8-1b0e-423f-8aa3-39e7f38ce738
X-Runtime: 0.002181
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0319bb55abd34bb33, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 55ms
54ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=47db53a9469757a5&msg=Loading%20RealPlayer%20version&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 5d52b4d7-9379-47dc-b48e-c26a8f74bd30
X-Runtime: 0.002422
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0c6c04771e443e757, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 58ms
57ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=47db53a9469757a5&msg=realplayer%20%3D%20unknown&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 02beeb26-d2e6-44e8-b99b-1b395fc0238f
X-Runtime: 0.001888
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0c6c04771e443e757, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 58ms
57ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=47db53a9469757a5&msg=Loading%20Silverlight%20version&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 75c833e3-b671-448c-8f73-6f4f1bd3b107
X-Runtime: 0.003151
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-06ea2245f27261543, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 59ms
59ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=47db53a9469757a5&msg=silverlight%20%3D%20unknown&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 4bfe2e7d-a9d5-4984-944e-4ef7023a7389
X-Runtime: 0.002968
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-06ea2245f27261543, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 57ms
57ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=47db53a9469757a5&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 4b0fbf10-f503-4d97-a43f-f7126e22a9d6
X-Runtime: 0.002430
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-05b83385bbc433ffa, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 58ms
58ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=47db53a9469757a5&msg=wmp%20%3D%20unknown&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: fe2873c0-a7a6-4e90-87fb-4121c57ea4e8
X-Runtime: 0.002332
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-05b83385bbc433ffa, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 77ms
77ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=47db53a9469757a5&msg=training_page_no_browser_post&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: ce2290ab-3f4b-4d51-8d9a-bd4880044baf
X-Runtime: 0.002300
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0319bb55abd34bb33, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
request.corp-internal.org/ 0
687 B 79ms
79ms Image
text/html 52.49.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://request.corp-internal.org/trace?id=47db53a9469757a5&msg=redirect_url%20is%20undefined&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Requested by

Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Protocol

HTTP/1.1

Server

52.49.179.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-179-68.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 28668998-3c79-4da6-bf68-e0a17e949619
X-Runtime: 0.002209
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0c6c04771e443e757, ; 93054444294e281c2315830ff4b3856ef4a48b93
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H2 200 nr-spa-1215.min.js Show response
js-agent.newrelic.com/ 47 KB
18 KB 109ms
15ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1215.min.js
Requested by: Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd2d8d288526b88b0eae53168e31b4092acf39ed38d40ffcbc6d0ab2f7a4aa66

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: zcmP9QP8YWQtiPZETZozJGQXbXQvWuWT
content-encoding: gzip
etag: "7e1862f7a390ed9fc02c299216395547"
x-amz-request-id: F40XX4S58GB7TBNH
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 17465
x-amz-id-2: dq2dHOxPRmshIqQMYLu2xQJPBvhVUVc3jEq2Ib3lg1/ePRZb/Hnx/dJHgvY9YotOA/YgDH6JkJ8=
x-served-by: cache-mxp6980-MXP
last-modified: Mon, 24 Jan 2022 22:13:54 GMT
server: AmazonS3
x-timer: S1647449207.262169,VS0,VE0
date: Wed, 16 Mar 2022 16:46:47 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1638

GET
H/1.1 200
OK 4b7a74eb40 Show response
bam-cell.nr-data.net/1/ 49 B
714 B 686ms
642ms Script
text/javascript 162.247.243.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/4b7a74eb40?a=1307428505&v=1215.1253ab8&to=dVtXQkUKCFpTQxtNFlddV19ZAktFXl5D&rst=1619&ck=1&ref=http://request.corp-internal.org/load_training&ap=15&be=89&fe=1488&dc=639&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1647449205673,%22n%22:0,%22u%22:73,%22ue%22:74,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22ce%22:0,%22rq%22:1,%22rp%22:71,%22rpe%22:122,%22dl%22:74,%22di%22:638,%22ds%22:638,%22de%22:653,%22dc%22:1488,%22l%22:1488,%22le%22:1489%7D,%22navigation%22:%7B%7D%7D&fp=408&fcp=408&jsonp=NREUM.setToken
Requested by: Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: http://request.corp-internal.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 16:46:47 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 6ecef789ed85e8eb-MXP

POST
H/1.1 200
OK 4b7a74eb40 Show response
bam-cell.nr-data.net/events/1/ 24 B
512 B 211ms
211ms XHR
image/gif 162.247.243.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/events/1/4b7a74eb40?a=1307428505&v=1215.1253ab8&to=dVtXQkUKCFpTQxtNFlddV19ZAktFXl5D&rst=2314&ck=1&ref=http://request.corp-internal.org/load_training
Requested by: Host: request.corp-internal.org
URL: http://request.corp-internal.org/load_training?guid=47db53a9469757a5&correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: http://request.corp-internal.org/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type: text/plain

Response headers

Date: Wed, 16 Mar 2022 16:46:48 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: http://request.corp-internal.org
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 6ecef78dfc77e8eb-MXP
Content-Length: 24

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: request.corp-internal.org
URL: https://request.corp-internal.org:49153/alt_pixel_click_db53a69757.gif?correlation_id=c8ab907e-c806-4448-90ab-5773a5865c47

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
request.corp-internal.org/	1969-12-31 23:59:59	Name: EXFILGUID Value: db53a69757
request.corp-internal.org/	1969-12-31 23:59:59	Name: link_clicked_db53a69757 Value: 1
java.com/	1970-01-20 01:37:29	Name: akaalb_OCE_Failover Value: 1647449264~op=JCOM_OCE:oceProdappJcomProdOrigin\|~rv=67~m=oceProdappJcomProdOrigin:0\|~os=2708f36cb43ca861e42dc0215e4669c5~id=c1955a2331d488167d892afde5f718d4
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: a92a63e54f50980

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bam-cell.nr-data.net
d2wy8f7a9ursnm.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
java.com
js-agent.newrelic.com
request.corp-internal.org
tslp.s3.amazonaws.com
request.corp-internal.org
13.227.211.71
151.101.194.137
162.247.243.147
2a00:1450:4001:810::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:830::200a
2a02:26f0:fb:59a::196
52.216.25.140
52.49.179.68
0730a7e6770925fa4232096e4d9874514985ec791a63fe873f0e4e3cd7722381
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
0ada961fe0cbc2f8b3f2f54561ec6a8921d81ccc709888873f8d7c07f20a84ee
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0ec89f6fe10b31d4f656335743585de5bc81f093e0740b4e46e1edae6daf3383
10de3a6673ae6a601f8dcdc2fe03ac5eef2d28c9a8a24fd9e74a1fd5189a50f4
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
2da59317e2f0fa43a6f4eb835a0e63f16e6327fae2601dca409059671f0953a1
31dcfb287349b6530ceb12bbcd614650b82374b2b78bed318bfbbd8ab75ba72f
33c9e0aa683893d7bc5ae20735a275d00f1fb740e416c244191b543cd6f1a74a
358bb442f5d81ddc8e393d922458a9d84010efee2c346763ae87a45be92224d1
35f3829fcb985ffd25778fccfbeba9600a2d787b3dfe4b32fd090f5ad17b9ba3
39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9
4805fc6abdad8075af2165e241b781c3073d4769ae725e4004bf79064acb5f24
483c8b1b603c6c0ce0b66e4fe0dae8cb1a06fce86fa1103cf1a6d077e2984303
4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a
6ae53963f41133561c78b4332b564c01f551c471cd91d980436a9f5dacdd8f19
6cd70df38cb6b1289cb2dc28fbb1bca07cbbc0b8e1fde98a9b217d29c5319582
74545237850feda99ce1c7d03e99cb7b475579adc053cf1c0880a1dfc98993ce
7cd828f44f2cce1f50f681a8653aff3637b0e57c2e95fa54987532477a9a031d
88be902cc76b5ec1ec932b6ae93457b6b0ca69d7a36bfadefc2f24db225dc238
8a1170223599205267c6ee3a3072855f1727461d9dd1066bb94f39180f963af9
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
990a0fd9c3460b9107723d41fbe655a9e05d503c1578fddedef76aad9b124fde
9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc
a26d01d5912459798481786640dc44fd7605d09f2f9e6dd24720205efcab6861
a5fa9b14f651f6ea4e03fb9be9a064efa17b5e1a986c88f023f79c49abf6d07a
aa511999a208b7ff5c1e99c88ecdb513cc956b56d1dc9a7c4c34548aa0967f3b
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
baf5ae1d3bbf736d5936b49d47b2cb3d9ba9557886bb3ee6f2b5a23aa689e257
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c8f97b01d2e7ab26485c094fe3b7d87eca76256dff3baba9613ff0502e69fa66
cb5d17babe64027f3e1bba5cd863a785195e4733808a0b857d30e286af417da8
cdb16ca3ddd3cead71121799751fa80d3033375abcdbc5fc84d35fb82c7fc9de
d2291765846dcadaa1195532f05e650900aed67b9a533cc37c1cd1909469a1dc
d43980cdc0221392e0426ac33c54195ed793a5f1f936639507cd1c22922cc423
d9b7c6163477008469af64b211e2dbd4f4171b85b51e3714f11c99f9ba2c32f9
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dd2d8d288526b88b0eae53168e31b4092acf39ed38d40ffcbc6d0ab2f7a4aa66
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f923049d4481003d039447fbfd735eecfb231c27ed8aa45f895909a4c25c1773

request.corp-internal.org Open in urlscan Pro 52.49.179.68 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

127 Requests

28 %HTTPS

44 %IPv6

8 Domains

9 Subdomains

10 IPs

3 Countries

993 kBTransfer

1205 kBSize

4 Cookies

1 Outgoing links

Page URL History

Redirected requests

127 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

request.corp-internal.org Open in urlscan Pro
52.49.179.68 Public Scan

Screenshot
Live screenshot

Full Image

127
Requests

28 %
HTTPS

44 %
IPv6

8
Domains

9
Subdomains

10
IPs

3
Countries

993 kB
Transfer

1205 kB
Size

4
Cookies

127 HTTP transactions
0 data transactions