login.micrasoft-395office.com
52.31.224.253

Go To Rescan
Add Verdict Report

Submitted URL:
https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47
Effective URL:
https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf
Submission: On March 15 via manual (March 15th 2023, 12:13:06 am UTC) from CA — Scanned from CA

Summary HTTP 115 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 6 domains to perform 115 HTTP transactions. The main IP is 52.31.224.253, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is login.micrasoft-395office.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on February 1st 2023. Valid for: a year.

This is the only time login.micrasoft-395office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
84	52.31.224.253 52.31.224.253	16509 (AMAZON-02) (AMAZON-02)
22	3.5.6.11 3.5.6.11	14618 (AMAZON-AES) (AMAZON-AES)
2 4	2600:1400:d::... 2600:1400:d::1721:ee52	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	54.230.244.62 54.230.244.62	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:81f::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81d::200a	15169 (GOOGLE) (GOOGLE)
1	143.204.141.8 143.204.141.8	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:816::2003	15169 (GOOGLE) (GOOGLE)
115	9

84 52.31.224.253 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

login.micrasoft-395office.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 3.5.6.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3-1-w.amazonaws.com

tslp.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1400:d::1721:ee52 (New York, United States) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)

java.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.java.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.230.244.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-244-62.ewr53.r.cloudfront.net

d2wy8f7a9ursnm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81f::200a (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81d::200a (Nutley, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.141.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-141-8.ewr52.r.cloudfront.net

d25q7gseii1o1q.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
84	micrasoft-395office.com login.micrasoft-395office.com	122 KB
22	amazonaws.com tslp.s3.amazonaws.com — Cisco Umbrella Rank: 144579	345 KB
4	java.com 2 redirects java.com — Cisco Umbrella Rank: 37182 www.java.com — Cisco Umbrella Rank: 62148	13 KB
3	cloudfront.net d2wy8f7a9ursnm.cloudfront.net d25q7gseii1o1q.cloudfront.net	8 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34 ajax.googleapis.com — Cisco Umbrella Rank: 305	35 KB
1	gstatic.com fonts.gstatic.com	44 KB
115	6

	Domain	Requested by
84	login.micrasoft-395office.com	login.micrasoft-395office.com ajax.googleapis.com
22	tslp.s3.amazonaws.com	login.micrasoft-395office.com tslp.s3.amazonaws.com ajax.googleapis.com
2	d2wy8f7a9ursnm.cloudfront.net	login.micrasoft-395office.com
2	www.java.com	login.micrasoft-395office.com
2	java.com	2 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	d25q7gseii1o1q.cloudfront.net	tslp.s3.amazonaws.com
1	ajax.googleapis.com	login.micrasoft-395office.com
1	fonts.googleapis.com	login.micrasoft-395office.com
115	9

This site contains links to these domains. Also see Links.

Domain
www.wombatsecurity.com

Subject Issuer	Validity	Valid
nationalcouncil4not-for-profits.org Amazon RSA 2048 M01	`2023-02-01` - `2024-03-02`	a year	crt.sh
*.s3.amazonaws.com Amazon	`2022-09-21` - `2023-08-26`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf
Frame ID: C2376E4B6B00F7E95BD8EA619162E910
Requests: 114 HTTP requests in this frame

Frame: https://login.micrasoft-395office.com/training_screenshot?guid=test_228efad4c1&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf
Frame ID: E032E9273B1A5522B17A329BF49B663B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47 Page URL
https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b... Page URL

Detected technologies

BugSnag (Analytics) Expand

Overall confidence: 100%
Detected patterns

/bugsnag.*\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

115
Requests

97 %
HTTPS

50 %
IPv6

6
Domains

9
Subdomains

9
IPs

2
Countries

565 kB
Transfer

783 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.wombatsecurity.com/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47 Page URL
https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://java.com/js/deployJava.js HTTP 302
https://www.java.com/js/deployJava.js

Request Chain 57

https://java.com/js/deployJava.js HTTP 302
https://www.java.com/js/deployJava.js

115 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 test_ad228ef93ad4c132 Show response
login.micrasoft-395office.com/ 4 KB
1 KB 368ms
117ms Document
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

99567d08cbe931635f1cad1ae5a8f0551e13e0225e3697d2cfd8ac2c88b9dd3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 15 Mar 2023 00:13:06 GMT
etag: W/"99567d08cbe931635f1cad1ae5a8f055"
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-host-info: lw-prod-eu-i-05c60195317a98155 ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-permitted-cross-domain-policies: none
x-request-id: 47ce8e06-8e9f-418e-b71c-a0378e44efd6
x-runtime: 0.017213
x-xss-protection: 1; mode=block

GET alt_pixel_click_test_228efad4c1.gif
login.micrasoft-395office.com/ 0
0

GET
H/1.1 200
OK plugin_detect.js Show response
tslp.s3.amazonaws.com/detect/ 49 KB
49 KB 110ms
54ms Script
text/javascript 3.5.6.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=test_228efad4c1&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf
Requested by: Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.6.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 15 Mar 2023 00:13:07 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 17:56:07 GMT
Server: AmazonS3
x-amz-request-id: YNAV58KCXZ4N09KM
ETag: "00a513f07603df01e3b99be00f370754"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 50085
x-amz-id-2: 9QTNxI3iEN0lSdcPQY/5xRaWLr6jNztHQfApeAz84Ip7LOIlH8lc1FHMd+MJmNJP5XI8H0t+go/pBOe+RKPfFg==

GET
H/1.1 200
OK java.js Show response
tslp.s3.amazonaws.com/detect/ 50 KB
50 KB 197ms
145ms Script
text/javascript 3.5.6.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/java.js?guid=test_228efad4c1&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf
Requested by: Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.6.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4805fc6abdad8075af2165e241b781c3073d4769ae725e4004bf79064acb5f24

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 15 Mar 2023 00:13:07 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 14:38:28 GMT
Server: AmazonS3
x-amz-request-id: YNAZA0W2QVDDCY1Y
ETag: "2bec0061039dc3fb25fc20aaf611d5b9"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 50717
x-amz-id-2: MZBMhNV3WWmHLbLxuN8MGWRcbMRxuEvf9gGfe6/wqh6k3uAKt4zD2Q9UnfZ3rMVNJ8OYMKfLgZZQ43EiiBhRew==

GET
H2

200

deployJava.js Show response
www.java.com/js/
Redirect Chain

https://java.com/js/deployJava.js
https://www.java.com/js/deployJava.js

18 KB
6 KB

135ms
89ms

Script
application/javascript

2600:1400:d::1721:ee52
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.java.com/js/deployJava.js

Requested by

Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47

Protocol

Server

2600:1400:d::1721:ee52 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

358bb442f5d81ddc8e393d922458a9d84010efee2c346763ae87a45be92224d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

unused62: 8096267
date: Wed, 15 Mar 2023 00:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
akamai-grn: , , , 0.4eee2117.1678839186.3c15d63a
x-oracle-dms-rid: 0
content-disposition: attachment; filename="deployJava.js";filename*=UTF-8''deployJava.js
server-timing: cdn-cache; desc=HIT, edge; dur=53, ak_p; desc="466344_388099662_1008064058_5314_15335_18_0";dur=1
content-length: 5512
x-xss-protection: 1
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
etag: D07B023847CD4DC5C4ED4AB4FC46AD47BDD6E99A0663:19
vary: Accept-Encoding
x-oracle-dms-ecid: b53b70d7-8e10-469f-a56c-440abaee13cc-0469beae
content-type: application/javascript
cache-control: public, max-age=86400
expires: Thu, 16 Mar 2023 00:13:06 GMT

Redirect headers

date: Wed, 15 Mar 2023 00:13:06 GMT
server: AkamaiGHost
akamai-grn: 0.4eee2117.1678839186.3c15d521
location: https://www.java.com/js/deployJava.js
cache-control: max-age=86400
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466344_388099662_1008063777_44_22109_17_0";dur=1
content-length: 0
x-xss-protection: 1
expires: Thu, 16 Mar 2023 00:13:06 GMT

GET
H/1.1 200
OK flash.js Show response
tslp.s3.amazonaws.com/detect/ 7 KB
7 KB 104ms
51ms Script
text/javascript 3.5.6.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/flash.js?guid=test_228efad4c1&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf
Requested by: Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.6.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: a26d01d5912459798481786640dc44fd7605d09f2f9e6dd24720205efcab6861

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 15 Mar 2023 00:13:07 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 03:54:01 GMT
Server: AmazonS3
x-amz-request-id: YNAQYH4722V6M2JX
ETag: "f9ad9a096894ba248e4a1f73e7eba1be"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 6680
x-amz-id-2: 90KehVU8OgKV4e5pDHWWivlY89OH4FOZ8GpCH00Ia4hA0ixzQg/K6lOV2VFDjoH1iQ4a4PxlpiAKr3pLVYtrBw==

GET
H/1.1 200
OK pdf.js Show response
tslp.s3.amazonaws.com/detect/ 22 KB
23 KB 108ms
55ms Script
text/javascript 3.5.6.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/pdf.js?guid=test_228efad4c1&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf
Requested by: Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.6.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d9b7c6163477008469af64b211e2dbd4f4171b85b51e3714f11c99f9ba2c32f9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 15 Mar 2023 00:13:07 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 14:39:34 GMT
Server: AmazonS3
x-amz-request-id: YNAKJ77QJVFWXVSC
ETag: "0d5882d41c8b6e40059c8d9acbcf1518"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 22855
x-amz-id-2: DjgL3TYDS/GZyN+jLEo3fvshjUATzTA1344Bus+i+Izcq99X/FDfDeMqCLfFgHN5GTQADtFnAwp0YfMQUSrzvQ==

GET
H/1.1 200
OK quicktime.js Show response
tslp.s3.amazonaws.com/detect/ 7 KB
7 KB 112ms
59ms Script
text/javascript 3.5.6.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/quicktime.js?guid=test_228efad4c1&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf
Requested by: Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.6.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6ae53963f41133561c78b4332b564c01f551c471cd91d980436a9f5dacdd8f19

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 15 Mar 2023 00:13:07 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 14:41:05 GMT
Server: AmazonS3
x-amz-request-id: YNAH5G2E1Z9JY6KJ
ETag: "ee73f2f47d51116dc40b85a6b57eaf20"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 6999
x-amz-id-2: J7UZehFJjv5Jn041Yj3mwhd/JX+/W3dwB/VqLDhSMciJZH3Ez33YoQFadk5/sbDJj2VEb06VzfG3l4MfkO9Drw==

GET
H/1.1 200
OK realplayer.js Show response
tslp.s3.amazonaws.com/detect/ 10 KB
10 KB 108ms
55ms Script
text/javascript 3.5.6.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/realplayer.js?guid=test_228efad4c1&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf
Requested by: Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.6.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 88be902cc76b5ec1ec932b6ae93457b6b0ca69d7a36bfadefc2f24db225dc238

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 15 Mar 2023 00:13:07 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 14:45:02 GMT
Server: AmazonS3
x-amz-request-id: YNAVXAYAKN4YXGG8
ETag: "3d7be656672c16a34806c13388410325"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 9775
x-amz-id-2: LGsu1flLqn3n8WMaBz/ADNq6cJ4MOUVU8Hov1sQFyY55zcCeIzUPpj4e1qoTahneoBJIvzCC7xcs2doo35RVXw==

GET
H/1.1 200
OK silverlight.js Show response
tslp.s3.amazonaws.com/detect/ 4 KB
5 KB 35ms
34ms Script
text/javascript 3.5.6.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/silverlight.js?guid=test_228efad4c1&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf
Requested by: Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.6.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0730a7e6770925fa4232096e4d9874514985ec791a63fe873f0e4e3cd7722381

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 15 Mar 2023 00:13:07 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 18:00:03 GMT
Server: AmazonS3
x-amz-request-id: YNAHP5D7V03GDHAA
ETag: "e6dd596d2bc204ea573b868b92028c26"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 4234
x-amz-id-2: uM/Oyld7Sg3b/3v9ZjzswIRmruq6mcvh/eeuMjUDJEzajIEku27rCpNspJooBu1tx4XKmrz2eBdK+aQ2+KEEdw==

GET
H/1.1 200
OK wmp.js Show response
tslp.s3.amazonaws.com/detect/ 6 KB
6 KB 36ms
36ms Script
text/javascript 3.5.6.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/wmp.js?guid=test_228efad4c1&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf
Requested by: Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.6.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: cdb16ca3ddd3cead71121799751fa80d3033375abcdbc5fc84d35fb82c7fc9de

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 15 Mar 2023 00:13:07 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 15:07:14 GMT
Server: AmazonS3
x-amz-request-id: YNAWNCAFE3AWWTAH
ETag: "ffd2cc77bb64d40beeb5d561fffe1f79"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 5941
x-amz-id-2: ceph9osRO/T57k55/kEMC3pDVi4FdEbF3HI+gwy5f0ZrVed/n1z7vXCKcoTjKsqOzzzen6UzcKu7UxwNzBPhrQ==

GET
H/1.1 200
OK bugsnag-2.min.js Show response
d2wy8f7a9ursnm.cloudfront.net/ 6 KB
3 KB 82ms
18ms Script
application/javascript 54.230.244.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
Requested by: Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.244.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-244-62.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: null
Content-Encoding: gzip
Via: 1.1 2c7d387775f2e52dd268d2f49202b5d2.cloudfront.net (CloudFront)
Date: Sat, 11 Mar 2023 08:37:18 GMT
X-Amz-Cf-Pop: EWR53-P1
Age: 315349
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 2962
Last-Modified: Wed, 10 Aug 2016 00:30:49 GMT
Server: AmazonS3
ETag: "6103bb5e4ec6141e19e1100caafc780c"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
X-Amz-Cf-Id: NNO9NgaOY_Fh-8_bzv7nFSeixxpv432vl72zbcGAY3YA7yvMy2euTA==

GET
H2 200 jquery.min.js Show response
login.micrasoft-395office.com/assets/ajax/libs/jquery/1.9.1/ 90 KB
32 KB 197ms
196ms Script
application/javascript 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.micrasoft-395office.com/assets/ajax/libs/jquery/1.9.1/jquery.min.js
Requested by: Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-224-253.eu-west-1.compute.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:13:06 GMT
content-encoding: gzip
last-modified: Thu, 19 Jan 2023 14:04:40 GMT
server: ThreatSim-Web-Server
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 all.js Show response
login.micrasoft-395office.com/assets/ 28 KB
7 KB 100ms
98ms Script
application/javascript 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.micrasoft-395office.com/assets/all.js?g=test_228efad4c1
Requested by: Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-224-253.eu-west-1.compute.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: 39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:13:06 GMT
content-encoding: gzip
last-modified: Thu, 19 Jan 2023 14:01:13 GMT
server: ThreatSim-Web-Server
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
content-length: 7191
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 browser_post Show response
login.micrasoft-395office.com/secure/ 0
487 B 103ms
103ms XHR
image/gif 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.micrasoft-395office.com/secure/browser_post

Requested by

Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/assets/ajax/libs/jquery/1.9.1/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 15 Mar 2023 00:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: ba4fa294-4738-47d0-bcf8-520fafd30cb9
x-runtime: 0.003761
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0c9ecfab34b9d5adf, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding, Accept
x-frame-options: SAMEORIGIN
content-type: image/gif; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
login.micrasoft-395office.com/ 0
466 B 103ms
98ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.micrasoft-395office.com/trace?id=test_228efad4c1&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Requested by

Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 6e016670-8180-4b65-9d50-83a59353998e
x-runtime: 0.002065
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-05c60195317a98155, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
login.micrasoft-395office.com/ 0
466 B 111ms
103ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.micrasoft-395office.com/trace?id=test_228efad4c1&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Requested by

Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 71b59b1f-685a-4479-a88b-9a7ad5ab2eb8
x-runtime: 0.004055
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0eff09ca492b0f67c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
login.micrasoft-395office.com/ 0
466 B 110ms
102ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.micrasoft-395office.com/trace?id=test_228efad4c1&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Requested by

Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 5c14109a-ba70-4879-822c-fd914bd78b74
x-runtime: 0.003239
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0462893be421cc542, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
login.micrasoft-395office.com/ 0
466 B 108ms
100ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.micrasoft-395office.com/trace?id=test_228efad4c1&msg=BrowserDetect%20-%20browser%20%3D%20Chrome&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Requested by

Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: e37b8a30-c4d7-4f2b-9472-3cd111260f4d
x-runtime: 0.001997
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0c9ecfab34b9d5adf, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
login.micrasoft-395office.com/ 0
466 B 107ms
99ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.micrasoft-395office.com/trace?id=test_228efad4c1&msg=BrowserDetect%20-%20browser_version%20%3D%20111&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Requested by

Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 7f721f4e-0876-4468-bf31-a9d1a6d0abbd
x-runtime: 0.001545
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-05c60195317a98155, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
login.micrasoft-395office.com/ 0
466 B 113ms
105ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.micrasoft-395office.com/trace?id=test_228efad4c1&msg=BrowserDetect%20-%20os%20%3D%20Windows&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Requested by

Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: a0b1e325-b0dc-4260-a3f6-b041baefb59f
x-runtime: 0.002314
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0eff09ca492b0f67c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
login.micrasoft-395office.com/ 0
466 B 109ms
101ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.micrasoft-395office.com/trace?id=test_228efad4c1&msg=BrowserDetect%20-%20os_version%20%3D%2010&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Requested by

Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 809f44a9-0480-4296-a72c-bac12b4e743d
x-runtime: 0.002749
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0462893be421cc542, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
login.micrasoft-395office.com/ 0
467 B 203ms
196ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.micrasoft-395office.com/trace?id=test_228efad4c1&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Requested by

Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 50bbe444-f8f8-4487-815e-485f23465ad3
x-runtime: 0.005618
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0c9ecfab34b9d5adf, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
login.micrasoft-395office.com/ 0
466 B 199ms
192ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.micrasoft-395office.com/trace?id=test_228efad4c1&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Requested by

Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 5c8172a6-55dc-4956-92de-b98399a70dd2
x-runtime: 0.002784
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-05c60195317a98155, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
login.micrasoft-395office.com/ 0
466 B 202ms
195ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.micrasoft-395office.com/trace?id=test_228efad4c1&msg=BrowserDetect%20-%20width%20%3D%201600&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Requested by

Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 8ab8a642-e686-4ac2-8b01-36ab9868b287
x-runtime: 0.002234
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0eff09ca492b0f67c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
login.micrasoft-395office.com/ 0
466 B 204ms
197ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.micrasoft-395office.com/trace?id=test_228efad4c1&msg=BrowserDetect%20-%20height%20%3D%201200&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Requested by

Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: f4fb20fd-2b0b-401e-8d7e-f173963f7ce0
x-runtime: 0.002746
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0462893be421cc542, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
login.micrasoft-395office.com/ 0
466 B 212ms
205ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.micrasoft-395office.com/trace?id=test_228efad4c1&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Plugin&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Requested by

Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 6b9252be-4834-4c03-a12f-12a03bb1b1fd
x-runtime: 0.006835
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0c9ecfab34b9d5adf, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
login.micrasoft-395office.com/ 0
466 B 197ms
190ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.micrasoft-395office.com/trace?id=test_228efad4c1&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Viewer&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Requested by

Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: c9a87d78-e203-43f6-83e3-67b0c8d420c9
x-runtime: 0.002090
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-05c60195317a98155, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
login.micrasoft-395office.com/ 0
466 B 200ms
193ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.micrasoft-395office.com/trace?id=test_228efad4c1&msg=BrowserDetect%20-%20plugin%20Native%20Client&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Requested by

Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: b53bf080-eb06-41c1-99ba-a4e4f0ef7d25
x-runtime: 0.005658
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0eff09ca492b0f67c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
login.micrasoft-395office.com/ 0
466 B 195ms
188ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.micrasoft-395office.com/trace?id=test_228efad4c1&msg=Chrome%20browser%2C%20using%20more%20detailed%20version&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Requested by

Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: faa218b9-f0b4-49ec-9dfb-f8bd8a959cf2
x-runtime: 0.002050
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0462893be421cc542, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
login.micrasoft-395office.com/ 0
466 B 208ms
202ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.micrasoft-395office.com/trace?id=test_228efad4c1&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Requested by

Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: e5b3f5e1-ce4b-4ea2-b5d6-a9299bb695c8
x-runtime: 0.006624
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0c9ecfab34b9d5adf, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
login.micrasoft-395office.com/ 0
466 B 210ms
204ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.micrasoft-395office.com/trace?id=test_228efad4c1&msg=java_version_pl%20%3D%20unknown&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Requested by

Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: f54a647b-6531-4faa-a2e4-9a7e2679c506
x-runtime: 0.006710
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-05c60195317a98155, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
login.micrasoft-395office.com/ 0
466 B 211ms
206ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.micrasoft-395office.com/trace?id=test_228efad4c1&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Requested by

Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 0de95835-2d9a-4093-b352-82d5ee4a338c
x-runtime: 0.004385
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0eff09ca492b0f67c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
login.micrasoft-395office.com/ 0
466 B 203ms
198ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.micrasoft-395office.com/trace?id=test_228efad4c1&msg=java_version_jres%20%3D%20unknown&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Requested by

Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 33d20882-ed01-419f-9a48-9d2d786fa538
x-runtime: 0.004084
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0462893be421cc542, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
login.micrasoft-395office.com/ 0
465 B 213ms
208ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.micrasoft-395office.com/trace?id=test_228efad4c1&msg=java_version%20%3D%20undefined&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Requested by

Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: c0ae14c1-58c2-4374-bab6-f24660e12a54
x-runtime: 0.007775
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0c9ecfab34b9d5adf, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
login.micrasoft-395office.com/ 0
467 B 213ms
208ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.micrasoft-395office.com/trace?id=test_228efad4c1&msg=Loading%20flash%20version&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Requested by

Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 84974fda-da4c-4f7e-ba4f-6860f633744f
x-runtime: 0.003227
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-05c60195317a98155, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
login.micrasoft-395office.com/ 0
466 B 206ms
201ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.micrasoft-395office.com/trace?id=test_228efad4c1&msg=flash%20%3D%20unknown&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Requested by

Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: ce53c52b-3a4a-456c-afb9-f4c55f2387f4
x-runtime: 0.003591
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0eff09ca492b0f67c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
login.micrasoft-395office.com/ 0
467 B 197ms
192ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.micrasoft-395office.com/trace?id=test_228efad4c1&msg=Loading%20pdf%20version&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Requested by

Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: c972dd66-9953-47fa-8f30-ce3cb6d655b4
x-runtime: 0.001960
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0462893be421cc542, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
login.micrasoft-395office.com/ 0
466 B 213ms
209ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.micrasoft-395office.com/trace?id=test_228efad4c1&msg=Could%20not%20find%20AdobeReader%20version&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Requested by

Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 7b78eeb8-981b-442b-8094-2390ed424751
x-runtime: 0.007534
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0c9ecfab34b9d5adf, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
login.micrasoft-395office.com/ 0
467 B 211ms
206ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.micrasoft-395office.com/trace?id=test_228efad4c1&msg=pdf%20%3D%20unknown&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Requested by

Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 7346a259-94d6-44db-8025-7d85a9dda1d4
x-runtime: 0.003147
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-05c60195317a98155, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
login.micrasoft-395office.com/ 0
466 B 211ms
207ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.micrasoft-395office.com/trace?id=test_228efad4c1&msg=Loading%20quicktime%20version&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Requested by

Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 0db78b02-c290-4139-a8b3-33df7f306e21
x-runtime: 0.002940
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0eff09ca492b0f67c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
login.micrasoft-395office.com/ 0
466 B 203ms
199ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.micrasoft-395office.com/trace?id=test_228efad4c1&msg=quicktime%20%3D%20unknown&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Requested by

Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 4ec7bdcf-1b42-43b0-89db-905bc72e2129
x-runtime: 0.002815
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0462893be421cc542, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
login.micrasoft-395office.com/ 0
466 B 208ms
204ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.micrasoft-395office.com/trace?id=test_228efad4c1&msg=Loading%20RealPlayer%20version&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Requested by

Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: f9e78b40-9c2e-4417-82c0-88b834931d7f
x-runtime: 0.001196
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0c9ecfab34b9d5adf, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
login.micrasoft-395office.com/ 0
466 B 202ms
198ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.micrasoft-395office.com/trace?id=test_228efad4c1&msg=realplayer%20%3D%20unknown&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Requested by

Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 0c92e084-1dc6-4969-84c1-4ded184ed070
x-runtime: 0.001355
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-05c60195317a98155, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
login.micrasoft-395office.com/ 0
465 B 213ms
209ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.micrasoft-395office.com/trace?id=test_228efad4c1&msg=Loading%20Silverlight%20version&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Requested by

Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 2e11e82b-fc75-410e-8644-69e4a3a1e8c7
x-runtime: 0.003492
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0eff09ca492b0f67c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
login.micrasoft-395office.com/ 0
466 B 203ms
200ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.micrasoft-395office.com/trace?id=test_228efad4c1&msg=silverlight%20%3D%20unknown&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Requested by

Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: c74a0d95-6421-44c5-8cad-58372658c5fc
x-runtime: 0.002927
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0462893be421cc542, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
login.micrasoft-395office.com/ 0
465 B 205ms
201ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.micrasoft-395office.com/trace?id=test_228efad4c1&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Requested by

Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: e44e6d1c-01e9-444d-ac4a-173b22c0c9aa
x-runtime: 0.001935
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0c9ecfab34b9d5adf, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
login.micrasoft-395office.com/ 0
466 B 197ms
194ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.micrasoft-395office.com/trace?id=test_228efad4c1&msg=wmp%20%3D%20unknown&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Requested by

Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 3a6d32fb-ee04-449b-a193-b5a66d42d410
x-runtime: 0.001836
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-05c60195317a98155, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
login.micrasoft-395office.com/ 0
467 B 199ms
196ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.micrasoft-395office.com/trace?id=test_228efad4c1&msg=redirecting%20to%20%2Fload_training%3Fguid%3Dtest_23228efcaad4c1dd%26correlation_id%3Df643580a-9a6a-44d5-b1bd-43e669129ebf&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Requested by

Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: b7d3b631-1ea1-4fcb-8d45-f6f5f6f74905
x-runtime: 0.004456
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0eff09ca492b0f67c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
login.micrasoft-395office.com/ 0
466 B 108ms
108ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.micrasoft-395office.com/trace?id=test_228efad4c1&msg=browser_post_successful&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Requested by

Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: e6c49947-dd4f-4f0e-bbee-56f743e3c488
x-runtime: 0.001484
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0462893be421cc542, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 Primary Request load_training Show response
login.micrasoft-395office.com/ 10 KB
4 KB 111ms
111ms Document
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Requested by

Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/assets/all.js?g=test_228efad4c1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

2c22af598666eefc106e30c81f49a2167c6d4bd4e5818dd6ad2d1817217f498e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://login.micrasoft-395office.com/test_ad228ef93ad4c132?l=47
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 15 Mar 2023 00:13:07 GMT
etag: W/"ede11e5e277c04581e8c802e4049ec9a"
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-host-info: lw-prod-eu-i-0c9ecfab34b9d5adf ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-permitted-cross-domain-policies: none
x-request-id: 45f9a96a-68f1-46d6-9c27-098337acd126
x-runtime: 0.010741
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 89ms
41ms Stylesheet
text/css 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700

Requested by

Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 15 Mar 2023 00:13:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 22:19:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Mar 2023 00:13:08 GMT

GET
H/1.1 200
OK data.css
tslp.s3.amazonaws.com/training/embedded/css/ 6 KB
7 KB 41ms
38ms Stylesheet
text/css 3.5.6.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/training/embedded/css/data.css
Requested by: Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.6.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: adf0c62899a527e2b0b1976fe4961f78aa362206982fa2c4486ff0a6bdc360cc

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 15 Mar 2023 00:13:08 GMT
x-amz-version-id: lsvs1vlXSw0lCMRdlSOvqxZij9A2n7Kf
Last-Modified: Fri, 26 Aug 2022 14:07:46 GMT
Server: AmazonS3
x-amz-request-id: XAYCCW3RAYMSPB30
ETag: "ebe84e06c29c5d2cbd7ee1614448a7be"
x-amz-server-side-encryption: AES256
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 6364
x-amz-id-2: B+AEgXoJKluO64hkGpGF2iDleZrwg3aO0+7EIpmv99+Qg5vhyJ6ZHBJZyISKw9k6yhFv0axAv8ra8Wnck6vlUg==

GET
H/1.1 200
OK langdrop.css
tslp.s3.amazonaws.com/training/teachable_moments/css/ 2 KB
2 KB 44ms
40ms Stylesheet
text/css 3.5.6.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/training/teachable_moments/css/langdrop.css
Requested by: Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.6.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5243766eedfcba70128c2931dbef8875f942b81e39002d80dc0110167d4ef742

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 15 Mar 2023 00:13:08 GMT
x-amz-version-id: OhzuQr9n0bqd2zskiPVZjmnmHAmPcoAx
Last-Modified: Fri, 26 Aug 2022 14:07:49 GMT
Server: AmazonS3
x-amz-request-id: XAY5NF1E73JH0C6E
ETag: "bc7f970ad0f163bc72c9ae9aa09e1cde"
x-amz-server-side-encryption: AES256
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 1713
x-amz-id-2: Fq8RAb/7le0faTpuVaoT55jWIx8afgPK4d2nB5zMQ5bcg96dz/ZdKVr9T6Ll8WtOGkpuNSaALF2rxMFSFoVmKw==

GET
H/1.1 200
OK bugsnag-2.min.js Show response
d2wy8f7a9ursnm.cloudfront.net/ 6 KB
3 KB 21ms
18ms Script
application/javascript 54.230.244.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
Requested by: Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.244.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-244-62.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: null
Content-Encoding: gzip
Via: 1.1 2c7d387775f2e52dd268d2f49202b5d2.cloudfront.net (CloudFront)
Date: Sat, 11 Mar 2023 08:37:18 GMT
X-Amz-Cf-Pop: EWR53-P1
Age: 315350
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 2962
Last-Modified: Wed, 10 Aug 2016 00:30:49 GMT
Server: AmazonS3
ETag: "6103bb5e4ec6141e19e1100caafc780c"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
X-Amz-Cf-Id: syXiiKfbwDAsLgj0QizDNIMmX1HFMXtYrm6V3zLmAaxxGqL1BzVpSA==

GET
H2 200 jquery.min.js Show response
login.micrasoft-395office.com/assets/ajax/libs/jquery/1.11.0/ 94 KB
33 KB 107ms
103ms Script
application/javascript 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.micrasoft-395office.com/assets/ajax/libs/jquery/1.11.0/jquery.min.js
Requested by: Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-224-253.eu-west-1.compute.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:13:08 GMT
content-encoding: gzip
last-modified: Thu, 19 Jan 2023 14:01:16 GMT
server: ThreatSim-Web-Server
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK plugin_detect.js Show response
tslp.s3.amazonaws.com/detect/ 49 KB
49 KB 41ms
38ms Script
text/javascript 3.5.6.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=test_228efad4c1&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf
Requested by: Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.6.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 15 Mar 2023 00:13:08 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 17:56:07 GMT
Server: AmazonS3
x-amz-request-id: XAY8066Q4EYWXGV3
ETag: "00a513f07603df01e3b99be00f370754"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 50085
x-amz-id-2: tUhF1txF1Fcf3xDGHCgiX4iwQEc3h4tLS4qnUpFHdId4MjdTnMlDMMjFHfTV2/f0imoVKOQcj2MNjNRsdICShg==

GET
H/1.1 200
OK java.js Show response
tslp.s3.amazonaws.com/detect/ 50 KB
50 KB 42ms
39ms Script
text/javascript 3.5.6.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/java.js?guid=test_228efad4c1&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf
Requested by: Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.6.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4805fc6abdad8075af2165e241b781c3073d4769ae725e4004bf79064acb5f24

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 15 Mar 2023 00:13:08 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 14:38:28 GMT
Server: AmazonS3
x-amz-request-id: XAY62K8S8DWZG380
ETag: "2bec0061039dc3fb25fc20aaf611d5b9"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 50717
x-amz-id-2: Fz+4Y7+M9V8y4ki8NqhRBcddbMAdLiiExdSMYjeNLdZIoNfpM2BB2bDKNobOb6VLUgosc1YohGp6otrYVr+y4Q==

GET
H2

200

deployJava.js Show response
www.java.com/js/
Redirect Chain

https://java.com/js/deployJava.js
https://www.java.com/js/deployJava.js

18 KB
6 KB

46ms
46ms

Script
application/javascript

2600:1400:d::1721:ee52
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.java.com/js/deployJava.js

Requested by

Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Protocol

Server

2600:1400:d::1721:ee52 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

358bb442f5d81ddc8e393d922458a9d84010efee2c346763ae87a45be92224d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

unused62: 8096267
date: Wed, 15 Mar 2023 00:13:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
akamai-grn: , , , 0.4eee2117.1678839188.3c15e58b
x-oracle-dms-rid: 0
content-disposition: attachment; filename="deployJava.js";filename*=UTF-8''deployJava.js
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466344_388099662_1008067979_173_19343_22_0";dur=1
content-length: 5512
x-xss-protection: 1
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
etag: D07B023847CD4DC5C4ED4AB4FC46AD47BDD6E99A0663:19
vary: Accept-Encoding
x-oracle-dms-ecid: b53b70d7-8e10-469f-a56c-440abaee13cc-0469beae
content-type: application/javascript
cache-control: public, max-age=86400
expires: Thu, 16 Mar 2023 00:13:08 GMT

Redirect headers

date: Wed, 15 Mar 2023 00:13:07 GMT
server: AkamaiGHost
akamai-grn: 0.4eee2117.1678839187.3c15e508
location: https://www.java.com/js/deployJava.js
cache-control: max-age=86400
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466344_388099662_1008067848_23_19121_23_0";dur=1
content-length: 0
x-xss-protection: 1
expires: Thu, 16 Mar 2023 00:13:07 GMT

GET
H/1.1 200
OK flash.js Show response
tslp.s3.amazonaws.com/detect/ 7 KB
7 KB 41ms
38ms Script
text/javascript 3.5.6.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/flash.js?guid=test_228efad4c1&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf
Requested by: Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.6.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: a26d01d5912459798481786640dc44fd7605d09f2f9e6dd24720205efcab6861

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 15 Mar 2023 00:13:08 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 03:54:01 GMT
Server: AmazonS3
x-amz-request-id: XAY7PP1M4Q52C3QX
ETag: "f9ad9a096894ba248e4a1f73e7eba1be"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 6680
x-amz-id-2: UXfHW9W/GiQMpjSLCWT3On+es87dZuyHSX+8HxkG68Seq+4+bJPtOBoBKTp2fLsOvGS3MlEsMk/89aU9U93acw==

GET
H/1.1 200
OK pdf.js Show response
tslp.s3.amazonaws.com/detect/ 22 KB
23 KB 38ms
36ms Script
text/javascript 3.5.6.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/pdf.js?guid=test_228efad4c1&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf
Requested by: Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.6.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d9b7c6163477008469af64b211e2dbd4f4171b85b51e3714f11c99f9ba2c32f9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 15 Mar 2023 00:13:08 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 14:39:34 GMT
Server: AmazonS3
x-amz-request-id: XAY2NPAZ5P1ERQEG
ETag: "0d5882d41c8b6e40059c8d9acbcf1518"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 22855
x-amz-id-2: UgWdvPbFYipXd56S60WuxROuf6/aElo+YGcNc7eiaaJ3H3JF8SyKzPMC+ZaLbJ60iEuG+cV16U06j7a97i3xUQ==

GET
H/1.1 200
OK quicktime.js Show response
tslp.s3.amazonaws.com/detect/ 7 KB
7 KB 82ms
38ms Script
text/javascript 3.5.6.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/quicktime.js?guid=test_228efad4c1&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf
Requested by: Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.6.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6ae53963f41133561c78b4332b564c01f551c471cd91d980436a9f5dacdd8f19

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 15 Mar 2023 00:13:09 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 14:41:05 GMT
Server: AmazonS3
x-amz-request-id: DZPYYG1BR6NFDFNX
ETag: "ee73f2f47d51116dc40b85a6b57eaf20"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 6999
x-amz-id-2: 7ifkNLojuuOo3kizfrpGt1W8osh1gc22S/8xEkbVJhGHTv7GhD980t7iQXd2PVFhyECVvixXMG2ZTFgBlGwlcw==

GET
H/1.1 200
OK realplayer.js Show response
tslp.s3.amazonaws.com/detect/ 10 KB
10 KB 78ms
34ms Script
text/javascript 3.5.6.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/realplayer.js?guid=test_228efad4c1&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf
Requested by: Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.6.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 88be902cc76b5ec1ec932b6ae93457b6b0ca69d7a36bfadefc2f24db225dc238

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 15 Mar 2023 00:13:09 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 14:45:02 GMT
Server: AmazonS3
x-amz-request-id: DZPVG2BZT2T9PT9M
ETag: "3d7be656672c16a34806c13388410325"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 9775
x-amz-id-2: 6//AyxIDjjvlK5W4ctvEYZMPqXemRep/nKax45wn6NhArV7HoBrZ6AvyAuvwx0Aza8jv6p10HRw5qdoGiP1XGQ==

GET
H/1.1 200
OK silverlight.js Show response
tslp.s3.amazonaws.com/detect/ 4 KB
5 KB 81ms
36ms Script
text/javascript 3.5.6.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/silverlight.js?guid=test_228efad4c1&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf
Requested by: Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.6.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0730a7e6770925fa4232096e4d9874514985ec791a63fe873f0e4e3cd7722381

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 15 Mar 2023 00:13:09 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 18:00:03 GMT
Server: AmazonS3
x-amz-request-id: DZPNQGB2MVS9WPX7
ETag: "e6dd596d2bc204ea573b868b92028c26"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 4234
x-amz-id-2: GKM0ywAiXT6QZEIiZVujIzLNBiwtSwv21FF6UO3DCzXvkaMMjXuCnHQnQBRsgkgMw8SW5ylN923L8nA7smm1kw==

GET
H/1.1 200
OK wmp.js Show response
tslp.s3.amazonaws.com/detect/ 6 KB
6 KB 98ms
37ms Script
text/javascript 3.5.6.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/wmp.js?guid=test_228efad4c1&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf
Requested by: Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.6.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: cdb16ca3ddd3cead71121799751fa80d3033375abcdbc5fc84d35fb82c7fc9de

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 15 Mar 2023 00:13:09 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 15:07:14 GMT
Server: AmazonS3
x-amz-request-id: DZPSWS1DEN3WA7NZ
ETag: "ffd2cc77bb64d40beeb5d561fffe1f79"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 5941
x-amz-id-2: nfGhTqV/Wk0kfRx/N8llQVvL7k3r3+FmITGxrKnOEuUf97aPdtkL1W7lDU5gI6DTapxuPcUi4GOUvRfJjSVuWg==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.2/ 91 KB
33 KB 79ms
21ms Script
text/javascript 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js

Requested by

Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 06:37:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63315
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33621
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Mar 2024 06:37:53 GMT

GET
H/1.1 200
OK language.18071.js Show response
tslp.s3.amazonaws.com/languages/ 8 KB
8 KB 99ms
37ms Script
application/javascript 3.5.6.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/languages/language.18071.js
Requested by: Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.6.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 73f360f08e8c2a1719c098491e17d53cdaa98d246585bfd0285a2afad75c51a7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 15 Mar 2023 00:13:09 GMT
x-amz-version-id: U_kpSjDDW4npfowvZPZnd2_aKVkUaKPA
Last-Modified: Fri, 26 Aug 2022 14:07:38 GMT
Server: AmazonS3
x-amz-request-id: DZPH9VK0Q9BSYGER
ETag: "8b9a9d305bd69c962b600c08f3c69edf"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 8207
x-amz-id-2: x42BnvaJaGHPv4vBOjFv1PuXf5U7yKC0+kSvTZ29F/umzGB3InebgLy+vg/xnoYfVHKw19xCDVJAoWVxIjp7yg==

GET
H/1.1 200
OK training.js Show response
tslp.s3.amazonaws.com/assets/js/ 352 B
823 B 122ms
42ms Script
application/javascript 3.5.6.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/assets/js/training.js
Requested by: Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.6.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8a1170223599205267c6ee3a3072855f1727461d9dd1066bb94f39180f963af9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 15 Mar 2023 00:13:09 GMT
x-amz-version-id: 6KvPBARKn9Wl5VW3Hl_LtK2bIq68QrGH
Last-Modified: Fri, 26 Aug 2022 14:07:38 GMT
Server: AmazonS3
x-amz-request-id: DZPYD9YSZZ1RPPM4
ETag: "029ab28ca3c245dc425e3f3f6599d480"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 352
x-amz-id-2: CQif1bZeJd7hoRRYv2AVYCB4iq7aT4U73tZUfUy07+OalGCDtBrKXKgBaIBZpIlOxYM9kYLzAKXmEEMibc4Ttg==

GET
H2 200 all.js Show response
login.micrasoft-395office.com/assets/ 28 KB
7 KB 100ms
98ms Script
application/javascript 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.micrasoft-395office.com/assets/all.js?guid=test_228efad4c1&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf
Requested by: Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-224-253.eu-west-1.compute.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: 39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:13:07 GMT
content-encoding: gzip
last-modified: Thu, 19 Jan 2023 14:04:40 GMT
server: ThreatSim-Web-Server
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
content-length: 7191
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK data-52dac8.png
tslp.s3.amazonaws.com/training/production/314/ 10 KB
11 KB 39ms
39ms Image
image/png 3.5.6.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tslp.s3.amazonaws.com/training/production/314/data-52dac8.png
Requested by: Host: tslp.s3.amazonaws.com
URL: https://tslp.s3.amazonaws.com/training/embedded/css/data.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.6.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: ce2df3cd5abe9350ab496bdd0192fe991ae9c74e29ee0537bb3fbfedf70a10e9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tslp.s3.amazonaws.com/training/embedded/css/data.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 15 Mar 2023 00:13:09 GMT
x-amz-version-id: OwWFXIciy68R6eFABOFkB8sLpO48LeDF
Last-Modified: Fri, 26 Aug 2022 14:07:48 GMT
Server: AmazonS3
x-amz-request-id: DZPTF3J7TG7ZCY34
ETag: "aa94e3eb1f29367ff60b2b22db9d4f5b"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 10591
x-amz-id-2: KWlUmPiwWA2BB3BRz+VUXG/3DSMwDwmd/Waw/YPUdFNEqpefdLImKy9UPu1EGZohMoJCwWpCp/HgHQjNyNTfMg==

GET
H/1.1 200
OK mail.png
d25q7gseii1o1q.cloudfront.net/training/fish/ 926 B
1 KB 130ms
39ms Image
image/png 143.204.141.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d25q7gseii1o1q.cloudfront.net/training/fish/mail.png
Requested by: Host: tslp.s3.amazonaws.com
URL: https://tslp.s3.amazonaws.com/training/embedded/css/data.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.141.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-141-8.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a35de3a30e58bf477febca8b47225959f48fd384faf088a218d6bf2251f06cbe

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tslp.s3.amazonaws.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Tue, 14 Mar 2023 03:21:43 GMT
Via: 1.1 f90455bc1ae6b17d472e4be0fa0d191e.cloudfront.net (CloudFront)
Last-Modified: Fri, 30 May 2014 15:01:28 GMT
Server: AmazonS3
X-Amz-Cf-Pop: EWR52-C2
Age: 75086
ETag: "3c506b80d78539262795c9ba59a0631a"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 926
X-Amz-Cf-Id: HiGNuoHYJg0UaZkNRLCCi2-M76QjZ5Xdd_U8VyhjeAY6mEghdq2dyA==

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 72ms
20ms Font
font/woff2 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://login.micrasoft-395office.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 17:49:30 GMT
x-content-type-options: nosniff
age: 455018
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Mar 2024 17:49:30 GMT

GET
H2 200 trace
login.micrasoft-395office.com/ 0
466 B 103ms
102ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.micrasoft-395office.com/trace?id=undefined&msg=window.tracking_id%20is%20not%20set%2C%20let%27s%20get%20it&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Requested by

Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:13:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 492601c4-68be-4f14-b8ea-9807b778d3d1
x-runtime: 0.001873
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0462893be421cc542, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
login.micrasoft-395office.com/ 0
466 B 102ms
101ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.micrasoft-395office.com/trace?id=unknown&msg=get-id%20is%20undefined&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Requested by

Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:13:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: b4ed61c0-af3a-4e43-a0e8-6f5705367a7d
x-runtime: 0.002078
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0c9ecfab34b9d5adf, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
login.micrasoft-395office.com/ 0
466 B 103ms
102ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.micrasoft-395office.com/trace?id=unknown&msg=did%20not%20find%20guid%20in%20last%20part%20of%20location&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Requested by

Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:13:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: ca94c31a-3e7a-420d-9ea6-416804042b33
x-runtime: 0.002022
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-05c60195317a98155, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H/1.1 200
OK en-us.json Show response
tslp.s3.amazonaws.com/training/embedded/translations/data/ 2 KB
2 KB 111ms
60ms XHR
application/json 3.5.6.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/training/embedded/translations/data/en-us.json
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.6.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: f857219c795f8beac05cda0e90e7e4997bf91970301070df30c903e04d492c5e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://login.micrasoft-395office.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 15 Mar 2023 00:13:09 GMT
x-amz-version-id: Yoo2._idFpF1FC1NLYW8NFDJZIihFn1J
Last-Modified: Thu, 19 Jan 2023 16:09:23 GMT
Server: AmazonS3
x-amz-request-id: DZPK112Z6JZ3GNS4
ETag: "a15ae6b93da289454a88a2450ef08e84"
x-amz-server-side-encryption: AES256
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Content-Type: application/json
Accept-Ranges: bytes
Content-Length: 1859
x-amz-id-2: HNemxY86H8O7vd83O+vuQRcazwjBju6d8Rrebh9h4UB3LYwtHvTTWXVSotV5USgNbklks2OEvuheQgsTsgYIlw==

GET
H2 200 training_screenshot Show response
login.micrasoft-395office.com/ Frame E032 3 KB
2 KB 106ms
105ms Document
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.micrasoft-395office.com/training_screenshot?guid=test_228efad4c1&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

29fa71bfe607c9ab4dd48306fe8c60aa4fdb342c7863cda2c3f72f8a31bfad3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 15 Mar 2023 00:13:08 GMT
etag: W/"29fa71bfe607c9ab4dd48306fe8c60aa"
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-host-info: lw-prod-eu-i-0eff09ca492b0f67c ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-permitted-cross-domain-policies: none
x-request-id: 67fc21a7-08f0-498d-ad97-6baa1b9afca8
x-runtime: 0.005936
x-xss-protection: 1; mode=block

GET
H2 200 log
login.micrasoft-395office.com/ 0
476 B 108ms
99ms Image
image/gif 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.micrasoft-395office.com/log?id=test_228efad4c1&campaign_guid=test_228efad4c1&msg=embeddedhtmlemail%20id%20exists%20with%20environment%20%3D%20production

Requested by

Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:13:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 65c36de9-4a68-4b4f-811e-71408c76a50e
x-runtime: 0.001840
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0462893be421cc542, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/gif; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 log
login.micrasoft-395office.com/ 0
477 B 124ms
113ms Image
image/gif 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.micrasoft-395office.com/log?id=test_228efad4c1&campaign_guid=test_228efad4c1&msg=Loading%20embedded%20html

Requested by

Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:13:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: f8586f65-fb29-4979-a7e4-b95c3cd26075
x-runtime: 0.002426
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0c9ecfab34b9d5adf, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/gif; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 log
login.micrasoft-395office.com/ 0
476 B 121ms
111ms Image
image/gif 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.micrasoft-395office.com/log?id=test_228efad4c1&campaign_guid=test_228efad4c1&msg=logo_object%20does%20not%20exist

Requested by

Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:13:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 03a45ba5-1e54-4f89-8b4a-8fcbc2e8cb84
x-runtime: 0.002083
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-05c60195317a98155, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/gif; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
login.micrasoft-395office.com/ 0
466 B 120ms
109ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.micrasoft-395office.com/trace?id=test_23228efcaad4c1dd&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Requested by

Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:13:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 79718f44-0072-4e33-9404-b62df4d87027
x-runtime: 0.001557
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0eff09ca492b0f67c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
login.micrasoft-395office.com/ 0
466 B 120ms
110ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.micrasoft-395office.com/trace?id=test_23228efcaad4c1dd&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Requested by

Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:13:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: ee26a8bb-8012-492e-b0f6-6b83b4333632
x-runtime: 0.001602
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0462893be421cc542, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
login.micrasoft-395office.com/ 0
466 B 124ms
114ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.micrasoft-395office.com/trace?id=test_23228efcaad4c1dd&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Requested by

Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:13:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 8cb09c9d-a3e9-47f8-83b8-335f0f38e8b2
x-runtime: 0.001519
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0c9ecfab34b9d5adf, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
login.micrasoft-395office.com/ 0
466 B 189ms
179ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.micrasoft-395office.com/trace?id=test_23228efcaad4c1dd&msg=BrowserDetect%20-%20browser%20%3D%20Chrome&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Requested by

Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:13:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: d9b14dbd-d332-4f63-8ebf-5ca73a087af2
x-runtime: 0.002943
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-05c60195317a98155, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
login.micrasoft-395office.com/ 0
466 B 192ms
183ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.micrasoft-395office.com/trace?id=test_23228efcaad4c1dd&msg=BrowserDetect%20-%20browser_version%20%3D%20111&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Requested by

Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:13:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 5a1d4e77-d0d2-4bc6-98fe-44293483bf07
x-runtime: 0.003670
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0eff09ca492b0f67c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
login.micrasoft-395office.com/ 0
466 B 190ms
181ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.micrasoft-395office.com/trace?id=test_23228efcaad4c1dd&msg=BrowserDetect%20-%20os%20%3D%20Windows&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Requested by

Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:13:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 0936a7b7-2975-4c96-b015-543e471977b2
x-runtime: 0.002088
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0462893be421cc542, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
login.micrasoft-395office.com/ 0
465 B 197ms
188ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.micrasoft-395office.com/trace?id=test_23228efcaad4c1dd&msg=BrowserDetect%20-%20os_version%20%3D%2010&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Requested by

Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:13:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 1af52f1b-06c5-4f2e-a240-c3081dc1cfe3
x-runtime: 0.006869
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0c9ecfab34b9d5adf, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
login.micrasoft-395office.com/ 0
466 B 194ms
185ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.micrasoft-395office.com/trace?id=test_23228efcaad4c1dd&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Requested by

Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:13:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 36be42ab-6060-41fa-aa30-ba6760ce3f8e
x-runtime: 0.007019
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-05c60195317a98155, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
login.micrasoft-395office.com/ 0
466 B 191ms
182ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.micrasoft-395office.com/trace?id=test_23228efcaad4c1dd&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Requested by

Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:13:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 6218736d-c34c-4dfd-b4ad-c29eac574d3c
x-runtime: 0.001970
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0eff09ca492b0f67c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
login.micrasoft-395office.com/ 0
466 B 190ms
181ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.micrasoft-395office.com/trace?id=test_23228efcaad4c1dd&msg=BrowserDetect%20-%20width%20%3D%201600&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Requested by

Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-253.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:13:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 7e7f0258-f1f1-4af0-bd72-40be712fe240
x-runtime: 0.005944
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-eu-i-0462893be421cc542, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
login.micrasoft-395office.com/ 0
466 B 197ms
188ms Image
text/html 52.31.224.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.micrasoft-395office.com/trace?id=test_23228efcaad4c1dd&msg=BrowserDetect%20-%20height%20%3D%201200&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf
Requested by: Host: login.micrasoft-395office.com
URL: https://login.micrasoft-395office.com/load_training?guid=test_23228efcaad4c1dd&correlation_id=f643580a-9a6a-44d5-b1bd-43e669129ebf
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.224.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS

login.micrasoft-395office.com Open in urlscan Pro 52.31.224.253

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

115 Requests

97 %HTTPS

50 %IPv6

6 Domains

9 Subdomains

9 IPs

2 Countries

565 kBTransfer

783 kBSize

3 Cookies

1 Outgoing links

Page URL History

Redirected requests

115 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

login.micrasoft-395office.com
52.31.224.253

Screenshot
Live screenshot

Full Image

115
Requests

97 %
HTTPS

50 %
IPv6

6
Domains

9
Subdomains

9
IPs

2
Countries

565 kB
Transfer

783 kB
Size

3
Cookies

115 HTTP transactions
0 data transactions