Submitted URL: http://activation.corp-internal.co/7f9c3199491157d5?l=34
Effective URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Submission: On March 06 via manual from IN — Scanned from DE

Summary

This website contacted 7 IPs in 4 countries across 4 domains to perform 109 HTTP transactions. The main IP is 52.209.127.22, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is activation.corp-internal.co.
This is the only time activation.corp-internal.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
80 52.209.127.22 16509 (AMAZON-02)
20 54.231.169.169 16509 (AMAZON-02)
2 2 2a02:26f0:dc:... 20940 (AKAMAI-ASN1)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 13.225.84.161 16509 (AMAZON-02)
3 52.218.36.1 16509 (AMAZON-02)
1 52.217.236.89 16509 (AMAZON-02)
109 7
Apex Domain
Subdomains
Transfer
80 corp-internal.co
activation.corp-internal.co
136 KB
24 amazonaws.com
tslp.s3.amazonaws.com — Cisco Umbrella Rank: 197593
ts-eu-uploads.s3.amazonaws.com
359 KB
4 java.com
java.com — Cisco Umbrella Rank: 35297
www.java.com — Cisco Umbrella Rank: 56632
13 KB
2 cloudfront.net
d2wy8f7a9ursnm.cloudfront.net
7 KB
109 4
Domain Requested by
80 activation.corp-internal.co activation.corp-internal.co
21 tslp.s3.amazonaws.com activation.corp-internal.co
3 ts-eu-uploads.s3.amazonaws.com activation.corp-internal.co
2 d2wy8f7a9ursnm.cloudfront.net activation.corp-internal.co
2 www.java.com activation.corp-internal.co
2 java.com 2 redirects
109 6

This site contains links to these domains. Also see Links.

Domain
w3.ibm.com
Subject Issuer Validity Valid
*.s3.amazonaws.com
Amazon
2022-09-21 -
2023-08-26
a year crt.sh

This page contains 1 frames:

Primary Page: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Frame ID: C37608B1150974CBDA774F805DE970A7
Requests: 109 HTTP requests in this frame

Screenshot

Page Title

Don't Worry!

Page URL History Show full URLs

  1. http://activation.corp-internal.co/7f9c3199491157d5?l=34 Page URL
  2. http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /bugsnag.*\.js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

109
Requests

21 %
HTTPS

29 %
IPv6

4
Domains

6
Subdomains

7
IPs

4
Countries

514 kB
Transfer

658 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://activation.corp-internal.co/7f9c3199491157d5?l=34 Page URL
  2. http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://java.com/js/deployJava.js HTTP 302
  • https://www.java.com/js/deployJava.js
Request Chain 54
  • https://java.com/js/deployJava.js HTTP 302
  • https://www.java.com/js/deployJava.js

109 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
7f9c3199491157d5
activation.corp-internal.co/
4 KB
2 KB
Document
General
Full URL
http://activation.corp-internal.co/7f9c3199491157d5?l=34
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e908652f1937a324df76a83ecce248290c30297fb243ef585d2f460fa1aac4f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Mon, 06 Mar 2023 09:42:41 GMT
ETag
W/"e908652f1937a324df76a83ecce24829"
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Host-Info
lw-prod-eu-i-0462893be421cc542 ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Permitted-Cross-Domain-Policies
none
X-Request-Id
554e43e1-bfd5-4298-8924-7b220a7ca41e
X-Runtime
0.016900
X-XSS-Protection
1; mode=block
alt_pixel_click_9c31991157.gif
activation.corp-internal.co/
0
0

plugin_detect.js
tslp.s3.amazonaws.com/detect/
49 KB
49 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=9c31991157&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/7f9c3199491157d5?l=34
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.169.169 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:42 GMT
x-amz-version-id
null
Last-Modified
Wed, 15 Feb 2017 17:56:07 GMT
Server
AmazonS3
x-amz-request-id
JGK1J7HS7BMKP1WV
ETag
"00a513f07603df01e3b99be00f370754"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
50085
x-amz-id-2
mOXRxJNwRpP1nlDF2u2nvMn8EWYrYDO0nBaeBiJtu12uuuVTUgQ/mXxf7+upkdW/4uNI9+c05AA=
java.js
tslp.s3.amazonaws.com/detect/
50 KB
50 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/java.js?guid=9c31991157&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/7f9c3199491157d5?l=34
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.169.169 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
4805fc6abdad8075af2165e241b781c3073d4769ae725e4004bf79064acb5f24

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:42 GMT
x-amz-version-id
null
Last-Modified
Wed, 15 Feb 2017 14:38:28 GMT
Server
AmazonS3
x-amz-request-id
JGKE7PBV4HBTS8SS
ETag
"2bec0061039dc3fb25fc20aaf611d5b9"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
50717
x-amz-id-2
ciXm1sx5f9Cx8RH6gFgCk4CevvzmVNXBwpCCvPd5cz09Fi61HyOTbJRmrGIy8FSuVc7EnWjE4io=
deployJava.js
www.java.com/js/
Redirect Chain
  • https://java.com/js/deployJava.js
  • https://www.java.com/js/deployJava.js
18 KB
6 KB
Script
General
Full URL
https://www.java.com/js/deployJava.js
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/7f9c3199491157d5?l=34
Protocol
H2
Server
2a02:26f0:3500:1b::1724:a397 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
358bb442f5d81ddc8e393d922458a9d84010efee2c346763ae87a45be92224d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 09:42:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
akamai-grn
, , 0.97a12417.1678095761.29d5321f
x-oracle-dms-rid
0
content-disposition
attachment; filename="deployJava.js";filename*=UTF-8''deployJava.js
server-timing
cdn-cache; desc=HIT, edge; dur=6, ak_p; desc="466137_388276631_701837855_642_19791_38_0";dur=1
content-length
5512
x-xss-protection
1
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
etag
"D07B023847CD4DC5C4ED4AB4FC46AD47BDD6E99A0663:19"
vary
Accept-Encoding
x-oracle-dms-ecid
20c6c500-385c-4c85-b604-a0f3e6b04622-00061aa0
content-type
application/javascript
cache-control
public, max-age=86400
expires
Tue, 07 Mar 2023 09:42:41 GMT

Redirect headers

date
Mon, 06 Mar 2023 09:42:41 GMT
server
AkamaiGHost
akamai-grn
0.07045368.1678095761.62ffe2c2
location
https://www.java.com/js/deployJava.js
cache-control
max-age=86400
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466137_1750270983_1660936898_18_10340_60_0";dur=1
content-length
0
x-xss-protection
1
expires
Tue, 07 Mar 2023 09:42:41 GMT
flash.js
tslp.s3.amazonaws.com/detect/
7 KB
7 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/flash.js?guid=9c31991157&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/7f9c3199491157d5?l=34
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.169.169 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
a26d01d5912459798481786640dc44fd7605d09f2f9e6dd24720205efcab6861

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:42 GMT
x-amz-version-id
null
Last-Modified
Wed, 15 Feb 2017 03:54:01 GMT
Server
AmazonS3
x-amz-request-id
JGKFFMGVM5PAC5DG
ETag
"f9ad9a096894ba248e4a1f73e7eba1be"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
6680
x-amz-id-2
Q79WMqZrjA4N5YrMBwmL4b3qH4Bii5IaYQuepapp6zTvFSEyOG4+vZSxHAO29KG8CJOYcrBX1Bc=
pdf.js
tslp.s3.amazonaws.com/detect/
22 KB
23 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/pdf.js?guid=9c31991157&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/7f9c3199491157d5?l=34
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.169.169 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
d9b7c6163477008469af64b211e2dbd4f4171b85b51e3714f11c99f9ba2c32f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:42 GMT
x-amz-version-id
null
Last-Modified
Wed, 15 Feb 2017 14:39:34 GMT
Server
AmazonS3
x-amz-request-id
JGK0F8QPW3P46HYE
ETag
"0d5882d41c8b6e40059c8d9acbcf1518"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
22855
x-amz-id-2
zwE+XLf+q8IeBl6zt6gbfFK7WtO6btiehUd62cXGsWscbgD155YyILpA6x5kKrh8rEQvEMToD3g=
quicktime.js
tslp.s3.amazonaws.com/detect/
7 KB
7 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/quicktime.js?guid=9c31991157&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/7f9c3199491157d5?l=34
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.169.169 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
6ae53963f41133561c78b4332b564c01f551c471cd91d980436a9f5dacdd8f19

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:42 GMT
x-amz-version-id
null
Last-Modified
Wed, 15 Feb 2017 14:41:05 GMT
Server
AmazonS3
x-amz-request-id
JGK85PCTRAA0FYPP
ETag
"ee73f2f47d51116dc40b85a6b57eaf20"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
6999
x-amz-id-2
nvsd0RxFt8nB9RQNnXUA5UvOraOaW7kQarkz/1k488Lzt9crspvDfUKx7tdk1iNPzdOEd6Mb8MM=
realplayer.js
tslp.s3.amazonaws.com/detect/
10 KB
10 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/realplayer.js?guid=9c31991157&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/7f9c3199491157d5?l=34
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.169.169 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
88be902cc76b5ec1ec932b6ae93457b6b0ca69d7a36bfadefc2f24db225dc238

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:42 GMT
x-amz-version-id
null
Last-Modified
Wed, 15 Feb 2017 14:45:02 GMT
Server
AmazonS3
x-amz-request-id
JGKC3QEYTK45B6PE
ETag
"3d7be656672c16a34806c13388410325"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
9775
x-amz-id-2
ocWC4KykvvCXrVwQ4zPHatWMy6mnz3wUmxNW9ihYQLYv+msMf41sBXfjfXcMNHnWVrxWSufSne8=
silverlight.js
tslp.s3.amazonaws.com/detect/
4 KB
5 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/silverlight.js?guid=9c31991157&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/7f9c3199491157d5?l=34
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.169.169 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
0730a7e6770925fa4232096e4d9874514985ec791a63fe873f0e4e3cd7722381

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:42 GMT
x-amz-version-id
null
Last-Modified
Wed, 15 Feb 2017 18:00:03 GMT
Server
AmazonS3
x-amz-request-id
JGK5E692YMYHJZKA
ETag
"e6dd596d2bc204ea573b868b92028c26"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
4234
x-amz-id-2
E7bshvJSbBXNrBbnRNARnh/MIwWCwN3F+mfx5QM2W8NqPi3rcnXviT0Q+xoDesyml5uCnR2Wn7Y=
wmp.js
tslp.s3.amazonaws.com/detect/
6 KB
6 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/wmp.js?guid=9c31991157&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/7f9c3199491157d5?l=34
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.169.169 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
cdb16ca3ddd3cead71121799751fa80d3033375abcdbc5fc84d35fb82c7fc9de

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:42 GMT
x-amz-version-id
null
Last-Modified
Wed, 15 Feb 2017 15:07:14 GMT
Server
AmazonS3
x-amz-request-id
JGKAFGQX8HCPGAY4
ETag
"ffd2cc77bb64d40beeb5d561fffe1f79"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
5941
x-amz-id-2
o2Jy8lNWr2DEiHNf4JuZVX7FVQ4vyJ4sAJ6uQ6JceSu/OYK+S8WXLediLtfOyzhxmiKvjWyVwRc=
bugsnag-2.min.js
d2wy8f7a9ursnm.cloudfront.net/
6 KB
3 KB
Script
General
Full URL
http://d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/7f9c3199491157d5?l=34
Protocol
HTTP/1.1
Server
13.225.84.161 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-161.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id
null
Content-Encoding
gzip
Via
1.1 7158aa4ac648947d564b98d9769b5b2a.cloudfront.net (CloudFront)
Date
Sun, 05 Mar 2023 00:02:08 GMT
X-Amz-Cf-Pop
FRA2-C2
Age
121234
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
2962
Last-Modified
Wed, 10 Aug 2016 00:30:49 GMT
Server
AmazonS3
ETag
"6103bb5e4ec6141e19e1100caafc780c"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Accept-Ranges
bytes
X-Amz-Cf-Id
HaJk7cuGrbM140WhGnzqh1acXHRXECQmE8RUi6tFKGR7l0t1KX-lnw==
jquery.min.js
activation.corp-internal.co/assets/ajax/libs/jquery/1.9.1/
90 KB
32 KB
Script
General
Full URL
http://activation.corp-internal.co/assets/ajax/libs/jquery/1.9.1/jquery.min.js
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/7f9c3199491157d5?l=34
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/7f9c3199491157d5?l=34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:41 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 Jan 2023 14:01:13 GMT
Server
ThreatSim-Web-Server
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
all.js
activation.corp-internal.co/assets/
28 KB
7 KB
Script
General
Full URL
http://activation.corp-internal.co/assets/all.js?g=9c31991157
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/7f9c3199491157d5?l=34
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/7f9c3199491157d5?l=34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:41 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 Jan 2023 14:01:16 GMT
Server
ThreatSim-Web-Server
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Content-Length
7191
Expires
Thu, 31 Dec 2037 23:55:55 GMT
browser_post
activation.corp-internal.co/secure/
0
716 B
XHR
General
Full URL
http://activation.corp-internal.co/secure/browser_post
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/assets/ajax/libs/jquery/1.9.1/jquery.min.js
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
http://activation.corp-internal.co/7f9c3199491157d5?l=34
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Mon, 06 Mar 2023 09:42:41 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
86d5a4c0-07e9-41ae-9706-4ee57c587c1f
X-Runtime
0.007076
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0eff09ca492b0f67c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding, Accept
Content-Type
image/gif; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=9c31991157&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/7f9c3199491157d5?l=34
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/7f9c3199491157d5?l=34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:41 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
6eef7db6-5c18-4248-befe-6ee6658d1834
X-Runtime
0.001938
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0462893be421cc542, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=9c31991157&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/7f9c3199491157d5?l=34
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/7f9c3199491157d5?l=34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:41 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
9966ce07-ca7b-4952-8ddc-d26174f2a764
X-Runtime
0.002167
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-05c60195317a98155, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=9c31991157&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/7f9c3199491157d5?l=34
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/7f9c3199491157d5?l=34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:41 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
6aed1047-6315-425b-b6dd-d4308cceb225
X-Runtime
0.001610
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0462893be421cc542, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=9c31991157&msg=BrowserDetect%20-%20browser%20%3D%20Chrome&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/7f9c3199491157d5?l=34
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/7f9c3199491157d5?l=34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:41 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
97526409-2cf7-4251-b77d-08ee24e7e359
X-Runtime
0.001753
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0eff09ca492b0f67c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=9c31991157&msg=BrowserDetect%20-%20browser_version%20%3D%20110&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/7f9c3199491157d5?l=34
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/7f9c3199491157d5?l=34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:41 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
5dca7abe-ff3c-4939-aa64-4ac650f997cf
X-Runtime
0.001902
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0c9ecfab34b9d5adf, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=9c31991157&msg=BrowserDetect%20-%20os%20%3D%20Windows&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/7f9c3199491157d5?l=34
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/7f9c3199491157d5?l=34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:41 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
37e55d1d-fe2a-42f9-82c4-5166375f66fc
X-Runtime
0.001305
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0c9ecfab34b9d5adf, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=9c31991157&msg=BrowserDetect%20-%20os_version%20%3D%2010&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/7f9c3199491157d5?l=34
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/7f9c3199491157d5?l=34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:41 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
61472240-31f2-468f-9961-caa36d807d30
X-Runtime
0.001218
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0462893be421cc542, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=9c31991157&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/7f9c3199491157d5?l=34
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/7f9c3199491157d5?l=34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
1a7edea8-c972-4338-978d-b57925f0cf99
X-Runtime
0.001755
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-05c60195317a98155, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=9c31991157&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/7f9c3199491157d5?l=34
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/7f9c3199491157d5?l=34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
ba461d92-e8c4-4b56-801b-b8fbeb1fb21d
X-Runtime
0.001951
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0eff09ca492b0f67c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=9c31991157&msg=BrowserDetect%20-%20width%20%3D%201600&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/7f9c3199491157d5?l=34
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/7f9c3199491157d5?l=34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
6532f9e9-d224-4725-9808-cf5f0497e149
X-Runtime
0.002096
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0eff09ca492b0f67c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=9c31991157&msg=BrowserDetect%20-%20height%20%3D%201200&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/7f9c3199491157d5?l=34
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/7f9c3199491157d5?l=34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
c24d6118-3702-4481-81d5-04ddff0faedc
X-Runtime
0.001834
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0c9ecfab34b9d5adf, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=9c31991157&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Plugin&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/7f9c3199491157d5?l=34
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/7f9c3199491157d5?l=34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
632df55b-a965-4338-b0e3-5adb8960a48d
X-Runtime
0.002027
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-05c60195317a98155, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=9c31991157&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Viewer&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/7f9c3199491157d5?l=34
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/7f9c3199491157d5?l=34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
808bbae2-6712-4a7d-99a0-43bab8a26579
X-Runtime
0.001949
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0462893be421cc542, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=9c31991157&msg=BrowserDetect%20-%20plugin%20Native%20Client&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/7f9c3199491157d5?l=34
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/7f9c3199491157d5?l=34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
b9bd57c3-7390-4ac0-b43c-2682bb63b781
X-Runtime
0.001981
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0c9ecfab34b9d5adf, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=9c31991157&msg=Chrome%20browser%2C%20using%20more%20detailed%20version&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/7f9c3199491157d5?l=34
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/7f9c3199491157d5?l=34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
b0d3b9be-3a69-4420-b80d-6bcb12d261f8
X-Runtime
0.001350
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0462893be421cc542, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=9c31991157&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/7f9c3199491157d5?l=34
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/7f9c3199491157d5?l=34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
11530c3d-4226-48e7-8ef1-7113d298ea10
X-Runtime
0.002069
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0eff09ca492b0f67c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=9c31991157&msg=java_version_pl%20%3D%20unknown&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/7f9c3199491157d5?l=34
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/7f9c3199491157d5?l=34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
d9aae155-f210-4521-9323-e79021bd5f45
X-Runtime
0.001274
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0462893be421cc542, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=9c31991157&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/7f9c3199491157d5?l=34
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/7f9c3199491157d5?l=34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
97ba9e41-780d-4a00-a787-76fb70e152b0
X-Runtime
0.001901
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0c9ecfab34b9d5adf, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=9c31991157&msg=java_version_jres%20%3D%20unknown&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/7f9c3199491157d5?l=34
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/7f9c3199491157d5?l=34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
b07b1142-86f6-4f1e-b631-aa53f7c56ee6
X-Runtime
0.002068
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-05c60195317a98155, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=9c31991157&msg=java_version%20%3D%20undefined&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/7f9c3199491157d5?l=34
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/7f9c3199491157d5?l=34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
1844cdd4-4b42-49a9-b256-a3db1b3c57e6
X-Runtime
0.001806
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0eff09ca492b0f67c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=9c31991157&msg=Loading%20flash%20version&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/7f9c3199491157d5?l=34
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/7f9c3199491157d5?l=34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
5791a3d1-a468-403e-8fb0-00dd9509c7ad
X-Runtime
0.001822
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-05c60195317a98155, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=9c31991157&msg=flash%20%3D%20unknown&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/7f9c3199491157d5?l=34
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/7f9c3199491157d5?l=34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
4f0dd48c-c2cf-463f-a085-c94ea55888ce
X-Runtime
0.001422
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0eff09ca492b0f67c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=9c31991157&msg=Loading%20pdf%20version&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/7f9c3199491157d5?l=34
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/7f9c3199491157d5?l=34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
74413d10-1c39-448d-aff9-955a2a5d25c1
X-Runtime
0.001943
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-05c60195317a98155, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=9c31991157&msg=Could%20not%20find%20AdobeReader%20version&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/7f9c3199491157d5?l=34
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/7f9c3199491157d5?l=34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
5ba09211-f963-4523-9518-6a0150feec36
X-Runtime
0.001318
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0462893be421cc542, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=9c31991157&msg=pdf%20%3D%20unknown&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/7f9c3199491157d5?l=34
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/7f9c3199491157d5?l=34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
5cdf4bf8-071a-4327-9e70-6dac3ce4d3e6
X-Runtime
0.001968
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0c9ecfab34b9d5adf, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=9c31991157&msg=Loading%20quicktime%20version&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/7f9c3199491157d5?l=34
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/7f9c3199491157d5?l=34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
c52e0dac-c10d-481a-9d98-348b66c7195b
X-Runtime
0.001089
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0462893be421cc542, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=9c31991157&msg=quicktime%20%3D%20unknown&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/7f9c3199491157d5?l=34
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/7f9c3199491157d5?l=34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
0d41506d-21b1-4f08-ae3d-4e4a96436eb3
X-Runtime
0.001809
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0c9ecfab34b9d5adf, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=9c31991157&msg=Loading%20RealPlayer%20version&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/7f9c3199491157d5?l=34
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/7f9c3199491157d5?l=34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
7596d191-dab6-411f-b0e9-4dd7144e7881
X-Runtime
0.001799
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0eff09ca492b0f67c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=9c31991157&msg=realplayer%20%3D%20unknown&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/7f9c3199491157d5?l=34
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/7f9c3199491157d5?l=34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
f4eeaa90-6ea8-443b-bced-1c0991eab1c1
X-Runtime
0.001400
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0c9ecfab34b9d5adf, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=9c31991157&msg=Loading%20Silverlight%20version&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/7f9c3199491157d5?l=34
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/7f9c3199491157d5?l=34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
ade52167-c08c-4fa1-b03d-89ff532f11b1
X-Runtime
0.001302
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0462893be421cc542, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=9c31991157&msg=silverlight%20%3D%20unknown&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/7f9c3199491157d5?l=34
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/7f9c3199491157d5?l=34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
0a054e94-2567-402f-9458-d58c988fcddf
X-Runtime
0.001815
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-05c60195317a98155, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=9c31991157&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/7f9c3199491157d5?l=34
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/7f9c3199491157d5?l=34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
c6d088a5-9eda-4daa-a4a8-f0438a97e88a
X-Runtime
0.001968
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-05c60195317a98155, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=9c31991157&msg=wmp%20%3D%20unknown&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/7f9c3199491157d5?l=34
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/7f9c3199491157d5?l=34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
2f6dd756-48ea-439f-b200-dfefb8489fe4
X-Runtime
0.001978
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0eff09ca492b0f67c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=9c31991157&msg=redirecting%20to%20%2Fload_training%3Fguid%3Dc79c319ff91157a8%26correlation_id%3Dadc1744e-a2db-4fb6-b2a4-d8616d978413&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/7f9c3199491157d5?l=34
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/7f9c3199491157d5?l=34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
6e2ce5b8-c374-40bf-9583-9047cfaac8e7
X-Runtime
0.001505
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0c9ecfab34b9d5adf, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=9c31991157&msg=browser_post_successful&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/7f9c3199491157d5?l=34
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/7f9c3199491157d5?l=34
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
f0faa0cd-265d-4408-a8b5-538dcf12ba8f
X-Runtime
0.001745
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-05c60195317a98155, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Primary Request load_training
activation.corp-internal.co/
15 KB
4 KB
Document
General
Full URL
http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/assets/all.js?g=9c31991157
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
9bcf367af6917619467d82760d871919fbfa07543070ccaacc7e1124efe3e91f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://activation.corp-internal.co/7f9c3199491157d5?l=34
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Mon, 06 Mar 2023 09:42:42 GMT
ETag
W/"9bcf367af6917619467d82760d871919"
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Host-Info
lw-prod-eu-i-0462893be421cc542 ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Permitted-Cross-Domain-Policies
none
X-Request-Id
e3d947e8-9b8b-4ddb-8a33-79b3d041e515
X-Runtime
0.015532
X-XSS-Protection
1; mode=block
bugsnag-2.min.js
d2wy8f7a9ursnm.cloudfront.net/
6 KB
3 KB
Script
General
Full URL
http://d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
HTTP/1.1
Server
13.225.84.161 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-161.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id
null
Content-Encoding
gzip
Via
1.1 7158aa4ac648947d564b98d9769b5b2a.cloudfront.net (CloudFront)
Date
Sun, 05 Mar 2023 00:02:08 GMT
X-Amz-Cf-Pop
FRA2-C2
Age
121235
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
2962
Last-Modified
Wed, 10 Aug 2016 00:30:49 GMT
Server
AmazonS3
ETag
"6103bb5e4ec6141e19e1100caafc780c"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Accept-Ranges
bytes
X-Amz-Cf-Id
M8ytKzqjlFIfgC8958iY0Z7wMS0EIlZE3Qy42_S1-btWTi94xiH2Xg==
jquery.min.js
activation.corp-internal.co/assets/ajax/libs/jquery/1.11.0/
94 KB
33 KB
Script
General
Full URL
http://activation.corp-internal.co/assets/ajax/libs/jquery/1.11.0/jquery.min.js
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:42 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 Jan 2023 14:01:13 GMT
Server
ThreatSim-Web-Server
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
plugin_detect.js
tslp.s3.amazonaws.com/detect/
49 KB
49 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=9c31991157&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.169.169 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:44 GMT
x-amz-version-id
null
Last-Modified
Wed, 15 Feb 2017 17:56:07 GMT
Server
AmazonS3
x-amz-request-id
T5TDGR476WCA7HZX
ETag
"00a513f07603df01e3b99be00f370754"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
50085
x-amz-id-2
J8dB7qNRtlCSiWl72sSv4BmJEpJB2CvtfbPtr3Te4CR1cgZoqSVIK8+76NB1FeV6iDMI5KGl1Xo=
java.js
tslp.s3.amazonaws.com/detect/
50 KB
50 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/java.js?guid=9c31991157&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.169.169 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
4805fc6abdad8075af2165e241b781c3073d4769ae725e4004bf79064acb5f24

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:44 GMT
x-amz-version-id
null
Last-Modified
Wed, 15 Feb 2017 14:38:28 GMT
Server
AmazonS3
x-amz-request-id
T5T8AM69M9NSMAF4
ETag
"2bec0061039dc3fb25fc20aaf611d5b9"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
50717
x-amz-id-2
l4e5VGMKoRluZbzqKUfdWjRtFalB+AVmCKPg6V75v8HrfAHg1h+wUuhUt/v/yvxLI1qUZlEhReI=
deployJava.js
www.java.com/js/
Redirect Chain
  • https://java.com/js/deployJava.js
  • https://www.java.com/js/deployJava.js
18 KB
6 KB
Script
General
Full URL
https://www.java.com/js/deployJava.js
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
H2
Server
2a02:26f0:3500:1b::1724:a397 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
358bb442f5d81ddc8e393d922458a9d84010efee2c346763ae87a45be92224d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 09:42:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
akamai-grn
, , 0.97a12417.1678095763.29d54fd6
x-oracle-dms-rid
0
content-disposition
attachment; filename="deployJava.js";filename*=UTF-8''deployJava.js
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466137_388276631_701845462_27_16760_38_0";dur=1
content-length
5512
x-xss-protection
1
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
etag
"D07B023847CD4DC5C4ED4AB4FC46AD47BDD6E99A0663:19"
vary
Accept-Encoding
x-oracle-dms-ecid
20c6c500-385c-4c85-b604-a0f3e6b04622-00061aa0
content-type
application/javascript
cache-control
public, max-age=86400
expires
Tue, 07 Mar 2023 09:42:43 GMT

Redirect headers

date
Mon, 06 Mar 2023 09:42:42 GMT
server
AkamaiGHost
akamai-grn
0.07045368.1678095762.62ffed73
location
https://www.java.com/js/deployJava.js
cache-control
max-age=86400
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466137_1750270983_1660939635_20_11250_60_0";dur=1
content-length
0
x-xss-protection
1
expires
Tue, 07 Mar 2023 09:42:42 GMT
flash.js
tslp.s3.amazonaws.com/detect/
7 KB
7 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/flash.js?guid=9c31991157&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.169.169 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
a26d01d5912459798481786640dc44fd7605d09f2f9e6dd24720205efcab6861

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:44 GMT
x-amz-version-id
null
Last-Modified
Wed, 15 Feb 2017 03:54:01 GMT
Server
AmazonS3
x-amz-request-id
T5TEQXKG6QBCT7RS
ETag
"f9ad9a096894ba248e4a1f73e7eba1be"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
6680
x-amz-id-2
uGfX4NMkIpvQbXPi4OYgRWfBnoIpCJ/xTYQ+yto5OeP6Ht9JmAw6c5DAGvX6R4nncnEHWFtGIfE=
pdf.js
tslp.s3.amazonaws.com/detect/
22 KB
23 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/pdf.js?guid=9c31991157&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.169.169 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
d9b7c6163477008469af64b211e2dbd4f4171b85b51e3714f11c99f9ba2c32f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:44 GMT
x-amz-version-id
null
Last-Modified
Wed, 15 Feb 2017 14:39:34 GMT
Server
AmazonS3
x-amz-request-id
T5TCBBJHRFHT64VM
ETag
"0d5882d41c8b6e40059c8d9acbcf1518"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
22855
x-amz-id-2
rt3z6BASoOCC+sXOn4Fy/v6CWFJi4J/kGttr/MYM5A58CeVeVz1Hg5tBIZaCHoG24aiE9gOiATs=
quicktime.js
tslp.s3.amazonaws.com/detect/
7 KB
7 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/quicktime.js?guid=9c31991157&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.169.169 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
6ae53963f41133561c78b4332b564c01f551c471cd91d980436a9f5dacdd8f19

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:44 GMT
x-amz-version-id
null
Last-Modified
Wed, 15 Feb 2017 14:41:05 GMT
Server
AmazonS3
x-amz-request-id
T5T2BFETEWE7SEFQ
ETag
"ee73f2f47d51116dc40b85a6b57eaf20"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
6999
x-amz-id-2
6MGMCF5A4lGYmxtdze9Ar3tpkqJBA+pBO6XjmbR+vgyZNersC3PqbgXr1l4kIxAnDUV4pwQeRNo=
realplayer.js
tslp.s3.amazonaws.com/detect/
10 KB
10 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/realplayer.js?guid=9c31991157&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.169.169 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
88be902cc76b5ec1ec932b6ae93457b6b0ca69d7a36bfadefc2f24db225dc238

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:44 GMT
x-amz-version-id
null
Last-Modified
Wed, 15 Feb 2017 14:45:02 GMT
Server
AmazonS3
x-amz-request-id
T5TF1YYX82H521WB
ETag
"3d7be656672c16a34806c13388410325"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
9775
x-amz-id-2
aijPq00oZwfhKAcwohoIy3xeElxAIAyGVwbty3hDpnCuSJ1xuZdkWvWcRM02uarzz+35ahdxWcM=
silverlight.js
tslp.s3.amazonaws.com/detect/
4 KB
5 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/silverlight.js?guid=9c31991157&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.169.169 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
0730a7e6770925fa4232096e4d9874514985ec791a63fe873f0e4e3cd7722381

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:44 GMT
x-amz-version-id
null
Last-Modified
Wed, 15 Feb 2017 18:00:03 GMT
Server
AmazonS3
x-amz-request-id
T5TFBYV8TN9HWH07
ETag
"e6dd596d2bc204ea573b868b92028c26"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
4234
x-amz-id-2
remPjk5fRTQ/GKE0EEOcKDIX3GP7qK8+mMYrCQTy73hsmlMRED4ioQCOGi4tBHR8c6DNdlwrsU4=
wmp.js
tslp.s3.amazonaws.com/detect/
6 KB
6 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/wmp.js?guid=9c31991157&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.169.169 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
cdb16ca3ddd3cead71121799751fa80d3033375abcdbc5fc84d35fb82c7fc9de

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:44 GMT
x-amz-version-id
null
Last-Modified
Wed, 15 Feb 2017 15:07:14 GMT
Server
AmazonS3
x-amz-request-id
T5T3K1H8M509ZFBF
ETag
"ffd2cc77bb64d40beeb5d561fffe1f79"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
5941
x-amz-id-2
q9fAAfiNZQgzFfNS2n/CUmh647stx4qm3T0p8WZcGwOZrRuLeGpj3MBaEw9YIlxIz7FWC6Oj2l8=
cyberlogo-12cff2.png
ts-eu-uploads.s3.amazonaws.com/training/production/9859/
7 KB
8 KB
Image
General
Full URL
https://ts-eu-uploads.s3.amazonaws.com/training/production/9859/cyberlogo-12cff2.png
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.36.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-3-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
a465716d0d0a5928dcec368906f1c06ca797270ea85d869a69333e8a5424449b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:44 GMT
Last-Modified
Wed, 17 Aug 2022 17:07:57 GMT
Server
AmazonS3
x-amz-request-id
T5T02H0REY31RVVF
ETag
"603fd1881a971da2a196e902622f795d"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
7632
x-amz-id-2
CQ7ohclCKu/KbHrgiuHZeSeF5K1jpMvHiLX1QGLZAbshP3tHgX6Li6U+An7YcfXF0giTqWntPH4=
1000px-ibm-logo-f496ba.png
ts-eu-uploads.s3.amazonaws.com/training/production/9859/
5 KB
6 KB
Image
General
Full URL
https://ts-eu-uploads.s3.amazonaws.com/training/production/9859/1000px-ibm-logo-f496ba.png
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.36.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-3-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
3692ab1eb7426f987df032b2b12e51cb62dc9fae74f34247538b11b53465663f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:44 GMT
Last-Modified
Mon, 26 Oct 2020 02:03:12 GMT
Server
AmazonS3
x-amz-request-id
T5T5XS9GT3JJ7ASY
ETag
"26b44e6457ad76bbf4ab2d794b8ff769"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
5362
x-amz-id-2
MwX3Nart/VRgF4vfvkfAtOD56Zsx2llc/YR693bIIRUtDlxzFZoF6jGq+IWppCO7fvKCamDzPcs=
final-ciso-banner-01-ec3b2b.png
ts-eu-uploads.s3.amazonaws.com/training/production/9859/
21 KB
22 KB
Image
General
Full URL
https://ts-eu-uploads.s3.amazonaws.com/training/production/9859/final-ciso-banner-01-ec3b2b.png
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.36.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-3-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
b122bfadbd65cfba8a8f55ff8e69a78f6c0fd7da9c890ffcf63062aabc415580

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:44 GMT
Last-Modified
Wed, 17 Aug 2022 15:33:50 GMT
Server
AmazonS3
x-amz-request-id
T5T1SSYTEBNPDCS0
ETag
"f33fe7de8cbcb667dd0a8fd20581577a"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
21683
x-amz-id-2
TMH5W2RtE+Zfu5csGOX/fzjzEh1LFd0b1pDOMkmbP6r0c41CN1oA3bBQDMRQnNN9IvnypB5eKvA=
edit-128x128-8c5058.png
tslp.s3.amazonaws.com/training/production/314/
1 KB
2 KB
Image
General
Full URL
https://tslp.s3.amazonaws.com/training/production/314/edit-128x128-8c5058.png
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.169.169 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
e562d25a944e9ed52bc07ecce1a12bef8d0a3ca1d47d5a5f95c57a4ba9e24be9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:44 GMT
x-amz-version-id
1ploLVi6TGkgffxF2MF1XhkRMxFakpuf
Last-Modified
Mon, 15 Jun 2020 12:26:25 GMT
Server
AmazonS3
x-amz-request-id
T5T840FBYQK1JH8E
ETag
"d934809b8f492448c8646726a9c50b5c"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1485
x-amz-id-2
rQLwCgBhazcr3E8dXJAOUTuNXhLwGzYVOQMKYkzo2IjRvfW6dVADA3nj+dFvymdFZ3f77ng2Fh4=
link-128x128-4d265e.png
tslp.s3.amazonaws.com/training/production/314/
3 KB
3 KB
Image
General
Full URL
https://tslp.s3.amazonaws.com/training/production/314/link-128x128-4d265e.png
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.169.169 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
067547b9a34c4019e2a14fbc774c4873558cd7f43b402c0223a5bc3f49845695

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:44 GMT
x-amz-version-id
wz.q2n6g.u3WcN2FEc2Wmopg3JovE3XL
Last-Modified
Mon, 15 Jun 2020 12:26:53 GMT
Server
AmazonS3
x-amz-request-id
T5T38ZJX803QP0XS
ETag
"7db41591d8d2a7fed7ea979972622d5a"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
2590
x-amz-id-2
m7WV6AFVNrzRF4aDSCRIla/b4cJ568zgfQ35ePHGNFMaRJOWwbPXlg75xgUUHW42nXIfzK/xvOg=
chat-active-128x128-b16dc6.png
tslp.s3.amazonaws.com/training/production/314/
2 KB
3 KB
Image
General
Full URL
https://tslp.s3.amazonaws.com/training/production/314/chat-active-128x128-b16dc6.png
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.169.169 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
6a56bc11df77d54446fb06d48251289f246a01f81bf9f1b40843e9aceaaf0299

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:44 GMT
x-amz-version-id
rZfMWRQ9mI4fQQkCGIcWMVQSB2EdX5Y_
Last-Modified
Mon, 15 Jun 2020 12:24:58 GMT
Server
AmazonS3
x-amz-request-id
T5T5VA07KBJPZQWW
ETag
"24d654e2730177545a30b6b5ddfbf40b"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
2450
x-amz-id-2
TWglmcgZQemTZ7RhE0OhG4+gMBL6+Y5WfvO6g7st9xBAsm2D0apHFtGo+/GB8/GB5clEHkYlZaQ=
check-128x128-a619c3.png
tslp.s3.amazonaws.com/training/production/314/
2 KB
2 KB
Image
General
Full URL
https://tslp.s3.amazonaws.com/training/production/314/check-128x128-a619c3.png
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.169.169 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
c9b390633217c3225664651d51f429d69379b30c721640eeeda225776c0fcf3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:44 GMT
x-amz-version-id
8Wsv9mLaw8axft_JhkZRQvo4zIrT.sU.
Last-Modified
Mon, 15 Jun 2020 12:25:48 GMT
Server
AmazonS3
x-amz-request-id
T5TFMEHV8JZD9V22
ETag
"f2c8a191ff6550d5046d10d083fc8d3e"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1918
x-amz-id-2
qR4SiLknwHE5TeyMtypeGdKVlZNxR/4fZhj19qwWBmjCEqcKLR5wptbPWJu90cc4RbDoL3qgdjA=
training.js
tslp.s3.amazonaws.com/assets/js/
352 B
811 B
Script
General
Full URL
http://tslp.s3.amazonaws.com/assets/js/training.js
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
HTTP/1.1
Server
52.217.236.89 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
8a1170223599205267c6ee3a3072855f1727461d9dd1066bb94f39180f963af9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:44 GMT
x-amz-version-id
6KvPBARKn9Wl5VW3Hl_LtK2bIq68QrGH
Last-Modified
Fri, 26 Aug 2022 14:07:38 GMT
Server
AmazonS3
x-amz-request-id
T5TAZJYKJ3J66RQM
ETag
"029ab28ca3c245dc425e3f3f6599d480"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
352
x-amz-id-2
5nPRh3sgat/Oaeh5Ae13W1d8B9Kz1z+DzGFnL97GImpngXNc7vhmrgeYiu83spiMIWSljUtzeU8=
all.js
activation.corp-internal.co/assets/
28 KB
7 KB
Script
General
Full URL
http://activation.corp-internal.co/assets/all.js?guid=9c31991157&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:43 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 Jan 2023 14:01:16 GMT
Server
ThreatSim-Web-Server
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Content-Length
7191
Expires
Thu, 31 Dec 2037 23:55:55 GMT
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=undefined&msg=window.tracking_id%20is%20not%20set%2C%20let%27s%20get%20it&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
375b14e8-706e-413e-ac51-737f13cd550d
X-Runtime
0.001804
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0eff09ca492b0f67c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=unknown&msg=get-id%20is%20undefined&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
f2fd4ad7-54e3-40cb-8432-104648cd2c53
X-Runtime
0.001601
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0462893be421cc542, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=unknown&msg=did%20not%20find%20guid%20in%20last%20part%20of%20location&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
916feb92-4937-4e7c-94e7-ad9fc98aab1b
X-Runtime
0.002175
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0462893be421cc542, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=c79c319ff91157a8&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
40a569cd-c3f5-4b25-9a0e-ef0110433684
X-Runtime
0.001855
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0c9ecfab34b9d5adf, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=c79c319ff91157a8&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
663be1f4-0767-4596-89d8-073789ba1dbb
X-Runtime
0.002033
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-05c60195317a98155, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=c79c319ff91157a8&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
5dc988b1-8081-43d8-b5c7-5f814077dc6a
X-Runtime
0.002042
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0c9ecfab34b9d5adf, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=c79c319ff91157a8&msg=BrowserDetect%20-%20browser%20%3D%20Chrome&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
6f7e950c-282b-4bb5-b23f-5659d78c1ccb
X-Runtime
0.001729
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-05c60195317a98155, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=c79c319ff91157a8&msg=BrowserDetect%20-%20browser_version%20%3D%20110&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
31580134-3219-4d7a-a68a-2708051b5423
X-Runtime
0.001892
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0eff09ca492b0f67c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=c79c319ff91157a8&msg=BrowserDetect%20-%20os%20%3D%20Windows&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
d12da808-7ac3-44c3-a8e6-c4b462691a43
X-Runtime
0.001962
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0462893be421cc542, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=c79c319ff91157a8&msg=BrowserDetect%20-%20os_version%20%3D%2010&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
f7cf1760-0700-40e8-a0a2-56ad0fb07dda
X-Runtime
0.001774
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0eff09ca492b0f67c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=c79c319ff91157a8&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
a5a9c277-830e-4c5a-9d58-839e4de48d90
X-Runtime
0.001870
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0c9ecfab34b9d5adf, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=c79c319ff91157a8&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
2dfc0060-6e33-4801-a925-ab728d7e6042
X-Runtime
0.002010
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-05c60195317a98155, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=c79c319ff91157a8&msg=BrowserDetect%20-%20width%20%3D%201600&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
589eed91-d24b-4ceb-aad3-934d88df0358
X-Runtime
0.001358
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0462893be421cc542, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=c79c319ff91157a8&msg=BrowserDetect%20-%20height%20%3D%201200&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
bcd285f4-3fe6-457e-8fcd-6f25bb3c5782
X-Runtime
0.002042
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0eff09ca492b0f67c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=c79c319ff91157a8&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Plugin&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
a0140b9c-1eb9-4959-984d-113420030005
X-Runtime
0.001449
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0462893be421cc542, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=c79c319ff91157a8&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Viewer&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
30ea48e2-8b4a-4f6f-b083-aa8709cc79ec
X-Runtime
0.010282
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0c9ecfab34b9d5adf, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=c79c319ff91157a8&msg=BrowserDetect%20-%20plugin%20Native%20Client&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
1bd942ef-5196-4f7c-a2f7-bf5a4f6e5d0a
X-Runtime
0.002054
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0c9ecfab34b9d5adf, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=c79c319ff91157a8&msg=Chrome%20browser%2C%20using%20more%20detailed%20version&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
ba24df95-3846-4010-bf6c-8c8af5f83a2c
X-Runtime
0.001846
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-05c60195317a98155, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=c79c319ff91157a8&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
cc6d41a7-9b91-4adb-8838-1d23f1a9cf7d
X-Runtime
0.002142
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-05c60195317a98155, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=c79c319ff91157a8&msg=java_version_pl%20%3D%20unknown&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
7eb05320-72c5-4a7a-9b07-f8807096f0c8
X-Runtime
0.001957
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0eff09ca492b0f67c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=c79c319ff91157a8&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
c8970092-eab8-4efa-bb37-599847c49b04
X-Runtime
0.001172
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0462893be421cc542, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=c79c319ff91157a8&msg=java_version_jres%20%3D%20unknown&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
977dce2f-1cfe-42e5-bbe9-26e715264c52
X-Runtime
0.001985
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-05c60195317a98155, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=c79c319ff91157a8&msg=java_version%20%3D%20undefined&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
a9fcc172-c69f-425e-bde4-51040be70faa
X-Runtime
0.001837
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0c9ecfab34b9d5adf, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=c79c319ff91157a8&msg=Loading%20flash%20version&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
188279fc-fe0b-430b-868e-ea8075e4e7fc
X-Runtime
0.001966
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0eff09ca492b0f67c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=c79c319ff91157a8&msg=flash%20%3D%20unknown&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
b818395f-a1d0-4154-a4ac-bd34a63a6e48
X-Runtime
0.010119
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0462893be421cc542, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=c79c319ff91157a8&msg=Loading%20pdf%20version&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
a973ef18-c312-4ea1-a877-ffaa385e6d69
X-Runtime
0.001331
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0462893be421cc542, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=c79c319ff91157a8&msg=Could%20not%20find%20AdobeReader%20version&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
dcec5730-8137-46bd-9034-d6eac0ce36fa
X-Runtime
0.001890
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-05c60195317a98155, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=c79c319ff91157a8&msg=pdf%20%3D%20unknown&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
26f3093e-1d7f-4c79-a22c-8910cbae76f2
X-Runtime
0.001817
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0eff09ca492b0f67c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=c79c319ff91157a8&msg=Loading%20quicktime%20version&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
c88ed7d9-756e-4013-9ba1-965b87dbff35
X-Runtime
0.001821
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0c9ecfab34b9d5adf, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=c79c319ff91157a8&msg=quicktime%20%3D%20unknown&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
4c30d213-d994-4d91-a9a1-216c5ad9d6d5
X-Runtime
0.001350
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0c9ecfab34b9d5adf, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=c79c319ff91157a8&msg=Loading%20RealPlayer%20version&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
51f8ca1c-5383-4c1e-a1ef-b830bed44fe5
X-Runtime
0.001386
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0462893be421cc542, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=c79c319ff91157a8&msg=realplayer%20%3D%20unknown&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
5e81c2cb-a1cf-4eab-a81b-2d429943c1e4
X-Runtime
0.002307
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-05c60195317a98155, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=c79c319ff91157a8&msg=Loading%20Silverlight%20version&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
87ed928b-c588-429e-9fca-8994ae706365
X-Runtime
0.001374
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0c9ecfab34b9d5adf, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=c79c319ff91157a8&msg=silverlight%20%3D%20unknown&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
6a611bc8-218b-41da-a194-2d1c2bf6f4a8
X-Runtime
0.001695
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0eff09ca492b0f67c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=c79c319ff91157a8&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
c8ed43c2-d7f2-4402-ad7f-8817384b004c
X-Runtime
0.002711
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-05c60195317a98155, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=c79c319ff91157a8&msg=wmp%20%3D%20unknown&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
44a032c7-79a5-4b22-9f25-5dd33d803476
X-Runtime
0.001433
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0eff09ca492b0f67c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=c79c319ff91157a8&msg=training_page_no_browser_post&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
0ef67826-b6a6-4967-9abf-357203fd7eb9
X-Runtime
0.001841
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-05c60195317a98155, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.corp-internal.co/
0
687 B
Image
General
Full URL
http://activation.corp-internal.co/trace?id=c79c319ff91157a8&msg=redirect_url%20is%20undefined&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Requested by
Host: activation.corp-internal.co
URL: http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
Protocol
HTTP/1.1
Server
52.209.127.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-127-22.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://activation.corp-internal.co/load_training?guid=c79c319ff91157a8&correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 09:42:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
e001b1bd-f59d-4214-91f7-d2495ddb785c
X-Runtime
0.001665
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0c9ecfab34b9d5adf, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
activation.corp-internal.co
URL
https://activation.corp-internal.co:49153/alt_pixel_click_9c31991157.gif?correlation_id=adc1744e-a2db-4fb6-b2a4-d8616d978413

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| Bugsnag string| training_page function| $ function| jQuery object| PluginDetect object| detector object| j string| version_regex_base string| version_regex_strict string| version_regex_with_family_modifier object| deployJava object| plugin_detector string| account_logo string| campaign_guid string| company_name string| company_name_possessive string| content_bucket string| correlation_id string| environment string| from_email_address string| subject_line string| target_guid string| template object| BrowserDetect object| $_GET object| regex object| items string| last string| base_post_url function| log_error function| log_to_console function| log_message boolean| fingerprinted string| tracking_id function| strip function| secureSubmitWithGuid function| secureSubmit function| findUsername function| checkPassword function| secureLogAndRedirect function| sendFingerprint function| imageSender function| sendIndividually function| loadAllInfo object| local_addresses function| redirector function| rewriteLinks function| isFormValid string| s

4 Cookies

Domain/Path Name / Value
activation.corp-internal.co/ Name: EXFILGUID
Value: 9c31991157
activation.corp-internal.co/ Name: link_clicked_9c31991157
Value: 1
java.com/ Name: akaalb_OCE_Failover
Value: 1678095821~op=JCOM_OCE:oceProdappJcomProdOrigin|~rv=49~m=oceProdappJcomProdOrigin:0|~os=2708f36cb43ca861e42dc0215e4669c5~id=b8b85da2a7d9f21fde399944f2998d63
www.java.com/ Name: akaalb_OCE_Failover
Value: 1678095821~op=JCOM_OCE:oceProdappJcomProdOrigin|~rv=64~m=oceProdappJcomProdOrigin:0|~os=2708f36cb43ca861e42dc0215e4669c5~id=3e0737a13f8c647ac5b57cffcebeb4f8

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

activation.corp-internal.co
d2wy8f7a9ursnm.cloudfront.net
java.com
ts-eu-uploads.s3.amazonaws.com
tslp.s3.amazonaws.com
www.java.com
activation.corp-internal.co
13.225.84.161
2a02:26f0:3500:1b::1724:a397
2a02:26f0:dc::6853:40b
52.209.127.22
52.217.236.89
52.218.36.1
54.231.169.169
067547b9a34c4019e2a14fbc774c4873558cd7f43b402c0223a5bc3f49845695
0730a7e6770925fa4232096e4d9874514985ec791a63fe873f0e4e3cd7722381
358bb442f5d81ddc8e393d922458a9d84010efee2c346763ae87a45be92224d1
3692ab1eb7426f987df032b2b12e51cb62dc9fae74f34247538b11b53465663f
39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9
4805fc6abdad8075af2165e241b781c3073d4769ae725e4004bf79064acb5f24
4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a
6a56bc11df77d54446fb06d48251289f246a01f81bf9f1b40843e9aceaaf0299
6ae53963f41133561c78b4332b564c01f551c471cd91d980436a9f5dacdd8f19
88be902cc76b5ec1ec932b6ae93457b6b0ca69d7a36bfadefc2f24db225dc238
8a1170223599205267c6ee3a3072855f1727461d9dd1066bb94f39180f963af9
9bcf367af6917619467d82760d871919fbfa07543070ccaacc7e1124efe3e91f
9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc
a26d01d5912459798481786640dc44fd7605d09f2f9e6dd24720205efcab6861
a465716d0d0a5928dcec368906f1c06ca797270ea85d869a69333e8a5424449b
b122bfadbd65cfba8a8f55ff8e69a78f6c0fd7da9c890ffcf63062aabc415580
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c9b390633217c3225664651d51f429d69379b30c721640eeeda225776c0fcf3a
cdb16ca3ddd3cead71121799751fa80d3033375abcdbc5fc84d35fb82c7fc9de
d9b7c6163477008469af64b211e2dbd4f4171b85b51e3714f11c99f9ba2c32f9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e562d25a944e9ed52bc07ecce1a12bef8d0a3ca1d47d5a5f95c57a4ba9e24be9
e908652f1937a324df76a83ecce248290c30297fb243ef585d2f460fa1aac4f2