urlscan.io logo urlscan.io
SecurityTrails logo

activate.emailquarantine.com Open in urlscan Pro
107.23.13.169  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Effective URL: http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Submission: On June 27 via manual from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 3 countries across 11 domains to perform 116 HTTP transactions. The main IP is 107.23.13.169, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is activate.emailquarantine.com.
This is the only time activate.emailquarantine.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Phishing Simulation (Internet)

Domain & IP information

IP Address AS Autonomous System
43 107.23.13.169 14618 (AMAZON-AES)
32 52.71.218.234 14618 (AMAZON-AES)
16 54.231.49.24 16509 (AMAZON-02)
2 2a02:26f0:64:... 20940 (AKAMAI-ASN1)
2 54.230.51.117 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 151.101.112.207 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
4 54.192.55.171 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 54.192.55.238 16509 (AMAZON-02)
1 50.31.164.174 23352 (SERVERCEN...)
116 15
43    107.23.13.169 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-107-23-13-169.compute-1.amazonaws.com
activate.emailquarantine.com
dataentry.threatsim.com
32    52.71.218.234 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-71-218-234.compute-1.amazonaws.com
activate.emailquarantine.com
dataentry.threatsim.com
16    54.231.49.24 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1-w.amazonaws.com
tslp.s3.amazonaws.com
2    2a02:26f0:64:18b::196 (European Union)

ASN20940 (AKAMAI-ASN1, US)
java.com
2    54.230.51.117 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-51-117.jfk5.r.cloudfront.net
d2wy8f7a9ursnm.cloudfront.net
3    2a00:1450:4001:824::200a (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
ajax.googleapis.com
5    2a00:1450:4001:81c::200e (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
www.google-analytics.com
1    2a00:1450:400c:c07::9c (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
stats.g.doubleclick.net
2    151.101.112.207 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
js-agent.newrelic.com
1    2a00:1450:4001:81c::200a (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
fonts.googleapis.com
4    54.192.55.171 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-192-55-171.jfk6.r.cloudfront.net
d25q7gseii1o1q.cloudfront.net
2    2a00:1450:4001:81c::2003 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
fonts.gstatic.com
1    54.192.55.238 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-192-55-238.jfk6.r.cloudfront.net
d25q7gseii1o1q.cloudfront.net
1    50.31.164.174 (Chicago, United States)

ASN23352 (SERVERCENTRAL - Server Central Network, US)
PTR: bam-4.nr-data.net
bam.nr-data.net
Domain Requested by
42 activate.emailquarantine.com activate.emailquarantine.com
33 dataentry.threatsim.com activate.emailquarantine.com
16 tslp.s3.amazonaws.com activate.emailquarantine.com
5 d25q7gseii1o1q.cloudfront.net activate.emailquarantine.com
5 www.google-analytics.com activate.emailquarantine.com
3 ajax.googleapis.com activate.emailquarantine.com
2 fonts.gstatic.com activate.emailquarantine.com
2 js-agent.newrelic.com activate.emailquarantine.com
2 d2wy8f7a9ursnm.cloudfront.net activate.emailquarantine.com
2 java.com activate.emailquarantine.com
1 fonts.googleapis.com activate.emailquarantine.com
1 bam.nr-data.net js-agent.newrelic.com
1 stats.g.doubleclick.net activate.emailquarantine.com
116 13

This site contains links to these domains. Also see Links.

Domain
threatsim.com
Subject Issuer Validity Valid
*.s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2016-07-29 -
2017-11-29		 a year crt.sh
www.java.com
Symantec Class 3 ECC 256 bit EV CA - G2		 2017-03-06 -
2019-05-05		 2 years crt.sh
*.google-analytics.com
Google Internet Authority G2		 2017-06-14 -
2017-09-06		 3 months crt.sh
*.threatsim.com
COMODO RSA Domain Validation Secure Server CA		 2016-07-25 -
2018-07-26		 2 years crt.sh
*.g.doubleclick.net
Google Internet Authority G2		 2017-06-14 -
2017-09-06		 3 months crt.sh
*.d.ssl.fastly.net
GlobalSign Organization Validation CA - SHA256 - G2		 2017-04-11 -
2017-12-21		 8 months crt.sh
*.googleapis.com
Google Internet Authority G2		 2017-06-14 -
2017-09-06		 3 months crt.sh
*.cloudfront.net
Symantec Class 3 Secure Server CA - G4		 2016-10-26 -
2017-12-17		 a year crt.sh
*.google.com
Google Internet Authority G2		 2017-06-14 -
2017-09-06		 3 months crt.sh
*.nr-data.net
GeoTrust SSL CA - G3		 2016-03-17 -
2018-03-17		 2 years crt.sh

This page contains 1 frames:

Primary Page: http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Frame ID: 15019.1
Requests: 116 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://activate.emailquarantine.com/5c94a54e4c?l=14 Page URL
  2. http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c... Page URL

Page Statistics

116
Requests

60 %
HTTPS

43 %
IPv6

11
Domains

13
Subdomains

15
IPs

3
Countries

685 kB
Transfer

1022 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://activate.emailquarantine.com/5c94a54e4c?l=14 Page URL
  2. http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request 15
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
Request 48
  • https://www.google-analytics.com/r/collect?v=1&_v=j56&a=1316571192&t=pageview&_s=1&dl=http%3A%2F%2Factivate.emailquarantine.com%2F5c94a54e4c%3Fl%3D14&ul=en-us&de=UTF-8&dt=Redirecting&sd=24-bit&sr=1...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-83403-17&cid=273867726.1498598948&jid=831784888&_gid=2046672465.1498598948&gjid=149980854&_v=j56&z=264856947
Request 49
  • http://www.google-analytics.com/collect?v=1&_v=j56&a=1316571192&t=pageview&_s=2&dl=http%3A%2F%2Factivate.emailquarantine.com%2F5c94a54e4c%3Fl%3D14&ul=en-us&de=UTF-8&dt=Redirecting&sd=24-bit&sr=1600...
  • https://www.google-analytics.com/collect?v=1&_v=j56&a=1316571192&t=pageview&_s=2&dl=http%3A%2F%2Factivate.emailquarantine.com%2F5c94a54e4c%3Fl%3D14&ul=en-us&de=UTF-8&dt=Redirecting&sd=24-bit&sr=160...
Request 75
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
Request 76
  • http://www.google-analytics.com/collect?v=1&_v=j56&a=1164525139&t=pageview&_s=1&dl=http%3A%2F%2Factivate.emailquarantine.com%2Fload_training%3Fguid%3D5c94a54e4c%26correlation_id%3D5db97784-6e89-43b...
  • https://www.google-analytics.com/collect?v=1&_v=j56&a=1164525139&t=pageview&_s=1&dl=http%3A%2F%2Factivate.emailquarantine.com%2Fload_training%3Fguid%3D5c94a54e4c%26correlation_id%3D5db97784-6e89-43...
Request 80
  • http://www.google-analytics.com/collect?v=1&_v=j56&a=1164525139&t=pageview&_s=2&dl=http%3A%2F%2Factivate.emailquarantine.com%2Fload_training%3Fguid%3D5c94a54e4c%26correlation_id%3D5db97784-6e89-43b...
  • https://www.google-analytics.com/collect?v=1&_v=j56&a=1164525139&t=pageview&_s=2&dl=http%3A%2F%2Factivate.emailquarantine.com%2Fload_training%3Fguid%3D5c94a54e4c%26correlation_id%3D5db97784-6e89-43...

116 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
5c94a54e4c
activate.emailquarantine.com/ 		19 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Server
107.23.13.169 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-107-23-13-169.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
04db3df0f31ddd4542e9ce4f36fd7c0257ff818481bf28bdd70816328370c24f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.012431
Date
Tue, 27 Jun 2017 21:29:07 GMT
Content-Encoding
gzip
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-080e83e0d04e03b96, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
W/"1a2c67547a0bcbbd611e117968eb7803"
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Length
6659
X-Request-Id
d2e45f28bd89e8a9df9a2cf1f2b4d3ad
X-UA-Compatible
IE=Edge,chrome=1
alt_pixel_click_5c94a54e4c.gif
activate.emailquarantine.com/ 		1 B
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://activate.emailquarantine.com:49152/alt_pixel_click_5c94a54e4c.gif?correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Server
52.71.218.234 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-71-218-234.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/5c94a54e4c?l=14
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.009480
Date
Tue, 27 Jun 2017 21:29:07 GMT
Content-Encoding
gzip
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-01da37e1143120e82, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary
Accept-Encoding
Content-Type
image/gif; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
21
X-Request-Id
b628144203a9fddb9f4d28c36e8e1407
X-UA-Compatible
IE=Edge,chrome=1
plugin_detect.js
tslp.s3.amazonaws.com/detect/ 		49 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.49.24 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a

Request headers

Referer
http://activate.emailquarantine.com/5c94a54e4c?l=14
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

Date
Tue, 27 Jun 2017 21:29:08 GMT
Last-Modified
Wed, 15 Feb 2017 17:56:07 GMT
Server
AmazonS3
x-amz-request-id
23F379AA939DD8F0
ETag
"00a513f07603df01e3b99be00f370754"
Content-Type
text/javascript
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
50085
x-amz-id-2
gZIVRAQSwQA4rQ4VlRKUmrsJ0azdr+pgDwd+VP3C2o7SsDUqNNO3nQnx3p2uQnID
java.js
tslp.s3.amazonaws.com/detect/ 		50 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tslp.s3.amazonaws.com/detect/java.js?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.49.24 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
4805fc6abdad8075af2165e241b781c3073d4769ae725e4004bf79064acb5f24

Request headers

Referer
http://activate.emailquarantine.com/5c94a54e4c?l=14
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

Date
Tue, 27 Jun 2017 21:29:08 GMT
Last-Modified
Wed, 15 Feb 2017 14:38:28 GMT
Server
AmazonS3
x-amz-request-id
B6C912CA643E3572
ETag
"2bec0061039dc3fb25fc20aaf611d5b9"
Content-Type
text/javascript
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
50717
x-amz-id-2
2ImjqFwW3QPISCP1miGXJJwIVZKIL9Q0vdQG6ee3P7V4GUF0nX1oTE1j5b87iXw2
deployJava.js
java.com/js/ 		18 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://java.com/js/deployJava.js
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:64:18b::196 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Oracle-HTTP-Server /
Resource Hash
466ad0b2717cca53e153ebb6684836c768392498b80d4c820b7771ef47fd7d3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
http://activate.emailquarantine.com/5c94a54e4c?l=14
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date
Tue, 27 Jun 2017 21:29:07 GMT
x-content-type-options
nosniff
last-modified
Fri, 09 Jun 2017 15:50:32 GMT
server
Oracle-HTTP-Server
mdt-type
abinary;charset=UTF-8
x-oracle-dms-rid
0:1
x-frame-options
SAMEORIGIN
x-oracle-dms-ecid
005KO^ZFxkk9Tcw70Fn3EF0007ve00iwol
content-type
application/javascript
status
200
cache-control
max-age=86400
content-disposition
inline;filename=deployJava.js;filename*=UTF-8''deployJava.js
content-length
18908
x-xss-protection
1
expires
Wed, 28 Jun 2017 21:29:07 GMT
flash.js
tslp.s3.amazonaws.com/detect/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tslp.s3.amazonaws.com/detect/flash.js?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.49.24 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
a26d01d5912459798481786640dc44fd7605d09f2f9e6dd24720205efcab6861

Request headers

Referer
http://activate.emailquarantine.com/5c94a54e4c?l=14
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

Date
Tue, 27 Jun 2017 21:29:09 GMT
Last-Modified
Wed, 15 Feb 2017 03:54:01 GMT
Server
AmazonS3
x-amz-request-id
0FD9E85E5B582B87
ETag
"f9ad9a096894ba248e4a1f73e7eba1be"
Content-Type
text/javascript
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
6680
x-amz-id-2
eyRZOv/SLD6GMzi7QqJbRpNPjQZG/1lYwnwhAkQnqGK76LEmCYBFvCpNoDdGU0XR
pdf.js
tslp.s3.amazonaws.com/detect/ 		22 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tslp.s3.amazonaws.com/detect/pdf.js?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.49.24 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
d9b7c6163477008469af64b211e2dbd4f4171b85b51e3714f11c99f9ba2c32f9

Request headers

Referer
http://activate.emailquarantine.com/5c94a54e4c?l=14
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

Date
Tue, 27 Jun 2017 21:29:09 GMT
Last-Modified
Wed, 15 Feb 2017 14:39:34 GMT
Server
AmazonS3
x-amz-request-id
451CF6A0250CE3B7
ETag
"0d5882d41c8b6e40059c8d9acbcf1518"
Content-Type
text/javascript
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
22855
x-amz-id-2
6qbq/N295x6qThoWdh3TlBMncF9WoBj0Y9is3coANNyIw0waDjPuu/7VEuawkkVR
quicktime.js
tslp.s3.amazonaws.com/detect/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tslp.s3.amazonaws.com/detect/quicktime.js?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.49.24 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
6ae53963f41133561c78b4332b564c01f551c471cd91d980436a9f5dacdd8f19

Request headers

Referer
http://activate.emailquarantine.com/5c94a54e4c?l=14
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

Date
Tue, 27 Jun 2017 21:29:09 GMT
Last-Modified
Wed, 15 Feb 2017 14:41:05 GMT
Server
AmazonS3
x-amz-request-id
30BAF20F5DD8E48F
ETag
"ee73f2f47d51116dc40b85a6b57eaf20"
Content-Type
text/javascript
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
6999
x-amz-id-2
LqU/7nNHniNYR4grxDkExCzDIXaLXiqTrs+xdVgJ0dkevpA8T1zjHuNe/NaIgLRv
realplayer.js
tslp.s3.amazonaws.com/detect/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tslp.s3.amazonaws.com/detect/realplayer.js?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.49.24 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
88be902cc76b5ec1ec932b6ae93457b6b0ca69d7a36bfadefc2f24db225dc238

Request headers

Referer
http://activate.emailquarantine.com/5c94a54e4c?l=14
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

Date
Tue, 27 Jun 2017 21:29:09 GMT
Last-Modified
Wed, 15 Feb 2017 14:45:02 GMT
Server
AmazonS3
x-amz-request-id
C789E60102D8741E
ETag
"3d7be656672c16a34806c13388410325"
Content-Type
text/javascript
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
9775
x-amz-id-2
sD2YeaWxBKUImm1uQDhO6DHZ9JVEN+k0NUQRmuKelHp9XrWO6zDeAFnG9XDH8fTZ
silverlight.js
tslp.s3.amazonaws.com/detect/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tslp.s3.amazonaws.com/detect/silverlight.js?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.49.24 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
0730a7e6770925fa4232096e4d9874514985ec791a63fe873f0e4e3cd7722381

Request headers

Referer
http://activate.emailquarantine.com/5c94a54e4c?l=14
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

Date
Tue, 27 Jun 2017 21:29:09 GMT
Last-Modified
Wed, 15 Feb 2017 18:00:03 GMT
Server
AmazonS3
x-amz-request-id
7EDF7E13A72353D3
ETag
"e6dd596d2bc204ea573b868b92028c26"
Content-Type
text/javascript
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
4234
x-amz-id-2
3BuT9YOf0BrN2dleVEhg7Nu/lBGUndrW5ArVDhBnpCwYYLNrcuP4xN4/wWG/V+2h
wmp.js
tslp.s3.amazonaws.com/detect/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tslp.s3.amazonaws.com/detect/wmp.js?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.49.24 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
cdb16ca3ddd3cead71121799751fa80d3033375abcdbc5fc84d35fb82c7fc9de

Request headers

Referer
http://activate.emailquarantine.com/5c94a54e4c?l=14
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

Date
Tue, 27 Jun 2017 21:29:09 GMT
Last-Modified
Wed, 15 Feb 2017 15:07:14 GMT
Server
AmazonS3
x-amz-request-id
2981AFE22F7D2206
ETag
"ffd2cc77bb64d40beeb5d561fffe1f79"
Content-Type
text/javascript
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
5941
x-amz-id-2
3u5w4WP8Ww0eqWCAUJ+srUZbi4wk+NSPs8QDaca9NBLwzVPxZYFGQ3P5ol6WnIjv
bugsnag-2.min.js
d2wy8f7a9ursnm.cloudfront.net/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Server
54.230.51.117 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-51-117.jfk5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc

Request headers

Referer
http://activate.emailquarantine.com/5c94a54e4c?l=14
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

Date
Thu, 13 Apr 2017 18:24:54 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Aug 2016 00:30:49 GMT
Server
AmazonS3
Age
563136
ETag
"6103bb5e4ec6141e19e1100caafc780c"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 c06c27c7288c4be29d3b21ad2efad59f.cloudfront.net (CloudFront)
Cache-Control
public, max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2962
X-Amz-Cf-Id
bhLFNyx21sd_S6A-25ICAx3kH-QTEBkaJd6fOI4epgoWTZbVrbHnOg==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ 		90 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Server
2a00:1450:4001:824::200a , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
sffe /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://activate.emailquarantine.com/5c94a54e4c?l=14
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

Date
Fri, 23 Jun 2017 17:57:12 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 20 Dec 2016 18:17:03 GMT
Server
sffe
Age
358315
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
33018
X-XSS-Protection
1; mode=block
Expires
Sat, 23 Jun 2018 17:57:12 GMT
google-tracking.js
activate.emailquarantine.com/assets/ 		455 B
316 B 		Script
General
Check archive.org
Download Go to
Full URL
http://activate.emailquarantine.com/assets/google-tracking.js?g=5c94a54e4c
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Server
107.23.13.169 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-107-23-13-169.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
fce517e48a56b76d45fd456264b90c82aa6e9ddb578f9f36d844ace5816d9841

Request headers

Referer
http://activate.emailquarantine.com/5c94a54e4c?l=14
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

Date
Tue, 27 Jun 2017 21:29:07 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 May 2017 16:03:28 GMT
Server
ThreatSim-Web-Server
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Content-Length
316
Expires
Thu, 31 Dec 2037 23:55:55 GMT
all.js
activate.emailquarantine.com/assets/ 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://activate.emailquarantine.com/assets/all.js?g=5c94a54e4c
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Server
107.23.13.169 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-107-23-13-169.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
bae06f323013a94b766da34246d6439db4b57a1144e7b4f4c6a18848eb7a4cf8

Request headers

Referer
http://activate.emailquarantine.com/5c94a54e4c?l=14
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

Date
Tue, 27 Jun 2017 21:29:07 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 May 2017 01:01:34 GMT
Server
ThreatSim-Web-Server
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Content-Length
7149
Expires
Thu, 31 Dec 2037 23:55:55 GMT
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81c::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
Golfe2 /
Resource Hash
765010cbfccaf06cb5b9166023a22b655a10b37075c91e276a5550c5ecd855ba
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://activate.emailquarantine.com/5c94a54e4c?l=14
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 06 Jun 2017 00:25:39 GMT
server
Golfe2
age
1306
date
Tue, 27 Jun 2017 21:07:22 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length
12343
expires
Tue, 27 Jun 2017 23:07:22 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
browser_post
dataentry.threatsim.com/secure/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dataentry.threatsim.com/secure/browser_post
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.218.234 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-71-218-234.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Accept
*/*
Referer
http://activate.emailquarantine.com/5c94a54e4c?l=14
Origin
http://activate.emailquarantine.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

X-Runtime
0.012199
Date
Tue, 27 Jun 2017 21:29:08 GMT
Content-Encoding
gzip
X-Rack-Cache
invalidate, pass
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-080e83e0d04e03b96, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary
Accept-Encoding
Content-Type
image/gif; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Length
21
X-Request-Id
e3d2d907bca231bab0d37835f0e7cf4c
X-UA-Compatible
IE=Edge,chrome=1
trace
dataentry.threatsim.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dataentry.threatsim.com/trace?id=5c94a54e4c&msg=BrowserDetect%20-%20localStorage%20%3D%20false&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.218.234 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-71-218-234.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/5c94a54e4c?l=14
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.003521
Date
Tue, 27 Jun 2017 21:29:08 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-080e83e0d04e03b96, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Length
1
X-Request-Id
e83c38d952f3952b7a270a4323418d69
X-UA-Compatible
IE=Edge,chrome=1
trace
dataentry.threatsim.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dataentry.threatsim.com/trace?id=5c94a54e4c&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.218.234 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-71-218-234.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/5c94a54e4c?l=14
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.002819
Date
Tue, 27 Jun 2017 21:29:08 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-01f904c02e4d17c99, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Length
1
X-Request-Id
2edeea281d52265921a3367d4432ed5b
X-UA-Compatible
IE=Edge,chrome=1
trace
dataentry.threatsim.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dataentry.threatsim.com/trace?id=5c94a54e4c&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.218.234 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-71-218-234.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/5c94a54e4c?l=14
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.003108
Date
Tue, 27 Jun 2017 21:29:08 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-083551586e3dead51, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Length
1
X-Request-Id
8c052dd118d27b6a30353201b95dd3a1
X-UA-Compatible
IE=Edge,chrome=1
trace
dataentry.threatsim.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dataentry.threatsim.com/trace?id=5c94a54e4c&msg=BrowserDetect%20-%20browser%20%3D%20Chrome&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.218.234 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-71-218-234.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/5c94a54e4c?l=14
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.002464
Date
Tue, 27 Jun 2017 21:29:08 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-01f904c02e4d17c99, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Length
1
X-Request-Id
4069b0ddfb7f738dee205f9c512c7c60
X-UA-Compatible
IE=Edge,chrome=1
trace
dataentry.threatsim.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dataentry.threatsim.com/trace?id=5c94a54e4c&msg=BrowserDetect%20-%20browser_version%20%3D%2059&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.218.234 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-71-218-234.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/5c94a54e4c?l=14
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.002858
Date
Tue, 27 Jun 2017 21:29:08 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-01da37e1143120e82, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Length
1
X-Request-Id
442a33f09e5bf48c806c8eef198a0614
X-UA-Compatible
IE=Edge,chrome=1
trace
dataentry.threatsim.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dataentry.threatsim.com/trace?id=5c94a54e4c&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.218.234 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-71-218-234.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/5c94a54e4c?l=14
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.004535
Date
Tue, 27 Jun 2017 21:29:08 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-01da37e1143120e82, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Length
1
X-Request-Id
d548d5162f447ca240d62390856cce50
X-UA-Compatible
IE=Edge,chrome=1
trace
dataentry.threatsim.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dataentry.threatsim.com/trace?id=5c94a54e4c&msg=BrowserDetect%20-%20os_version%20%3D%20&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.218.234 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-71-218-234.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/5c94a54e4c?l=14
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.002747
Date
Tue, 27 Jun 2017 21:29:08 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-01f904c02e4d17c99, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Length
1
X-Request-Id
d42a3f69e5865e808cf6957cf2ea2b5c
X-UA-Compatible
IE=Edge,chrome=1
trace
dataentry.threatsim.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dataentry.threatsim.com/trace?id=5c94a54e4c&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.218.234 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-71-218-234.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/5c94a54e4c?l=14
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.003047
Date
Tue, 27 Jun 2017 21:29:08 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-080e83e0d04e03b96, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Length
1
X-Request-Id
a390c9a28817e556861d0e16160bfd2e
X-UA-Compatible
IE=Edge,chrome=1
trace
dataentry.threatsim.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dataentry.threatsim.com/trace?id=5c94a54e4c&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.218.234 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-71-218-234.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/5c94a54e4c?l=14
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.002424
Date
Tue, 27 Jun 2017 21:29:08 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-01da37e1143120e82, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Length
1
X-Request-Id
8a25ce599d7bb7be483da776d08b9ff1
X-UA-Compatible
IE=Edge,chrome=1
trace
dataentry.threatsim.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dataentry.threatsim.com/trace?id=5c94a54e4c&msg=BrowserDetect%20-%20width%20%3D%201600&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.218.234 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-71-218-234.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/5c94a54e4c?l=14
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.002997
Date
Tue, 27 Jun 2017 21:29:08 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-083551586e3dead51, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Length
1
X-Request-Id
747e72ace965f51ea081aa5382c4fe6f
X-UA-Compatible
IE=Edge,chrome=1
trace
dataentry.threatsim.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dataentry.threatsim.com/trace?id=5c94a54e4c&msg=BrowserDetect%20-%20height%20%3D%201200&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.218.234 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-71-218-234.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/5c94a54e4c?l=14
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.002915
Date
Tue, 27 Jun 2017 21:29:08 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-083551586e3dead51, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Length
1
X-Request-Id
43a1ff9755a0934cbb0a2444dc6a5a54
X-UA-Compatible
IE=Edge,chrome=1
trace
dataentry.threatsim.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dataentry.threatsim.com/trace?id=5c94a54e4c&msg=Chrome%20browser%2C%20using%20more%20detailed%20version&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.218.234 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-71-218-234.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/5c94a54e4c?l=14
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.002986
Date
Tue, 27 Jun 2017 21:29:08 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-080e83e0d04e03b96, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Length
1
X-Request-Id
5f19a44485c671205a1b0b7723f059bd
X-UA-Compatible
IE=Edge,chrome=1
trace
dataentry.threatsim.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dataentry.threatsim.com/trace?id=5c94a54e4c&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.218.234 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-71-218-234.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/5c94a54e4c?l=14
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.003429
Date
Tue, 27 Jun 2017 21:29:08 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-083551586e3dead51, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Length
1
X-Request-Id
7ee817fcdb7d9ae98db8251329a430fe
X-UA-Compatible
IE=Edge,chrome=1
trace
dataentry.threatsim.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dataentry.threatsim.com/trace?id=5c94a54e4c&msg=java_version_pl%20%3D%20unknown&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.218.234 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-71-218-234.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/5c94a54e4c?l=14
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.003767
Date
Tue, 27 Jun 2017 21:29:08 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-01da37e1143120e82, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Length
1
X-Request-Id
066bbd2ab9a701fe6ccf620c044fad20
X-UA-Compatible
IE=Edge,chrome=1
trace
dataentry.threatsim.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dataentry.threatsim.com/trace?id=5c94a54e4c&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.218.234 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-71-218-234.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/5c94a54e4c?l=14
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.003778
Date
Tue, 27 Jun 2017 21:29:08 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-083551586e3dead51, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Length
1
X-Request-Id
ab878c3394d52e2164ef2961ca5e5a8c
X-UA-Compatible
IE=Edge,chrome=1
trace
dataentry.threatsim.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dataentry.threatsim.com/trace?id=5c94a54e4c&msg=java_version_jres%20%3D%20unknown&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.218.234 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-71-218-234.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/5c94a54e4c?l=14
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.002599
Date
Tue, 27 Jun 2017 21:29:09 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-083551586e3dead51, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Length
1
X-Request-Id
574f78143819802b058dc748dd53d6ef
X-UA-Compatible
IE=Edge,chrome=1
trace
dataentry.threatsim.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dataentry.threatsim.com/trace?id=5c94a54e4c&msg=java_version%20%3D%20undefined&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.218.234 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-71-218-234.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/5c94a54e4c?l=14
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.003264
Date
Tue, 27 Jun 2017 21:29:09 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-01f904c02e4d17c99, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Length
1
X-Request-Id
19248ff8d594d6a2b3cb7fc5d05fbc7d
X-UA-Compatible
IE=Edge,chrome=1
trace
dataentry.threatsim.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dataentry.threatsim.com/trace?id=5c94a54e4c&msg=Loading%20flash%20version&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.218.234 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-71-218-234.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/5c94a54e4c?l=14
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.002316
Date
Tue, 27 Jun 2017 21:29:09 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-083551586e3dead51, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Length
1
X-Request-Id
a1ef252ca92e27f8fc6eef84d3b02f1a
X-UA-Compatible
IE=Edge,chrome=1
trace
dataentry.threatsim.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dataentry.threatsim.com/trace?id=5c94a54e4c&msg=flash%20%3D%20unknown&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.218.234 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-71-218-234.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/5c94a54e4c?l=14
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.002857
Date
Tue, 27 Jun 2017 21:29:09 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-083551586e3dead51, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Length
1
X-Request-Id
b073999670468704107a31d692b55302
X-UA-Compatible
IE=Edge,chrome=1
trace
dataentry.threatsim.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dataentry.threatsim.com/trace?id=5c94a54e4c&msg=Loading%20pdf%20version&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.218.234 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-71-218-234.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/5c94a54e4c?l=14
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.005888
Date
Tue, 27 Jun 2017 21:29:09 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-01f904c02e4d17c99, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Length
1
X-Request-Id
b172638d34a21a97adc724e511848766
X-UA-Compatible
IE=Edge,chrome=1
trace
dataentry.threatsim.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dataentry.threatsim.com/trace?id=5c94a54e4c&msg=Could%20not%20find%20AdobeReader%20version&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.218.234 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-71-218-234.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/5c94a54e4c?l=14
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.004500
Date
Tue, 27 Jun 2017 21:29:09 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-080e83e0d04e03b96, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Length
1
X-Request-Id
d8cbb2038a75a13edd05dcb38729602a
X-UA-Compatible
IE=Edge,chrome=1
trace
dataentry.threatsim.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dataentry.threatsim.com/trace?id=5c94a54e4c&msg=pdf%20%3D%20unknown&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.13.169 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-107-23-13-169.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/5c94a54e4c?l=14
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.004333
Date
Tue, 27 Jun 2017 21:29:09 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-080e83e0d04e03b96, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Length
1
X-Request-Id
a6cb2abd81422c03f9ea216b692b1715
X-UA-Compatible
IE=Edge,chrome=1
trace
dataentry.threatsim.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dataentry.threatsim.com/trace?id=5c94a54e4c&msg=Loading%20quicktime%20version&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.218.234 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-71-218-234.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/5c94a54e4c?l=14
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.003001
Date
Tue, 27 Jun 2017 21:29:09 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-01da37e1143120e82, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Length
1
X-Request-Id
97b95b44347c277bf0ac7a0066cc1a84
X-UA-Compatible
IE=Edge,chrome=1
trace
dataentry.threatsim.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dataentry.threatsim.com/trace?id=5c94a54e4c&msg=quicktime%20%3D%20unknown&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.218.234 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-71-218-234.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/5c94a54e4c?l=14
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.002883
Date
Tue, 27 Jun 2017 21:29:09 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-01f904c02e4d17c99, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Length
1
X-Request-Id
1e2a449bcf4368333e7bedcb40c9bb0f
X-UA-Compatible
IE=Edge,chrome=1
trace
dataentry.threatsim.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dataentry.threatsim.com/trace?id=5c94a54e4c&msg=Loading%20RealPlayer%20version&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.218.234 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-71-218-234.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/5c94a54e4c?l=14
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.002341
Date
Tue, 27 Jun 2017 21:29:09 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-01f904c02e4d17c99, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Length
1
X-Request-Id
95a9f1619c61cbc843b613cf4beef226
X-UA-Compatible
IE=Edge,chrome=1
trace
dataentry.threatsim.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dataentry.threatsim.com/trace?id=5c94a54e4c&msg=realplayer%20%3D%20unknown&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.218.234 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-71-218-234.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/5c94a54e4c?l=14
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.002266
Date
Tue, 27 Jun 2017 21:29:09 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-01f904c02e4d17c99, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Length
1
X-Request-Id
4b8e7ccee8695037769ffc4381b7a124
X-UA-Compatible
IE=Edge,chrome=1
trace
dataentry.threatsim.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dataentry.threatsim.com/trace?id=5c94a54e4c&msg=Loading%20Silverlight%20version&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.218.234 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-71-218-234.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/5c94a54e4c?l=14
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.003200
Date
Tue, 27 Jun 2017 21:29:09 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-080e83e0d04e03b96, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Length
1
X-Request-Id
adad24c0a1463c85445f422b813cb83e
X-UA-Compatible
IE=Edge,chrome=1
trace
dataentry.threatsim.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dataentry.threatsim.com/trace?id=5c94a54e4c&msg=silverlight%20%3D%20unknown&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.218.234 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-71-218-234.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/5c94a54e4c?l=14
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.004396
Date
Tue, 27 Jun 2017 21:29:09 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-01da37e1143120e82, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Length
1
X-Request-Id
e4ff67a200c0e3265185e497758d39e8
X-UA-Compatible
IE=Edge,chrome=1
trace
dataentry.threatsim.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dataentry.threatsim.com/trace?id=5c94a54e4c&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.13.169 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-107-23-13-169.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/5c94a54e4c?l=14
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.003862
Date
Tue, 27 Jun 2017 21:29:09 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-01da37e1143120e82, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Length
1
X-Request-Id
b682313721093475a4381d9ac17a104c
X-UA-Compatible
IE=Edge,chrome=1
trace
dataentry.threatsim.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dataentry.threatsim.com/trace?id=5c94a54e4c&msg=wmp%20%3D%20unknown&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.218.234 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-71-218-234.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/5c94a54e4c?l=14
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.003176
Date
Tue, 27 Jun 2017 21:29:09 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-01f904c02e4d17c99, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Length
1
X-Request-Id
5b17707bdc85866859de501cc809bc51
X-UA-Compatible
IE=Edge,chrome=1
trace
dataentry.threatsim.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dataentry.threatsim.com/trace?id=5c94a54e4c&msg=redirecting%20to%20%2Fload_training%3Fguid%3D5c94a54e4c%26correlation_id%3D5db97784-6e89-43bf-b1f1-3e91c9c9e604&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.218.234 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-71-218-234.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/5c94a54e4c?l=14
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.004436
Date
Tue, 27 Jun 2017 21:29:09 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-083551586e3dead51, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Length
1
X-Request-Id
ff83c9e5a622ce97e9c3d6bab37d4120
X-UA-Compatible
IE=Edge,chrome=1
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j56&a=1316571192&t=pageview&_s=1&dl=http%3A%2F%2Factivate.emailquarantine.com%2F5c94a54e4c%3Fl%3D14&ul=en-us&de=UTF-8&dt=Redirecting&sd=24-bit&sr=1...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-83403-17&cid=273867726.1498598948&jid=831784888&_gid=2046672465.1498598948&gjid=149980854&_v=j56&z=264856947
 		35 B
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-83403-17&cid=273867726.1498598948&jid=831784888&_gid=2046672465.1498598948&gjid=149980854&_v=j56&z=264856947
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:400c:c07::9c , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://activate.emailquarantine.com/5c94a54e4c?l=14
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 27 Jun 2017 21:29:08 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="38,37,36,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Jun 2017 21:29:08 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-83403-17&cid=273867726.1498598948&jid=831784888&_gid=2046672465.1498598948&gjid=149980854&_v=j56&z=264856947
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length
414
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/collect?v=1&_v=j56&a=1316571192&t=pageview&_s=2&dl=http%3A%2F%2Factivate.emailquarantine.com%2F5c94a54e4c%3Fl%3D14&ul=en-us&de=UTF-8&dt=Redirecting&sd=24-bit&sr=1600...
  • https://www.google-analytics.com/collect?v=1&_v=j56&a=1316571192&t=pageview&_s=2&dl=http%3A%2F%2Factivate.emailquarantine.com%2F5c94a54e4c%3Fl%3D14&ul=en-us&de=UTF-8&dt=Redirecting&sd=24-bit&sr=160...
 		35 B
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j56&a=1316571192&t=pageview&_s=2&dl=http%3A%2F%2Factivate.emailquarantine.com%2F5c94a54e4c%3Fl%3D14&ul=en-us&de=UTF-8&dt=Redirecting&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABI~&jid=&gjid=&cid=273867726.1498598948&uid=5c94a54e4c&tid=UA-83403-17&_gid=2046672465.1498598948&z=2037629831
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81c::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://activate.emailquarantine.com/5c94a54e4c?l=14
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Jun 2017 15:56:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
365578
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/collect?v=1&_v=j56&a=1316571192&t=pageview&_s=2&dl=http%3A%2F%2Factivate.emailquarantine.com%2F5c94a54e4c%3Fl%3D14&ul=en-us&de=UTF-8&dt=Redirecting&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABI~&jid=&gjid=&cid=273867726.1498598948&uid=5c94a54e4c&tid=UA-83403-17&_gid=2046672465.1498598948&z=2037629831
Non-Authoritative-Reason
HSTS
trace
dataentry.threatsim.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dataentry.threatsim.com/trace?id=5c94a54e4c&msg=browser_post_successful&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.218.234 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-71-218-234.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/5c94a54e4c?l=14
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.008426
Date
Tue, 27 Jun 2017 21:29:09 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-083551586e3dead51, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Length
1
X-Request-Id
324d7276d657fead2cc62818667fb4e4
X-UA-Compatible
IE=Edge,chrome=1
nr-1026.min.js
js-agent.newrelic.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1026.min.js
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.207 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2d10816bada4d94734c1cb7e191ffb89ea7d9bb5c11b3e680f6b00c3a28d4e41

Request headers

Referer
http://activate.emailquarantine.com/5c94a54e4c?l=14
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

Date
Tue, 27 Jun 2017 21:29:09 GMT
Content-Encoding
gzip
x-amz-request-id
FB225AC05AD38D6C
X-Cache
HIT
Connection
keep-alive
Content-Length
8844
x-amz-id-2
OWuXd3VfH/S4xMOrUL59PD+wZ58daVF6qAc6BXdblVZtlcmsV+jIqWP/ZZ74vjmGwS8ffK2p3zU=
X-Served-By
cache-hhn1542-HHN
Last-Modified
Mon, 06 Mar 2017 21:10:03 GMT
Server
AmazonS3
X-Timer
S1498598949.388211,VS0,VE0
ETag
"230c916aaa9194e21891a639a9c2b8eb"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish
Cache-Control
public, max-age=7200, stale-if-error=604800
Accept-Ranges
bytes
X-Cache-Hits
13664
1eb02dae32
bam.nr-data.net/1/ 		0
0
Primary Request load_training
activate.emailquarantine.com/ 		27 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/assets/all.js?g=5c94a54e4c
Protocol
HTTP/1.1
Server
107.23.13.169 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-107-23-13-169.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
7dd839a8ea49f1454668876d46618a045f3f9b5d28654572de046d7a3b3f3244

Request headers

Upgrade-Insecure-Requests
1
Referer
http://activate.emailquarantine.com/5c94a54e4c?l=14
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.013119
Date
Tue, 27 Jun 2017 21:29:09 GMT
Content-Encoding
gzip
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-080e83e0d04e03b96, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
W/"52144b2c29991598cb8f5eb913ccbbb6"
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
9266
X-Request-Id
01ba552d01ce77784f624b3f5cca46f7
X-UA-Compatible
IE=Edge,chrome=1
css
fonts.googleapis.com/ 		775 B
309 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,600,700
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81c::200a , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
ESF /
Resource Hash
e5a3313123afdf8026fb575144ac870f22c921061f8fdcca8bb9546cd9d40b95
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date
Tue, 27 Jun 2017 21:29:09 GMT
content-encoding
gzip
server
ESF
status
200
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="39,38,37,36,35"
x-xss-protection
1; mode=block
expires
Tue, 27 Jun 2017 21:29:09 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:824::200a , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
sffe /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date
Fri, 12 May 2017 09:28:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4017623
status
200
alt-svc
quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length
33593
x-xss-protection
1; mode=block
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 May 2018 09:28:46 GMT
bugsnag-2.min.js
d2wy8f7a9ursnm.cloudfront.net/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Protocol
HTTP/1.1
Server
54.230.51.117 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-51-117.jfk5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

Date
Thu, 13 Apr 2017 18:24:54 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Aug 2016 00:30:49 GMT
Server
AmazonS3
Age
563138
ETag
"6103bb5e4ec6141e19e1100caafc780c"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 c06c27c7288c4be29d3b21ad2efad59f.cloudfront.net (CloudFront)
Cache-Control
public, max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2962
X-Amz-Cf-Id
3VzK3i5JNaQOJRk3Quz_7Xb3Kv5IDb6l6JgbRNFyngxtkMdXMNGMyA==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:824::200a , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
sffe /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date
Wed, 24 May 2017 21:01:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2939257
status
200
alt-svc
quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length
33576
x-xss-protection
1; mode=block
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 May 2018 21:01:32 GMT
plugin_detect.js
tslp.s3.amazonaws.com/detect/ 		49 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.49.24 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

Date
Tue, 27 Jun 2017 21:29:10 GMT
Last-Modified
Wed, 15 Feb 2017 17:56:07 GMT
Server
AmazonS3
x-amz-request-id
64F457354EF796DC
ETag
"00a513f07603df01e3b99be00f370754"
Content-Type
text/javascript
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
50085
x-amz-id-2
nVLTeTEAQLr0a3B9iPv2cSeMrQRUmhDtQxteJecEaXDHhY8CFQvhAgDWFhedUlj9
java.js
tslp.s3.amazonaws.com/detect/ 		50 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tslp.s3.amazonaws.com/detect/java.js?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.49.24 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
4805fc6abdad8075af2165e241b781c3073d4769ae725e4004bf79064acb5f24

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

Date
Tue, 27 Jun 2017 21:29:10 GMT
Last-Modified
Wed, 15 Feb 2017 14:38:28 GMT
Server
AmazonS3
x-amz-request-id
833137294D368AB3
ETag
"2bec0061039dc3fb25fc20aaf611d5b9"
Content-Type
text/javascript
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
50717
x-amz-id-2
EnzLPwyVLPXVX2zUXlNJGRsWggy3UyHJOWSI6Pi02+julB9cL1n1UrXoAWvI3TJh
deployJava.js
java.com/js/ 		18 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://java.com/js/deployJava.js
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:64:18b::196 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Oracle-HTTP-Server /
Resource Hash
466ad0b2717cca53e153ebb6684836c768392498b80d4c820b7771ef47fd7d3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

date
Tue, 27 Jun 2017 21:29:09 GMT
x-content-type-options
nosniff
last-modified
Fri, 09 Jun 2017 15:50:32 GMT
server
Oracle-HTTP-Server
mdt-type
abinary;charset=UTF-8
x-oracle-dms-rid
0:1
x-frame-options
SAMEORIGIN
x-oracle-dms-ecid
005KO^ZFxkk9Tcw70Fn3EF0007ve00iwol
content-type
application/javascript
status
200
cache-control
max-age=86400
content-disposition
inline;filename=deployJava.js;filename*=UTF-8''deployJava.js
content-length
18908
x-xss-protection
1
expires
Wed, 28 Jun 2017 21:29:09 GMT
flash.js
tslp.s3.amazonaws.com/detect/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tslp.s3.amazonaws.com/detect/flash.js?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.49.24 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
a26d01d5912459798481786640dc44fd7605d09f2f9e6dd24720205efcab6861

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

Date
Tue, 27 Jun 2017 21:29:10 GMT
Last-Modified
Wed, 15 Feb 2017 03:54:01 GMT
Server
AmazonS3
x-amz-request-id
5A573975B3C95A99
ETag
"f9ad9a096894ba248e4a1f73e7eba1be"
Content-Type
text/javascript
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
6680
x-amz-id-2
MbjED8vLyQjQP336zM0exQHNlXYs4JkQZUPeXylL/BR00WWuAF8CJvw3vss2EcQt
pdf.js
tslp.s3.amazonaws.com/detect/ 		22 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tslp.s3.amazonaws.com/detect/pdf.js?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.49.24 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
d9b7c6163477008469af64b211e2dbd4f4171b85b51e3714f11c99f9ba2c32f9

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

Date
Tue, 27 Jun 2017 21:29:10 GMT
Last-Modified
Wed, 15 Feb 2017 14:39:34 GMT
Server
AmazonS3
x-amz-request-id
1AE52227745117AE
ETag
"0d5882d41c8b6e40059c8d9acbcf1518"
Content-Type
text/javascript
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
22855
x-amz-id-2
NTb7fIl/KTifyKQ+vrA5kknacM3YcOdg2EbodX4KGt36KUZYVhR+lFVdUlryLXf9
quicktime.js
tslp.s3.amazonaws.com/detect/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tslp.s3.amazonaws.com/detect/quicktime.js?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.49.24 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
6ae53963f41133561c78b4332b564c01f551c471cd91d980436a9f5dacdd8f19

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

Date
Tue, 27 Jun 2017 21:29:10 GMT
Last-Modified
Wed, 15 Feb 2017 14:41:05 GMT
Server
AmazonS3
x-amz-request-id
36F84E72E5F919DF
ETag
"ee73f2f47d51116dc40b85a6b57eaf20"
Content-Type
text/javascript
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
6999
x-amz-id-2
NMktxPSMZmrkXKvUjZHpf+atLeWcwPShqvlERDkrbdNwTZxM2TDJOcayglJBb/2/
realplayer.js
tslp.s3.amazonaws.com/detect/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tslp.s3.amazonaws.com/detect/realplayer.js?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.49.24 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
88be902cc76b5ec1ec932b6ae93457b6b0ca69d7a36bfadefc2f24db225dc238

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

Date
Tue, 27 Jun 2017 21:29:10 GMT
Last-Modified
Wed, 15 Feb 2017 14:45:02 GMT
Server
AmazonS3
x-amz-request-id
8168E6ADE47E7F31
ETag
"3d7be656672c16a34806c13388410325"
Content-Type
text/javascript
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
9775
x-amz-id-2
7pDDdU7cGZa+VApQUoSl6llPCjnMWxwz+b+0ZQdKFNuR3H4toDFl8e6x4TyFSn6E
silverlight.js
tslp.s3.amazonaws.com/detect/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tslp.s3.amazonaws.com/detect/silverlight.js?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.49.24 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
0730a7e6770925fa4232096e4d9874514985ec791a63fe873f0e4e3cd7722381

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

Date
Tue, 27 Jun 2017 21:29:10 GMT
Last-Modified
Wed, 15 Feb 2017 18:00:03 GMT
Server
AmazonS3
x-amz-request-id
756B6B8A4EB68938
ETag
"e6dd596d2bc204ea573b868b92028c26"
Content-Type
text/javascript
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
4234
x-amz-id-2
pywSo/WEvor/vuZDFtCy1agoW3CC8BAtODH1aUopHZuy/KDntnN1D+fu3w3Q1ME+
wmp.js
tslp.s3.amazonaws.com/detect/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tslp.s3.amazonaws.com/detect/wmp.js?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.49.24 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
cdb16ca3ddd3cead71121799751fa80d3033375abcdbc5fc84d35fb82c7fc9de

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

Date
Tue, 27 Jun 2017 21:29:10 GMT
Last-Modified
Wed, 15 Feb 2017 15:07:14 GMT
Server
AmazonS3
x-amz-request-id
FFF9CDD6616397BA
ETag
"ffd2cc77bb64d40beeb5d561fffe1f79"
Content-Type
text/javascript
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
5941
x-amz-id-2
wUmuZ2xW5mNqktQWQcdzIo9E1HvX3JEr0uzoYvPTEu2uz/OaMiCOSxYhlvgebDy0
dude.png
d25q7gseii1o1q.cloudfront.net/training/three_key_tips/ 		95 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d25q7gseii1o1q.cloudfront.net/training/three_key_tips/dude.png
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.192.55.171 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-55-171.jfk6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
670e2b3746bace2849346735f48d39f2beb334590d2effdd51146adc04b036ad

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

Date
Mon, 19 Jun 2017 17:04:34 GMT
Via
1.1 9ce63d3af60e77462dfef1ebe1eea8f0.cloudfront.net (CloudFront)
Last-Modified
Fri, 30 May 2014 22:06:54 GMT
Server
AmazonS3
Age
72936
ETag
"bb6b4648d9323b897531f4c4de68d5f8"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
97463
X-Amz-Cf-Id
lgt4Xp6HXDjpeQhQ5fHdQUpOHAvJ_VhJ9qodU27swTOVGXqvUtxL3Q==
security.png
d25q7gseii1o1q.cloudfront.net/training/three_key_tips/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d25q7gseii1o1q.cloudfront.net/training/three_key_tips/security.png
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.192.55.171 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-55-171.jfk6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
30dd9f54b34a72d85345adcfa029db1447e2a72a15e9d3e05d9fe4426ac4c1da

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

Date
Mon, 19 Jun 2017 13:34:39 GMT
Via
1.1 2ebc0bd350ce03ac7549d526b72cae8e.cloudfront.net (CloudFront)
Last-Modified
Fri, 30 May 2014 22:07:52 GMT
Server
AmazonS3
Age
19393
ETag
"fcaec9fd5786787b90bb0012daf1ed40"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8560
X-Amz-Cf-Id
g1JvaYaKmsNQY0R-45_xgJLec57zbTiR8R6X72FawFfTia3Ra3_Yaw==
search.png
d25q7gseii1o1q.cloudfront.net/training/three_key_tips/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d25q7gseii1o1q.cloudfront.net/training/three_key_tips/search.png
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.192.55.171 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-55-171.jfk6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3665ad6f66b48b096ee543a405fe25fe2bc5d1b59e04f8899a5c398aa783ca5a

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

Date
Mon, 19 Jun 2017 13:34:40 GMT
Via
1.1 044470188efe7aea5c8537e1416e3d92.cloudfront.net (CloudFront)
Last-Modified
Fri, 30 May 2014 22:07:52 GMT
Server
AmazonS3
Age
19393
ETag
"2c7bc083aaa2e61bf7befdf12bbcf70c"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3661
X-Amz-Cf-Id
V_ghIFKEDx1TXXHjVf_0RpXXndU9xiRvNSIlFQfSBxGstFDvgS1GVQ==
user-group.png
d25q7gseii1o1q.cloudfront.net/training/three_key_tips/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d25q7gseii1o1q.cloudfront.net/training/three_key_tips/user-group.png
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.192.55.171 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-55-171.jfk6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6c9853cb4a66acc2d9404ccbe10d598c26ddc66cb4bafdcb59d32cbac92f7bca

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

Date
Mon, 19 Jun 2017 13:34:41 GMT
Via
1.1 829eee129e6b5002d6c1a37f04888da1.cloudfront.net (CloudFront)
Last-Modified
Fri, 30 May 2014 22:07:52 GMT
Server
AmazonS3
Age
19393
ETag
"26e2a6551d162038ff39bf06633ff724"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12047
X-Amz-Cf-Id
XInfzfnf5NZ5DYoujiy5nHBIayuK85ue43kRFZNevXGKc7kQgeRjJA==
google-tracking.js
activate.emailquarantine.com/assets/ 		455 B
316 B 		Script
General
Check archive.org
Download Go to
Full URL
http://activate.emailquarantine.com/assets/google-tracking.js?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Protocol
HTTP/1.1
Server
107.23.13.169 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-107-23-13-169.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
fce517e48a56b76d45fd456264b90c82aa6e9ddb578f9f36d844ace5816d9841

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

Date
Tue, 27 Jun 2017 21:29:09 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 May 2017 16:03:28 GMT
Server
ThreatSim-Web-Server
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Content-Length
316
Expires
Thu, 31 Dec 2037 23:55:55 GMT
all.js
activate.emailquarantine.com/assets/ 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://activate.emailquarantine.com/assets/all.js?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Protocol
HTTP/1.1
Server
107.23.13.169 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-107-23-13-169.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
bae06f323013a94b766da34246d6439db4b57a1144e7b4f4c6a18848eb7a4cf8

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

Date
Tue, 27 Jun 2017 21:29:09 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 May 2017 01:01:34 GMT
Server
ThreatSim-Web-Server
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Content-Length
7149
Expires
Thu, 31 Dec 2037 23:55:55 GMT
k3k702ZOKiLJc3WVjuplzInF5uFdDttMLvmWuJdhhgs.ttf
fonts.gstatic.com/s/opensans/v14/ 		27 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v14/k3k702ZOKiLJc3WVjuplzInF5uFdDttMLvmWuJdhhgs.ttf
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81c::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
sffe /
Resource Hash
f8f7011da51c1d4c55a123107fa854c1750daff3c8dcc3331e0c0633727c797d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,600,700
Origin
http://activate.emailquarantine.com

Response headers

date
Wed, 14 Jun 2017 16:49:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1139991
status
200
alt-svc
quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length
18604
x-xss-protection
1; mode=block
last-modified
Wed, 14 Jun 2017 16:46:24 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Jun 2018 16:49:18 GMT
DXI1ORHCpsQm3Vp6mXoaTYnF5uFdDttMLvmWuJdhhgs.ttf
fonts.gstatic.com/s/opensans/v14/ 		27 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v14/DXI1ORHCpsQm3Vp6mXoaTYnF5uFdDttMLvmWuJdhhgs.ttf
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81c::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
sffe /
Resource Hash
cd4c8f51bee563540c10456abc2cc84185f4ecf5af8a45b80eb8c16c620cfc0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,600,700
Origin
http://activate.emailquarantine.com

Response headers

date
Wed, 14 Jun 2017 16:49:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1139992
status
200
alt-svc
quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length
18391
x-xss-protection
1; mode=block
last-modified
Wed, 14 Jun 2017 16:45:42 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Jun 2018 16:49:17 GMT
bg.png
d25q7gseii1o1q.cloudfront.net/training/three_key_tips/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d25q7gseii1o1q.cloudfront.net/training/three_key_tips/bg.png
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.192.55.238 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-55-238.jfk6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ef3a8413a1b80d3af4bfabdfe3b37c748345af23590c18ef4719b18d9a1a1f39

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

Date
Mon, 19 Jun 2017 13:34:43 GMT
Via
1.1 b7c3cbb5c341d39495b423af981f2a5d.cloudfront.net (CloudFront)
Last-Modified
Fri, 30 May 2014 22:05:42 GMT
Server
AmazonS3
Age
19393
ETag
"fc8cac7fd4d7fdb1d37804580f8f66bf"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10120
X-Amz-Cf-Id
5SN2WI1BeTm2WW9TcoZGU7ewb1e_La9wEqFwF06F8euopAJEuopRuQ==
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81c::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
Golfe2 /
Resource Hash
765010cbfccaf06cb5b9166023a22b655a10b37075c91e276a5550c5ecd855ba
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 06 Jun 2017 00:25:39 GMT
server
Golfe2
age
1307
date
Tue, 27 Jun 2017 21:07:22 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length
12343
expires
Tue, 27 Jun 2017 23:07:22 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
collect
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/collect?v=1&_v=j56&a=1164525139&t=pageview&_s=1&dl=http%3A%2F%2Factivate.emailquarantine.com%2Fload_training%3Fguid%3D5c94a54e4c%26correlation_id%3D5db97784-6e89-43b...
  • https://www.google-analytics.com/collect?v=1&_v=j56&a=1164525139&t=pageview&_s=1&dl=http%3A%2F%2Factivate.emailquarantine.com%2Fload_training%3Fguid%3D5c94a54e4c%26correlation_id%3D5db97784-6e89-43...
 		35 B
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j56&a=1164525139&t=pageview&_s=1&dl=http%3A%2F%2Factivate.emailquarantine.com%2Fload_training%3Fguid%3D5c94a54e4c%26correlation_id%3D5db97784-6e89-43bf-b1f1-3e91c9c9e604&ul=en-us&de=UTF-8&dt=You%27ve%20Been%20Phished!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=AACAAEABI~&jid=&gjid=&cid=273867726.1498598948&tid=UA-83403-17&_gid=2046672465.1498598948&z=1932377283
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81c::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Jun 2017 15:56:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
365579
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/collect?v=1&_v=j56&a=1164525139&t=pageview&_s=1&dl=http%3A%2F%2Factivate.emailquarantine.com%2Fload_training%3Fguid%3D5c94a54e4c%26correlation_id%3D5db97784-6e89-43bf-b1f1-3e91c9c9e604&ul=en-us&de=UTF-8&dt=You%27ve%20Been%20Phished!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=AACAAEABI~&jid=&gjid=&cid=273867726.1498598948&tid=UA-83403-17&_gid=2046672465.1498598948&z=1932377283
Non-Authoritative-Reason
HSTS
trace
activate.emailquarantine.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://activate.emailquarantine.com/trace?id=undefined&msg=window.tracking_id%20is%20not%20set%2C%20let%27s%20get%20it&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Server
107.23.13.169 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-107-23-13-169.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.002696
Date
Tue, 27 Jun 2017 21:29:10 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-083551586e3dead51, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
1
X-Request-Id
fcc734839faefffcfc1dfafe9dfd7d55
X-UA-Compatible
IE=Edge,chrome=1
trace
activate.emailquarantine.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://activate.emailquarantine.com/trace?id=unknown&msg=get-id%20is%20undefined&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Server
107.23.13.169 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-107-23-13-169.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.003285
Date
Tue, 27 Jun 2017 21:29:10 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-080e83e0d04e03b96, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
1
X-Request-Id
8a49a8f7cdf5f11934db005fc2d16104
X-UA-Compatible
IE=Edge,chrome=1
trace
activate.emailquarantine.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://activate.emailquarantine.com/trace?id=unknown&msg=did%20not%20find%20guid%20in%20last%20part%20of%20location&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Server
107.23.13.169 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-107-23-13-169.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.003116
Date
Tue, 27 Jun 2017 21:29:10 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-01da37e1143120e82, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
1
X-Request-Id
2d9599fb8e75ed69f7b0d3242a3c4e7b
X-UA-Compatible
IE=Edge,chrome=1
collect
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/collect?v=1&_v=j56&a=1164525139&t=pageview&_s=2&dl=http%3A%2F%2Factivate.emailquarantine.com%2Fload_training%3Fguid%3D5c94a54e4c%26correlation_id%3D5db97784-6e89-43b...
  • https://www.google-analytics.com/collect?v=1&_v=j56&a=1164525139&t=pageview&_s=2&dl=http%3A%2F%2Factivate.emailquarantine.com%2Fload_training%3Fguid%3D5c94a54e4c%26correlation_id%3D5db97784-6e89-43...
 		35 B
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j56&a=1164525139&t=pageview&_s=2&dl=http%3A%2F%2Factivate.emailquarantine.com%2Fload_training%3Fguid%3D5c94a54e4c%26correlation_id%3D5db97784-6e89-43bf-b1f1-3e91c9c9e604&ul=en-us&de=UTF-8&dt=You%27ve%20Been%20Phished!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=SACAAEABI~&jid=&gjid=&cid=273867726.1498598948&tid=UA-83403-17&_gid=2046672465.1498598948&z=1075057859
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81c::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Jun 2017 15:56:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
365579
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/collect?v=1&_v=j56&a=1164525139&t=pageview&_s=2&dl=http%3A%2F%2Factivate.emailquarantine.com%2Fload_training%3Fguid%3D5c94a54e4c%26correlation_id%3D5db97784-6e89-43bf-b1f1-3e91c9c9e604&ul=en-us&de=UTF-8&dt=You%27ve%20Been%20Phished!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=SACAAEABI~&jid=&gjid=&cid=273867726.1498598948&tid=UA-83403-17&_gid=2046672465.1498598948&z=1075057859
Non-Authoritative-Reason
HSTS
trace
activate.emailquarantine.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://activate.emailquarantine.com/trace?id=5c94a54e4c&msg=BrowserDetect%20-%20localStorage%20%3D%20false&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Server
107.23.13.169 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-107-23-13-169.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.004617
Date
Tue, 27 Jun 2017 21:29:10 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-01da37e1143120e82, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
1
X-Request-Id
712604c7c9bd07c0862b570f2d00fb9e
X-UA-Compatible
IE=Edge,chrome=1
trace
activate.emailquarantine.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://activate.emailquarantine.com/trace?id=5c94a54e4c&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Server
107.23.13.169 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-107-23-13-169.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.003098
Date
Tue, 27 Jun 2017 21:29:10 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-01f904c02e4d17c99, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
1
X-Request-Id
6511144dd19a4c58124575ac80c589a5
X-UA-Compatible
IE=Edge,chrome=1
trace
activate.emailquarantine.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://activate.emailquarantine.com/trace?id=5c94a54e4c&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Server
107.23.13.169 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-107-23-13-169.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.004218
Date
Tue, 27 Jun 2017 21:29:10 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-080e83e0d04e03b96, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
1
X-Request-Id
484c1cbdcd8068f2d0a2e3bdf928ddc2
X-UA-Compatible
IE=Edge,chrome=1
trace
activate.emailquarantine.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://activate.emailquarantine.com/trace?id=5c94a54e4c&msg=BrowserDetect%20-%20browser%20%3D%20Chrome&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Server
107.23.13.169 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-107-23-13-169.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.004949
Date
Tue, 27 Jun 2017 21:29:10 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-083551586e3dead51, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
1
X-Request-Id
9abaab74b1d10c70ec0711478cf72bf9
X-UA-Compatible
IE=Edge,chrome=1
trace
activate.emailquarantine.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://activate.emailquarantine.com/trace?id=5c94a54e4c&msg=BrowserDetect%20-%20browser_version%20%3D%2059&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Server
107.23.13.169 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-107-23-13-169.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.003561
Date
Tue, 27 Jun 2017 21:29:10 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-01da37e1143120e82, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
1
X-Request-Id
7e097aa746b6dad5956ec4501dc941a9
X-UA-Compatible
IE=Edge,chrome=1
trace
activate.emailquarantine.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://activate.emailquarantine.com/trace?id=5c94a54e4c&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Server
107.23.13.169 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-107-23-13-169.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.003718
Date
Tue, 27 Jun 2017 21:29:10 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-01da37e1143120e82, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
1
X-Request-Id
7f64eff9df4a70e009761de4351a6492
X-UA-Compatible
IE=Edge,chrome=1
trace
activate.emailquarantine.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://activate.emailquarantine.com/trace?id=5c94a54e4c&msg=BrowserDetect%20-%20os_version%20%3D%20&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Server
107.23.13.169 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-107-23-13-169.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.003344
Date
Tue, 27 Jun 2017 21:29:10 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-01da37e1143120e82, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
1
X-Request-Id
a558872141aa2129825b4c40f81d53a6
X-UA-Compatible
IE=Edge,chrome=1
trace
activate.emailquarantine.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://activate.emailquarantine.com/trace?id=5c94a54e4c&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Server
107.23.13.169 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-107-23-13-169.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.002662
Date
Tue, 27 Jun 2017 21:29:10 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-080e83e0d04e03b96, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
1
X-Request-Id
a742de538bdaf7baffbc3d9606779661
X-UA-Compatible
IE=Edge,chrome=1
trace
activate.emailquarantine.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://activate.emailquarantine.com/trace?id=5c94a54e4c&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Server
107.23.13.169 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-107-23-13-169.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.004672
Date
Tue, 27 Jun 2017 21:29:10 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-083551586e3dead51, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
1
X-Request-Id
f6bcadf1094acd58b6505c78e6b649cb
X-UA-Compatible
IE=Edge,chrome=1
trace
activate.emailquarantine.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://activate.emailquarantine.com/trace?id=5c94a54e4c&msg=BrowserDetect%20-%20width%20%3D%201600&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Server
107.23.13.169 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-107-23-13-169.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.002431
Date
Tue, 27 Jun 2017 21:29:10 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-01da37e1143120e82, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
1
X-Request-Id
21b9cde094a3bd352b3c496da6badf03
X-UA-Compatible
IE=Edge,chrome=1
trace
activate.emailquarantine.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://activate.emailquarantine.com/trace?id=5c94a54e4c&msg=BrowserDetect%20-%20height%20%3D%201200&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Server
107.23.13.169 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-107-23-13-169.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.003917
Date
Tue, 27 Jun 2017 21:29:10 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-083551586e3dead51, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
1
X-Request-Id
5ec2cd206fcb8ec77b729cbe993cd28b
X-UA-Compatible
IE=Edge,chrome=1
trace
activate.emailquarantine.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://activate.emailquarantine.com/trace?id=5c94a54e4c&msg=Chrome%20browser%2C%20using%20more%20detailed%20version&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Server
107.23.13.169 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-107-23-13-169.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.004339
Date
Tue, 27 Jun 2017 21:29:10 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-083551586e3dead51, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
1
X-Request-Id
c5283409020cdfce42b701371186b294
X-UA-Compatible
IE=Edge,chrome=1
trace
activate.emailquarantine.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://activate.emailquarantine.com/trace?id=5c94a54e4c&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Server
107.23.13.169 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-107-23-13-169.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.002646
Date
Tue, 27 Jun 2017 21:29:10 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-01da37e1143120e82, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
1
X-Request-Id
4a6feb2074666c4622b16e1d921dfcbd
X-UA-Compatible
IE=Edge,chrome=1
trace
activate.emailquarantine.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://activate.emailquarantine.com/trace?id=5c94a54e4c&msg=java_version_pl%20%3D%20unknown&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Server
107.23.13.169 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-107-23-13-169.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.002768
Date
Tue, 27 Jun 2017 21:29:10 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-01f904c02e4d17c99, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
1
X-Request-Id
6ec20e71af5565b62bf4836ebbcf27cc
X-UA-Compatible
IE=Edge,chrome=1
trace
activate.emailquarantine.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://activate.emailquarantine.com/trace?id=5c94a54e4c&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Server
107.23.13.169 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-107-23-13-169.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.003304
Date
Tue, 27 Jun 2017 21:29:10 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-083551586e3dead51, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
1
X-Request-Id
2fd9e25210257109c81d22cf310fb20c
X-UA-Compatible
IE=Edge,chrome=1
trace
activate.emailquarantine.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://activate.emailquarantine.com/trace?id=5c94a54e4c&msg=java_version_jres%20%3D%20unknown&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Server
107.23.13.169 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-107-23-13-169.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.002954
Date
Tue, 27 Jun 2017 21:29:10 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-080e83e0d04e03b96, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
1
X-Request-Id
7807f2dbaf3ea52192e9027e783214ae
X-UA-Compatible
IE=Edge,chrome=1
trace
activate.emailquarantine.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://activate.emailquarantine.com/trace?id=5c94a54e4c&msg=java_version%20%3D%20undefined&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Server
107.23.13.169 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-107-23-13-169.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.002420
Date
Tue, 27 Jun 2017 21:29:10 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-01da37e1143120e82, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
1
X-Request-Id
d299461c947cbae4dddfc48e0793b70b
X-UA-Compatible
IE=Edge,chrome=1
trace
activate.emailquarantine.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://activate.emailquarantine.com/trace?id=5c94a54e4c&msg=Loading%20flash%20version&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Server
107.23.13.169 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-107-23-13-169.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.002747
Date
Tue, 27 Jun 2017 21:29:10 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-01da37e1143120e82, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
1
X-Request-Id
c7627773f115b9a9043ca3462f590b61
X-UA-Compatible
IE=Edge,chrome=1
trace
activate.emailquarantine.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://activate.emailquarantine.com/trace?id=5c94a54e4c&msg=flash%20%3D%20unknown&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Server
107.23.13.169 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-107-23-13-169.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.003120
Date
Tue, 27 Jun 2017 21:29:10 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-01f904c02e4d17c99, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
1
X-Request-Id
99a143620701337f7113bac5dda87779
X-UA-Compatible
IE=Edge,chrome=1
trace
activate.emailquarantine.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://activate.emailquarantine.com/trace?id=5c94a54e4c&msg=Loading%20pdf%20version&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Server
107.23.13.169 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-107-23-13-169.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.006202
Date
Tue, 27 Jun 2017 21:29:10 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-080e83e0d04e03b96, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
1
X-Request-Id
3465b97bd57dfb9268106e62e28ade06
X-UA-Compatible
IE=Edge,chrome=1
trace
activate.emailquarantine.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://activate.emailquarantine.com/trace?id=5c94a54e4c&msg=Could%20not%20find%20AdobeReader%20version&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Server
107.23.13.169 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-107-23-13-169.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.002457
Date
Tue, 27 Jun 2017 21:29:10 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-01da37e1143120e82, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
1
X-Request-Id
f480526a0ed68234fb978a0e50cd4944
X-UA-Compatible
IE=Edge,chrome=1
trace
activate.emailquarantine.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://activate.emailquarantine.com/trace?id=5c94a54e4c&msg=pdf%20%3D%20unknown&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Server
107.23.13.169 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-107-23-13-169.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.002561
Date
Tue, 27 Jun 2017 21:29:10 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-080e83e0d04e03b96, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
1
X-Request-Id
fa7da0b200a69809002101fafd699fd0
X-UA-Compatible
IE=Edge,chrome=1
trace
activate.emailquarantine.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://activate.emailquarantine.com/trace?id=5c94a54e4c&msg=Loading%20quicktime%20version&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Server
107.23.13.169 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-107-23-13-169.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.002398
Date
Tue, 27 Jun 2017 21:29:10 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-01f904c02e4d17c99, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
1
X-Request-Id
0845d48f078fdbc27f74509e5e53e3da
X-UA-Compatible
IE=Edge,chrome=1
trace
activate.emailquarantine.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://activate.emailquarantine.com/trace?id=5c94a54e4c&msg=quicktime%20%3D%20unknown&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Server
107.23.13.169 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-107-23-13-169.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.002641
Date
Tue, 27 Jun 2017 21:29:10 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-083551586e3dead51, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
1
X-Request-Id
7c8c1b2801c59685a2fd0d5005794b13
X-UA-Compatible
IE=Edge,chrome=1
trace
activate.emailquarantine.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://activate.emailquarantine.com/trace?id=5c94a54e4c&msg=Loading%20RealPlayer%20version&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Server
107.23.13.169 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-107-23-13-169.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.003426
Date
Tue, 27 Jun 2017 21:29:10 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-083551586e3dead51, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
1
X-Request-Id
e9062e35dd2e03010266e1b7acb8a386
X-UA-Compatible
IE=Edge,chrome=1
trace
activate.emailquarantine.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://activate.emailquarantine.com/trace?id=5c94a54e4c&msg=realplayer%20%3D%20unknown&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Server
107.23.13.169 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-107-23-13-169.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.002803
Date
Tue, 27 Jun 2017 21:29:10 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-01da37e1143120e82, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
1
X-Request-Id
e3056f17943a39b11218afb8d1ae5c2d
X-UA-Compatible
IE=Edge,chrome=1
trace
activate.emailquarantine.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://activate.emailquarantine.com/trace?id=5c94a54e4c&msg=Loading%20Silverlight%20version&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Server
107.23.13.169 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-107-23-13-169.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.002738
Date
Tue, 27 Jun 2017 21:29:10 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-080e83e0d04e03b96, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
1
X-Request-Id
7bae734b623401c2c634d1d9d687b598
X-UA-Compatible
IE=Edge,chrome=1
trace
activate.emailquarantine.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://activate.emailquarantine.com/trace?id=5c94a54e4c&msg=silverlight%20%3D%20unknown&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Server
107.23.13.169 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-107-23-13-169.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.006005
Date
Tue, 27 Jun 2017 21:29:10 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-01f904c02e4d17c99, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
1
X-Request-Id
d71372aacc74a5a8880ad350997f8f35
X-UA-Compatible
IE=Edge,chrome=1
trace
activate.emailquarantine.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://activate.emailquarantine.com/trace?id=5c94a54e4c&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Server
107.23.13.169 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-107-23-13-169.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.002344
Date
Tue, 27 Jun 2017 21:29:10 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-01da37e1143120e82, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
1
X-Request-Id
7696202469a3a4756923ce9fd209328b
X-UA-Compatible
IE=Edge,chrome=1
trace
activate.emailquarantine.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://activate.emailquarantine.com/trace?id=5c94a54e4c&msg=wmp%20%3D%20unknown&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Server
107.23.13.169 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-107-23-13-169.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.002685
Date
Tue, 27 Jun 2017 21:29:10 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-080e83e0d04e03b96, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
1
X-Request-Id
2ccfe4d0eba36c123b5114759eb5da21
X-UA-Compatible
IE=Edge,chrome=1
trace
activate.emailquarantine.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://activate.emailquarantine.com/trace?id=5c94a54e4c&msg=training_page_no_browser_post&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Server
107.23.13.169 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-107-23-13-169.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.002553
Date
Tue, 27 Jun 2017 21:29:10 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-083551586e3dead51, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
1
X-Request-Id
d35944be5700f061115d6538f3045901
X-UA-Compatible
IE=Edge,chrome=1
trace
activate.emailquarantine.com/ 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://activate.emailquarantine.com/trace?id=5c94a54e4c&msg=redirect_url%20is%20undefined&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/5c94a54e4c?l=14
Protocol
HTTP/1.1
Server
107.23.13.169 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-107-23-13-169.compute-1.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

X-Runtime
0.003309
Date
Tue, 27 Jun 2017 21:29:10 GMT
X-Rack-Cache
miss
Server
ThreatSim-Web-Server
X-Host-Info
lw-prd-us-i-01f904c02e4d17c99, ; e8577915b5eb8ccc2f1527c6ae8f25d15ecfd163
ETag
"7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
1
X-Request-Id
f001136a5002a8bf320afadf56d7a12d
X-UA-Compatible
IE=Edge,chrome=1
nr-1026.min.js
js-agent.newrelic.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1026.min.js
Requested by
Host: activate.emailquarantine.com
URL: http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.207 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2d10816bada4d94734c1cb7e191ffb89ea7d9bb5c11b3e680f6b00c3a28d4e41

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

Date
Tue, 27 Jun 2017 21:29:10 GMT
Content-Encoding
gzip
x-amz-request-id
FB225AC05AD38D6C
X-Cache
HIT
Connection
keep-alive
Content-Length
8844
x-amz-id-2
OWuXd3VfH/S4xMOrUL59PD+wZ58daVF6qAc6BXdblVZtlcmsV+jIqWP/ZZ74vjmGwS8ffK2p3zU=
X-Served-By
cache-hhn1542-HHN
Last-Modified
Mon, 06 Mar 2017 21:10:03 GMT
Server
AmazonS3
X-Timer
S1498598951.702917,VS0,VE0
ETag
"230c916aaa9194e21891a639a9c2b8eb"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish
Cache-Control
public, max-age=7200, stale-if-error=604800
Accept-Ranges
bytes
X-Cache-Hits
13681
1eb02dae32
bam.nr-data.net/1/ 		57 B
57 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/1eb02dae32?a=16828251&v=1026.7a27a3e&to=J1oIRBZeWVQHSxwVFwVcCFkKVhpLClZE&rst=1304&ref=http://activate.emailquarantine.com/load_training&ap=14&be=120&fe=1296&dc=556&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1498598949412,%22n%22:0,%22u%22:115,%22ue%22:115,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22ce%22:0,%22rq%22:0,%22rp%22:114,%22rpe%22:114,%22dl%22:117,%22di%22:555,%22ds%22:556,%22de%22:566,%22dc%22:1296,%22l%22:1296,%22le%22:1297%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1026.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
50.31.164.174 Chicago, United States, ASN23352 (SERVERCENTRAL - Server Central Network, US),
Reverse DNS
bam-4.nr-data.net
Software
/
Resource Hash
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

Referer
http://activate.emailquarantine.com/load_training?guid=5c94a54e4c&correlation_id=5db97784-6e89-43bf-b1f1-3e91c9c9e604
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.109 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
57
Content-Type
text/javascript;charset=ISO-8859-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bam.nr-data.net
URL
https://bam.nr-data.net/1/1eb02dae32?a=16828251&v=1026.7a27a3e&to=J1oIRBZeWVQHSxwNBApRD14DHkZQDU4%3D&rst=1958&ref=http://activate.emailquarantine.com/5c94a54e4c&ap=13&be=220&fe=1928&dc=952&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1498598947447,%22n%22:0,%22f%22:0,%22dn%22:2,%22dne%22:2,%22c%22:2,%22ce%22:100,%22rq%22:100,%22rp%22:213,%22rpe%22:214,%22dl%22:214,%22di%22:952,%22ds%22:952,%22de%22:968,%22dc%22:1928,%22l%22:1928,%22le%22:1929%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Phishing Simulation (Internet)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Domain/Path Name / Value
.emailquarantine.com/ Name: _gid
Value: GA1.2.2046672465.1498598948
.emailquarantine.com/ Name: _gat
Value: 1
activate.emailquarantine.com/ Name: link_clicked_5c94a54e4c
Value: 2
.emailquarantine.com/ Name: _ga
Value: GA1.2.273867726.1498598948
activate.emailquarantine.com/ Name: EXFILGUID
Value: 5c94a54e4c

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

activate.emailquarantine.com
ajax.googleapis.com
bam.nr-data.net
d25q7gseii1o1q.cloudfront.net
d2wy8f7a9ursnm.cloudfront.net
dataentry.threatsim.com
fonts.googleapis.com
fonts.gstatic.com
java.com
js-agent.newrelic.com
stats.g.doubleclick.net
tslp.s3.amazonaws.com
www.google-analytics.com
bam.nr-data.net
107.23.13.169
151.101.112.207
2a00:1450:4001:81c::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:81c::200e
2a00:1450:4001:824::200a
2a00:1450:400c:c07::9c
2a02:26f0:64:18b::196
50.31.164.174
52.71.218.234
54.192.55.171
54.192.55.238
54.230.51.117
54.231.49.24
04db3df0f31ddd4542e9ce4f36fd7c0257ff818481bf28bdd70816328370c24f
0730a7e6770925fa4232096e4d9874514985ec791a63fe873f0e4e3cd7722381
2d10816bada4d94734c1cb7e191ffb89ea7d9bb5c11b3e680f6b00c3a28d4e41
30dd9f54b34a72d85345adcfa029db1447e2a72a15e9d3e05d9fe4426ac4c1da
3665ad6f66b48b096ee543a405fe25fe2bc5d1b59e04f8899a5c398aa783ca5a
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
466ad0b2717cca53e153ebb6684836c768392498b80d4c820b7771ef47fd7d3d
4805fc6abdad8075af2165e241b781c3073d4769ae725e4004bf79064acb5f24
4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
670e2b3746bace2849346735f48d39f2beb334590d2effdd51146adc04b036ad
6ae53963f41133561c78b4332b564c01f551c471cd91d980436a9f5dacdd8f19
6c9853cb4a66acc2d9404ccbe10d598c26ddc66cb4bafdcb59d32cbac92f7bca
765010cbfccaf06cb5b9166023a22b655a10b37075c91e276a5550c5ecd855ba
7dd839a8ea49f1454668876d46618a045f3f9b5d28654572de046d7a3b3f3244
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88be902cc76b5ec1ec932b6ae93457b6b0ca69d7a36bfadefc2f24db225dc238
9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc
a26d01d5912459798481786640dc44fd7605d09f2f9e6dd24720205efcab6861
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
bae06f323013a94b766da34246d6439db4b57a1144e7b4f4c6a18848eb7a4cf8
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
cd4c8f51bee563540c10456abc2cc84185f4ecf5af8a45b80eb8c16c620cfc0a
cdb16ca3ddd3cead71121799751fa80d3033375abcdbc5fc84d35fb82c7fc9de
d9b7c6163477008469af64b211e2dbd4f4171b85b51e3714f11c99f9ba2c32f9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a3313123afdf8026fb575144ac870f22c921061f8fdcca8bb9546cd9d40b95
ef3a8413a1b80d3af4bfabdfe3b37c748345af23590c18ef4719b18d9a1a1f39
f8f7011da51c1d4c55a123107fa854c1750daff3c8dcc3331e0c0633727c797d
fce517e48a56b76d45fd456264b90c82aa6e9ddb578f9f36d844ace5816d9841