corp-internal.com Open in urlscan Pro
52.7.156.29 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://corp-internal.com/8a5bb7bbff?l=71
Effective URL:
http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Submission: On June 18 via manual (June 18th 2018, 9:25:02 pm UTC) from US

Summary HTTP 66 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 7 domains to perform 66 HTTP transactions. The main IP is 52.7.156.29, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is corp-internal.com.

This is the only time corp-internal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
31	52.7.156.29 52.7.156.29	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
2	54.231.49.186 54.231.49.186	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	52.85.245.243 52.85.245.243	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1 6	2a00:1450:400... 2a00:1450:4001:817::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
22	34.224.159.233 34.224.159.233	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	2a00:1450:400... 2a00:1450:400c:c0a::9c	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	54.231.72.107 54.231.72.107	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
66	9

31 52.7.156.29 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-7-156-29.compute-1.amazonaws.com

corp-internal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.231.49.186 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1-w.amazonaws.com

tslp.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.85.245.243 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-85-245-243.ams50.r.cloudfront.net

d2wy8f7a9ursnm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:817::200e (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 34.224.159.233 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-224-159-233.compute-1.amazonaws.com

dataentry.threatsim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9c (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.231.72.107 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1-w.amazonaws.com

ts-uploads.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	corp-internal.com corp-internal.com	34 KB
22	threatsim.com dataentry.threatsim.com	13 KB
6	google-analytics.com 1 redirects www.google-analytics.com	29 KB
3	amazonaws.com tslp.s3.amazonaws.com ts-uploads.s3.amazonaws.com	255 KB
2	googleapis.com ajax.googleapis.com	66 KB
2	cloudfront.net d2wy8f7a9ursnm.cloudfront.net	7 KB
1	doubleclick.net stats.g.doubleclick.net	102 B
66	7

	Domain	Requested by
31	corp-internal.com	corp-internal.com
22	dataentry.threatsim.com	ajax.googleapis.com corp-internal.com
6	www.google-analytics.com	1 redirects corp-internal.com
2	ajax.googleapis.com	corp-internal.com
2	d2wy8f7a9ursnm.cloudfront.net	corp-internal.com
2	tslp.s3.amazonaws.com	corp-internal.com
1	ts-uploads.s3.amazonaws.com	corp-internal.com
1	stats.g.doubleclick.net	corp-internal.com
66	8

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Frame ID: 8EC0356D4DBCC89D2C514C80550139F1
Requests: 66 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://corp-internal.com/8a5bb7bbff?l=71 Page URL
http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0... Page URL

Detected technologies

Apache Traffic Server (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /ATS\/?([\d.]+)?/i

BugSnag (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /bugsnag.*\.js/i
env /^BugSnag$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js/i
env /^jQuery$/i

Page Statistics

66
Requests

0 %
HTTPS

44 %
IPv6

7
Domains

8
Subdomains

9
IPs

2
Countries

402 kB
Transfer

583 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://corp-internal.com/8a5bb7bbff?l=71 Page URL
http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 29

http://www.google-analytics.com/r/collect?v=1&_v=j68&a=2138413731&t=pageview&_s=1&dl=http%3A%2F%2Fcorp-internal.com%2F8a5bb7bbff%3Fl%3D71&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=484080105&gjid=584059021&cid=424541225.1529357090&tid=UA-83403-17&_gid=1951163777.1529357090&_r=1&z=1159397132 HTTP 307
https://www.google-analytics.com/r/collect?v=1&_v=j68&a=2138413731&t=pageview&_s=1&dl=http%3A%2F%2Fcorp-internal.com%2F8a5bb7bbff%3Fl%3D71&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=484080105&gjid=584059021&cid=424541225.1529357090&tid=UA-83403-17&_gid=1951163777.1529357090&_r=1&z=1159397132 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-83403-17&cid=424541225.1529357090&jid=484080105&_gid=1951163777.1529357090&gjid=584059021&_v=j68&z=1159397132

Request Chain 30

http://www.google-analytics.com/collect?v=1&_v=j68&a=2138413731&t=pageview&_s=2&dl=http%3A%2F%2Fcorp-internal.com%2F8a5bb7bbff%3Fl%3D71&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=&gjid=&cid=424541225.1529357090&uid=8a5bb7bbff&tid=UA-83403-17&_gid=1951163777.1529357090&z=1597252176 HTTP 307
https://www.google-analytics.com/collect?v=1&_v=j68&a=2138413731&t=pageview&_s=2&dl=http%3A%2F%2Fcorp-internal.com%2F8a5bb7bbff%3Fl%3D71&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=&gjid=&cid=424541225.1529357090&uid=8a5bb7bbff&tid=UA-83403-17&_gid=1951163777.1529357090&z=1597252176

Request Chain 38

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 63

http://www.google-analytics.com/collect?v=1&_v=j68&a=596755441&t=pageview&_s=1&dl=http%3A%2F%2Fcorp-internal.com%2Fload_training%3Fguid%3D8a5bb7bbff%26correlation_id%3Dda1c3fb7-a486-400f-b2c8-a073df0adcbd&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=AACAAEAB~&jid=&gjid=&cid=424541225.1529357090&tid=UA-83403-17&_gid=1951163777.1529357090&z=1080253802 HTTP 307
https://www.google-analytics.com/collect?v=1&_v=j68&a=596755441&t=pageview&_s=1&dl=http%3A%2F%2Fcorp-internal.com%2Fload_training%3Fguid%3D8a5bb7bbff%26correlation_id%3Dda1c3fb7-a486-400f-b2c8-a073df0adcbd&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=AACAAEAB~&jid=&gjid=&cid=424541225.1529357090&tid=UA-83403-17&_gid=1951163777.1529357090&z=1080253802

Request Chain 64

http://www.google-analytics.com/collect?v=1&_v=j68&a=596755441&t=pageview&_s=2&dl=http%3A%2F%2Fcorp-internal.com%2Fload_training%3Fguid%3D8a5bb7bbff%26correlation_id%3Dda1c3fb7-a486-400f-b2c8-a073df0adcbd&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAEAB~&jid=&gjid=&cid=424541225.1529357090&tid=UA-83403-17&_gid=1951163777.1529357090&z=2082477458 HTTP 307
https://www.google-analytics.com/collect?v=1&_v=j68&a=596755441&t=pageview&_s=2&dl=http%3A%2F%2Fcorp-internal.com%2Fload_training%3Fguid%3D8a5bb7bbff%26correlation_id%3Dda1c3fb7-a486-400f-b2c8-a073df0adcbd&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAEAB~&jid=&gjid=&cid=424541225.1529357090&tid=UA-83403-17&_gid=1951163777.1529357090&z=2082477458

66 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set 8a5bb7bbff Show response
corp-internal.com/ 3 KB
2 KB 209ms
112ms Document
text/html 52.7.156.29
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://corp-internal.com/8a5bb7bbff?l=71
Protocol: HTTP/1.1
Server: 52.7.156.29 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-7-156-29.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: 5a2daf00fa1c94dd645199883beb1b033df62aed77589663a37bb10edf1b066b

Request headers

Host: corp-internal.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 8EC0356D4DBCC89D2C514C80550139F1

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 18 Jun 2018 21:24:49 GMT
ETag: W/"491d76ea6af664ee268545fc3cfd34b8"
Server: ThreatSim-Web-Server
Set-Cookie: EXFILGUID=8a5bb7bbff; path=/ link_clicked_8a5bb7bbff=1; path=/
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-03325ecf4818a6139 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: 23afa632022636eca351fa8850058b95
X-Runtime: 0.013504
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 917
Connection: keep-alive

GET
H/1.1 200
OK Cookie set alt_pixel_click_8a5bb7bbff.gif
corp-internal.com/ 1 B
680 B 201ms
103ms Image
image/gif 52.7.156.29
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://corp-internal.com:49152/alt_pixel_click_8a5bb7bbff.gif?correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/8a5bb7bbff?l=71
Protocol: HTTP/1.1
Server: 52.7.156.29 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-7-156-29.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com:49152
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://corp-internal.com/8a5bb7bbff?l=71
Cookie: EXFILGUID=8a5bb7bbff; link_clicked_8a5bb7bbff=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/8a5bb7bbff?l=71
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Mon, 18 Jun 2018 21:24:49 GMT
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 21
X-Request-Id: 40a6f9ee59f3fedff17cfd94b6e46ad2
X-UA-Compatible: IE=Edge,chrome=1
X-Runtime: 0.004127
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03dc482c0d4393748 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: image/gif; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Set-Cookie: EXFILGUID=8a5bb7bbff; path=/ link_clicked_8a5bb7bbff=2; path=/
X-Rack-Cache: miss

GET
H/1.1 200
OK plugin_detect.js Show response
tslp.s3.amazonaws.com/detect/ 49 KB
49 KB 717ms
112ms Script
text/javascript 54.231.49.186
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/8a5bb7bbff?l=71
Protocol: HTTP/1.1
Server: 54.231.49.186 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a

Request headers

Referer: http://corp-internal.com/8a5bb7bbff?l=71
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Mon, 18 Jun 2018 21:24:50 GMT
Last-Modified: Wed, 15 Feb 2017 17:56:07 GMT
Server: AmazonS3
x-amz-request-id: FF43A8DC53BB4CAE
ETag: "00a513f07603df01e3b99be00f370754"
Content-Type: text/javascript
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 50085
x-amz-id-2: c7F82uHH7aQE1OqiTNFLgo6O0uMR2bCwmpNb6ggxG2m/9CcWgTduCg/yw2OeluwBx7duJbXHw40=

GET
H/1.1 200
OK bugsnag-2.min.js Show response
d2wy8f7a9ursnm.cloudfront.net/ 6 KB
3 KB 26ms
13ms Script
application/javascript 52.85.245.243
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/8a5bb7bbff?l=71
Protocol: HTTP/1.1
Server: 52.85.245.243 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-85-245-243.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc

Request headers

Referer: http://corp-internal.com/8a5bb7bbff?l=71
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Fri, 09 Jun 2017 01:26:50 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Aug 2016 00:30:49 GMT
Server: AmazonS3
Age: 78167
ETag: "6103bb5e4ec6141e19e1100caafc780c"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 fb052932e5bf47ec8b8134cdf6f47729.cloudfront.net (CloudFront)
Cache-Control: public, max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2962
X-Amz-Cf-Id: ELTfAMt8XjNwXzA2wB-XExgF5FhwrpPE5LhfixJ28zduVoz-buTDlw==

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ 90 KB
33 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:820::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

Requested by

Host: corp-internal.com
URL: http://corp-internal.com/8a5bb7bbff?l=71

Protocol

HTTP/1.1

Server

2a00:1450:4001:820::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://corp-internal.com/8a5bb7bbff?l=71
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 09 May 2018 15:54:47 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
Server: sffe
Age: 3475802
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 33018
X-XSS-Protection: 1; mode=block
Expires: Thu, 09 May 2019 15:54:47 GMT

GET
H/1.1 200
OK google-tracking.js Show response
corp-internal.com/assets/ 455 B
707 B 99ms
98ms Script
application/javascript 52.7.156.29
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://corp-internal.com/assets/google-tracking.js?g=8a5bb7bbff
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/8a5bb7bbff?l=71
Protocol: HTTP/1.1
Server: 52.7.156.29 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-7-156-29.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: fce517e48a56b76d45fd456264b90c82aa6e9ddb578f9f36d844ace5816d9841

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: */*
Referer: http://corp-internal.com/8a5bb7bbff?l=71
Cookie: EXFILGUID=8a5bb7bbff; link_clicked_8a5bb7bbff=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/8a5bb7bbff?l=71
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Mon, 18 Jun 2018 21:24:49 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 May 2018 18:26:37 GMT
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000 public
Connection: keep-alive
Content-Length: 316
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK all.js Show response
corp-internal.com/assets/ 28 KB
7 KB 196ms
97ms Script
application/javascript 52.7.156.29
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://corp-internal.com/assets/all.js?g=8a5bb7bbff
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/8a5bb7bbff?l=71
Protocol: HTTP/1.1
Server: 52.7.156.29 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-7-156-29.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: bae06f323013a94b766da34246d6439db4b57a1144e7b4f4c6a18848eb7a4cf8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: */*
Referer: http://corp-internal.com/8a5bb7bbff?l=71
Cookie: EXFILGUID=8a5bb7bbff; link_clicked_8a5bb7bbff=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/8a5bb7bbff?l=71
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Mon, 18 Jun 2018 21:24:49 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 May 2018 18:26:37 GMT
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000 public
Connection: keep-alive
Content-Length: 7149
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
S

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

34 KB
14 KB

6ms
5ms

Script
text/javascript

2a00:1450:4001:817::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: corp-internal.com
URL: http://corp-internal.com/8a5bb7bbff?l=71

Protocol

SPDY

Server

2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://corp-internal.com/8a5bb7bbff?l=71
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 18 May 2018 01:10:24 GMT
server: Golfe2
age: 2505
date: Mon, 18 Jun 2018 20:43:05 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 14386
expires: Mon, 18 Jun 2018 22:43:05 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

POST
H/1.1 200
OK browser_post Show response
dataentry.threatsim.com/secure/ 1 B
603 B 757ms
110ms XHR
image/gif 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://dataentry.threatsim.com/secure/browser_post
Requested by: Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Accept: */*
Referer: http://corp-internal.com/8a5bb7bbff?l=71
Origin: http://corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

X-Runtime: 0.008306
Date: Mon, 18 Jun 2018 21:24:50 GMT
Content-Encoding: gzip
X-Rack-Cache: invalidate, pass
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03325ecf4818a6139, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: image/gif; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: 6ad28e70a406921efd9ca16e256e66ec
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 707ms
96ms Image
text/html 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=8a5bb7bbff&msg=BrowserDetect%20-%20localStorage%20%3D%20false&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/8a5bb7bbff?l=71
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://corp-internal.com/8a5bb7bbff?l=71
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002834
Date: Mon, 18 Jun 2018 21:24:50 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03325ecf4818a6139, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: b1017b35e05a268304a9403c553f4fd7
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 706ms
95ms Image
text/html 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=8a5bb7bbff&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/8a5bb7bbff?l=71
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://corp-internal.com/8a5bb7bbff?l=71
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002375
Date: Mon, 18 Jun 2018 21:24:50 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03dc482c0d4393748, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: 61d67c0262aab1d216b5a3d35d821a7c
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 726ms
101ms Image
text/html 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=8a5bb7bbff&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/8a5bb7bbff?l=71
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://corp-internal.com/8a5bb7bbff?l=71
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002034
Date: Mon, 18 Jun 2018 21:24:50 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-09dd8c20349e9ee04, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: 710824abff62885b125bafc7b8cf21f4
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 745ms
104ms Image
text/html 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=8a5bb7bbff&msg=BrowserDetect%20-%20browser%20%3D%20Chrome&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/8a5bb7bbff?l=71
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://corp-internal.com/8a5bb7bbff?l=71
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002385
Date: Mon, 18 Jun 2018 21:24:50 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0059ce99ab1ef5e53, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: c3b3d1676880165407d7578ac01b5553
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 746ms
104ms Image
text/html 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=8a5bb7bbff&msg=BrowserDetect%20-%20browser_version%20%3D%2066&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/8a5bb7bbff?l=71
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://corp-internal.com/8a5bb7bbff?l=71
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002155
Date: Mon, 18 Jun 2018 21:24:50 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03dc482c0d4393748, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: d1641864b6ef1c0a31b44cbc81338e06
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 95ms
95ms Image
text/html 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=8a5bb7bbff&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/8a5bb7bbff?l=71
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://corp-internal.com/8a5bb7bbff?l=71
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.001957
Date: Mon, 18 Jun 2018 21:24:50 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-09dd8c20349e9ee04, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: 0c95f709a0138d4220c15ec9f0ba1080
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 95ms
95ms Image
text/html 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=8a5bb7bbff&msg=BrowserDetect%20-%20os_version%20%3D%20&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/8a5bb7bbff?l=71
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://corp-internal.com/8a5bb7bbff?l=71
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002126
Date: Mon, 18 Jun 2018 21:24:50 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0059ce99ab1ef5e53, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: b07dd450d8e8f0f3ddce02931ee12920
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 104ms
104ms Image
text/html 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=8a5bb7bbff&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/8a5bb7bbff?l=71
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://corp-internal.com/8a5bb7bbff?l=71
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.004653
Date: Mon, 18 Jun 2018 21:24:50 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03dc482c0d4393748, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: fb765d35e3682b860458135c6d2c8a5c
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 116ms
115ms Image
text/html 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=8a5bb7bbff&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/8a5bb7bbff?l=71
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://corp-internal.com/8a5bb7bbff?l=71
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.001955
Date: Mon, 18 Jun 2018 21:24:50 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03325ecf4818a6139, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: 87deabb2c5656c22d3d16cca66695df6
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 115ms
115ms Image
text/html 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=8a5bb7bbff&msg=BrowserDetect%20-%20width%20%3D%201600&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/8a5bb7bbff?l=71
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://corp-internal.com/8a5bb7bbff?l=71
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.001982
Date: Mon, 18 Jun 2018 21:24:50 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-09dd8c20349e9ee04, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: b90e4bd9138bbc6f7d3ebd913291efb2
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 146ms
96ms Image
text/html 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=8a5bb7bbff&msg=BrowserDetect%20-%20height%20%3D%201200&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/8a5bb7bbff?l=71
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://corp-internal.com/8a5bb7bbff?l=71
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002467
Date: Mon, 18 Jun 2018 21:24:51 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0059ce99ab1ef5e53, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: 40a267f0e8a9b20f8b609fbfeb103c3f
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 97ms
96ms Image
text/html 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=8a5bb7bbff&msg=Chrome%20browser%2C%20using%20more%20detailed%20version&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/8a5bb7bbff?l=71
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://corp-internal.com/8a5bb7bbff?l=71
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002235
Date: Mon, 18 Jun 2018 21:24:51 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03dc482c0d4393748, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: 80967d4a4250309c91d165efa888b557
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 129ms
101ms Image
text/html 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=8a5bb7bbff&msg=Skipping%20java%20detection&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/8a5bb7bbff?l=71
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://corp-internal.com/8a5bb7bbff?l=71
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002005
Date: Mon, 18 Jun 2018 21:24:51 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03325ecf4818a6139, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: c74980ce9a167a16f7996a5bb092c52e
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 140ms
109ms Image
text/html 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=8a5bb7bbff&msg=Skipping%20flash%20detection&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/8a5bb7bbff?l=71
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://corp-internal.com/8a5bb7bbff?l=71
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.001991
Date: Mon, 18 Jun 2018 21:24:51 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-09dd8c20349e9ee04, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: 0459650f379ac0b681a58c17f1d6a1f3
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 110ms
110ms Image
text/html 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=8a5bb7bbff&msg=Skipping%20pdf%20detection&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/8a5bb7bbff?l=71
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://corp-internal.com/8a5bb7bbff?l=71
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002581
Date: Mon, 18 Jun 2018 21:24:51 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0059ce99ab1ef5e53, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: fafcf134913625e900fc776dfd9c5ad1
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 134ms
95ms Image
text/html 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=8a5bb7bbff&msg=Skipping%20quicktime%20detection&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/8a5bb7bbff?l=71
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash

Request headers

Referer: http://corp-internal.com/8a5bb7bbff?l=71
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002099
Date: Mon, 18 Jun 2018 21:24:51 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03dc482c0d4393748, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: 3739194e16315b28c152e387abe7d635
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 96ms
95ms Image
text/html 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=8a5bb7bbff&msg=Skipping%20RealPlayer%20detection&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/8a5bb7bbff?l=71
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash

Request headers

Referer: http://corp-internal.com/8a5bb7bbff?l=71
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002081
Date: Mon, 18 Jun 2018 21:24:51 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03325ecf4818a6139, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: 1811d4e98f559810848eb87a4c0a99a3
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 134ms
103ms Image
text/html 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=8a5bb7bbff&msg=Skipping%20Silverlight%20detection&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/8a5bb7bbff?l=71
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash

Request headers

Referer: http://corp-internal.com/8a5bb7bbff?l=71
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002430
Date: Mon, 18 Jun 2018 21:24:51 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-09dd8c20349e9ee04, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: eec8d13a71dbbd4a06815c4867c4ff45
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 117ms
101ms Image
text/html 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=8a5bb7bbff&msg=Skipping%20WindowsMediaPlayer%20detection&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/8a5bb7bbff?l=71
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash

Request headers

Referer: http://corp-internal.com/8a5bb7bbff?l=71
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002387
Date: Mon, 18 Jun 2018 21:24:51 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0059ce99ab1ef5e53, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: 3dd5425d4480c7f4177526001c8bb372
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 104ms
104ms Image
text/html 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=8a5bb7bbff&msg=redirecting%20to%20%2Fload_training%3Fguid%3D8a5bb7bbff%26correlation_id%3Dda1c3fb7-a486-400f-b2c8-a073df0adcbd&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/8a5bb7bbff?l=71
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash

Request headers

Referer: http://corp-internal.com/8a5bb7bbff?l=71
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002125
Date: Mon, 18 Jun 2018 21:24:51 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03dc482c0d4393748, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: 84051051a227ad477bc16bd10373bb8f
X-UA-Compatible: IE=Edge,chrome=1

GET
S

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

http://www.google-analytics.com/r/collect?v=1&_v=j68&a=2138413731&t=pageview&_s=1&dl=http%3A%2F%2Fcorp-internal.com%2F8a5bb7bbff%3Fl%3D71&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&...
https://www.google-analytics.com/r/collect?v=1&_v=j68&a=2138413731&t=pageview&_s=1&dl=http%3A%2F%2Fcorp-internal.com%2F8a5bb7bbff%3Fl%3D71&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-83403-17&cid=424541225.1529357090&jid=484080105&_gid=1951163777.1529357090&gjid=584059021&_v=j68&z=1159397132

35 B
102 B

15ms
15ms

Image
image/gif

2a00:1450:400c:c0a::9c
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-83403-17&cid=424541225.1529357090&jid=484080105&_gid=1951163777.1529357090&gjid=584059021&_v=j68&z=1159397132

Requested by

Host: corp-internal.com
URL: http://corp-internal.com/8a5bb7bbff?l=71

Protocol

SPDY

Server

2a00:1450:400c:c0a::9c , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://corp-internal.com/8a5bb7bbff?l=71
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 18 Jun 2018 21:24:50 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 18 Jun 2018 21:24:50 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 302
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-83403-17&cid=424541225.1529357090&jid=484080105&_gid=1951163777.1529357090&gjid=584059021&_v=j68&z=1159397132
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 415
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S

200

collect
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/collect?v=1&_v=j68&a=2138413731&t=pageview&_s=2&dl=http%3A%2F%2Fcorp-internal.com%2F8a5bb7bbff%3Fl%3D71&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u...
https://www.google-analytics.com/collect?v=1&_v=j68&a=2138413731&t=pageview&_s=2&dl=http%3A%2F%2Fcorp-internal.com%2F8a5bb7bbff%3Fl%3D71&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_...

35 B
109 B

6ms
6ms

Image
image/gif

2a00:1450:4001:817::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j68&a=2138413731&t=pageview&_s=2&dl=http%3A%2F%2Fcorp-internal.com%2F8a5bb7bbff%3Fl%3D71&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=&gjid=&cid=424541225.1529357090&uid=8a5bb7bbff&tid=UA-83403-17&_gid=1951163777.1529357090&z=1597252176

Requested by

Host: corp-internal.com
URL: http://corp-internal.com/8a5bb7bbff?l=71

Protocol

SPDY

Server

2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://corp-internal.com/8a5bb7bbff?l=71
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jun 2018 13:11:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1239171
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/collect?v=1&_v=j68&a=2138413731&t=pageview&_s=2&dl=http%3A%2F%2Fcorp-internal.com%2F8a5bb7bbff%3Fl%3D71&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=&gjid=&cid=424541225.1529357090&uid=8a5bb7bbff&tid=UA-83403-17&_gid=1951163777.1529357090&z=1597252176
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 103ms
103ms Image
text/html 34.224.159.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=8a5bb7bbff&msg=browser_post_successful&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/8a5bb7bbff?l=71
Protocol: HTTP/1.1
Server: 34.224.159.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-224-159-233.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash

Request headers

Referer: http://corp-internal.com/8a5bb7bbff?l=71
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.001738
Date: Mon, 18 Jun 2018 21:24:51 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03325ecf4818a6139, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: 4ce7df19a1bf5986bb772ae980a5e3b4
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK Primary Request load_training Show response
corp-internal.com/ 3 KB
2 KB 111ms
110ms Document
text/html 52.7.156.29
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/assets/all.js?g=8a5bb7bbff
Protocol: HTTP/1.1
Server: 52.7.156.29 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-7-156-29.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: bc304c4cc6f5f41c323728bede77664d6afec9f4c8f44b87f61ef3a45ffd274e

Request headers

Host: corp-internal.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://corp-internal.com/8a5bb7bbff?l=71
Accept-Encoding: gzip, deflate
Cookie: EXFILGUID=8a5bb7bbff; link_clicked_8a5bb7bbff=2; _ga=GA1.2.424541225.1529357090; _gid=GA1.2.1951163777.1529357090; _gat=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 8EC0356D4DBCC89D2C514C80550139F1
Referer: http://corp-internal.com/8a5bb7bbff?l=71

Response headers

Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 18 Jun 2018 21:24:51 GMT
ETag: W/"e377bda1bdef32831a02e32594cfff22"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-03325ecf4818a6139 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: 513bd628ad5e392d4b6849ad1e7618dc
X-Runtime: 0.011357
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 1035
Connection: keep-alive

GET
H/1.1 200
OK bugsnag-2.min.js Show response
d2wy8f7a9ursnm.cloudfront.net/ 6 KB
3 KB 14ms
13ms Script
application/javascript 52.85.245.243
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Protocol: HTTP/1.1
Server: 52.85.245.243 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-85-245-243.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc

Request headers

Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Thu, 09 Feb 2017 14:55:31 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Aug 2016 00:30:49 GMT
Server: AmazonS3
Age: 78169
ETag: "6103bb5e4ec6141e19e1100caafc780c"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 fb052932e5bf47ec8b8134cdf6f47729.cloudfront.net (CloudFront)
Cache-Control: public, max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2962
X-Amz-Cf-Id: nVmVXedA6hAJMQ0mbkFQEsnavq8evrveQxCA2JMAfQoULsfLo8Wj1Q==

GET
S 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 94 KB
33 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Requested by

Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd

Protocol

SPDY

Server

2a00:1450:4001:810::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 09 May 2018 20:53:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3457870
status: 200
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 33576
x-xss-protection: 1; mode=block
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 May 2019 20:53:41 GMT

GET
H/1.1 200
OK plugin_detect.js Show response
tslp.s3.amazonaws.com/detect/ 49 KB
49 KB 108ms
108ms Script
text/javascript 54.231.49.186
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Protocol: HTTP/1.1
Server: 54.231.49.186 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a

Request headers

Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Mon, 18 Jun 2018 21:24:52 GMT
Last-Modified: Wed, 15 Feb 2017 17:56:07 GMT
Server: AmazonS3
x-amz-request-id: 91223990169B1772
ETag: "00a513f07603df01e3b99be00f370754"
Content-Type: text/javascript
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 50085
x-amz-id-2: yw/Qz1mHD1JnpMEwiWQ0LqkJ+zeIZOhs/lU7Dzr2Ze9XuahIKpipoCHUjyB3Cth/WoId4QKBaqE=

GET
H/1.1 200
OK attachment-link-6b3f15.PNG
ts-uploads.s3.amazonaws.com/training/production/1529/ 156 KB
156 KB 733ms
145ms Image
image/png 54.231.72.107
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ts-uploads.s3.amazonaws.com/training/production/1529/attachment-link-6b3f15.PNG
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Protocol: HTTP/1.1
Server: 54.231.72.107 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 155189205fb0f3f2b814039179ba67b3d8cedb9e5e6de92af955c5283f6e8aab

Request headers

Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Mon, 18 Jun 2018 21:24:53 GMT
Last-Modified: Tue, 18 Oct 2016 21:09:35 GMT
Server: AmazonS3
x-amz-request-id: 3DC7C943D6303AB2
ETag: "84baa2e6d108747a6ff7aa0e7fd4696d"
Content-Type: image/png
x-amz-version-id: 6GXQwDfCV00W63MOvcZrTVV5tseVk_BJ
Accept-Ranges: bytes
Content-Length: 159418
x-amz-id-2: eS1+dPRgdTyeRVKsVi6gXAYLydjG2/iox+VxEQGLedt23u8Ft9T7TlQltar/617ps4BBooOKfnE=

GET
H/1.1 200
OK google-tracking.js Show response
corp-internal.com/assets/ 455 B
707 B 98ms
97ms Script
application/javascript 52.7.156.29
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://corp-internal.com/assets/google-tracking.js?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Protocol: HTTP/1.1
Server: 52.7.156.29 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-7-156-29.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: fce517e48a56b76d45fd456264b90c82aa6e9ddb578f9f36d844ace5816d9841

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: */*
Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Cookie: EXFILGUID=8a5bb7bbff; link_clicked_8a5bb7bbff=2; _ga=GA1.2.424541225.1529357090; _gid=GA1.2.1951163777.1529357090; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Mon, 18 Jun 2018 21:24:51 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 May 2018 18:26:37 GMT
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000 public
Connection: keep-alive
Content-Length: 316
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK all.js Show response
corp-internal.com/assets/ 28 KB
7 KB 98ms
98ms Script
application/javascript 52.7.156.29
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://corp-internal.com/assets/all.js?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Protocol: HTTP/1.1
Server: 52.7.156.29 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-7-156-29.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: bae06f323013a94b766da34246d6439db4b57a1144e7b4f4c6a18848eb7a4cf8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: */*
Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Cookie: EXFILGUID=8a5bb7bbff; link_clicked_8a5bb7bbff=2; _ga=GA1.2.424541225.1529357090; _gid=GA1.2.1951163777.1529357090; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Mon, 18 Jun 2018 21:24:51 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 May 2018 18:26:37 GMT
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000 public
Connection: keep-alive
Content-Length: 7149
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
S

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

34 KB
14 KB

8ms
7ms

Script
text/javascript

2a00:1450:4001:817::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd

Protocol

SPDY

Server

2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 18 May 2018 01:10:24 GMT
server: Golfe2
age: 2506
date: Mon, 18 Jun 2018 20:43:05 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 14386
expires: Mon, 18 Jun 2018 22:43:05 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK trace
corp-internal.com/ 1 B
591 B 102ms
101ms Image
text/html 52.7.156.29
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://corp-internal.com/trace?id=undefined&msg=window.tracking_id%20is%20not%20set%2C%20let%27s%20get%20it&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Protocol: HTTP/1.1
Server: 52.7.156.29 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-7-156-29.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Cookie: EXFILGUID=8a5bb7bbff; link_clicked_8a5bb7bbff=2; _ga=GA1.2.424541225.1529357090; _gid=GA1.2.1951163777.1529357090; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002387
Date: Mon, 18 Jun 2018 21:24:51 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03dc482c0d4393748 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: 8482d533369cf015966c3383bd230eef
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
corp-internal.com/ 1 B
591 B 111ms
110ms Image
text/html 52.7.156.29
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://corp-internal.com/trace?id=unknown&msg=get-id%20is%20undefined&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Protocol: HTTP/1.1
Server: 52.7.156.29 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-7-156-29.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Cookie: EXFILGUID=8a5bb7bbff; link_clicked_8a5bb7bbff=2; _ga=GA1.2.424541225.1529357090; _gid=GA1.2.1951163777.1529357090; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002490
Date: Mon, 18 Jun 2018 21:24:51 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-09dd8c20349e9ee04 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: 09b0607475e2a51702ca1e3b0b45febe
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
corp-internal.com/ 1 B
591 B 203ms
101ms Image
text/html 52.7.156.29
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://corp-internal.com/trace?id=unknown&msg=did%20not%20find%20guid%20in%20last%20part%20of%20location&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Protocol: HTTP/1.1
Server: 52.7.156.29 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-7-156-29.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Cookie: EXFILGUID=8a5bb7bbff; link_clicked_8a5bb7bbff=2; _ga=GA1.2.424541225.1529357090; _gid=GA1.2.1951163777.1529357090; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002239
Date: Mon, 18 Jun 2018 21:24:51 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03dc482c0d4393748 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: 99bc9ee1859e230f64d8d6fec93a79f5
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
corp-internal.com/ 1 B
591 B 202ms
103ms Image
text/html 52.7.156.29
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://corp-internal.com/trace?id=8a5bb7bbff&msg=BrowserDetect%20-%20localStorage%20%3D%20false&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Protocol: HTTP/1.1
Server: 52.7.156.29 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-7-156-29.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Cookie: EXFILGUID=8a5bb7bbff; link_clicked_8a5bb7bbff=2; _ga=GA1.2.424541225.1529357090; _gid=GA1.2.1951163777.1529357090; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002365
Date: Mon, 18 Jun 2018 21:24:51 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-09dd8c20349e9ee04 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: 99612050f6edfa6e21ade5c8d3795408
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
corp-internal.com/ 1 B
591 B 206ms
103ms Image
text/html 52.7.156.29
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://corp-internal.com/trace?id=8a5bb7bbff&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Protocol: HTTP/1.1
Server: 52.7.156.29 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-7-156-29.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Cookie: EXFILGUID=8a5bb7bbff; link_clicked_8a5bb7bbff=2; _ga=GA1.2.424541225.1529357090; _gid=GA1.2.1951163777.1529357090; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002290
Date: Mon, 18 Jun 2018 21:24:51 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03325ecf4818a6139 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: a09f6faf555e390a42b1e53240c2a9d1
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
corp-internal.com/ 1 B
591 B 209ms
102ms Image
text/html 52.7.156.29
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://corp-internal.com/trace?id=8a5bb7bbff&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Protocol: HTTP/1.1
Server: 52.7.156.29 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-7-156-29.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Cookie: EXFILGUID=8a5bb7bbff; link_clicked_8a5bb7bbff=2; _ga=GA1.2.424541225.1529357090; _gid=GA1.2.1951163777.1529357090; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.001906
Date: Mon, 18 Jun 2018 21:24:51 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03dc482c0d4393748 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: dd33d87ed2e38c3c732c61678d6eef3c
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
corp-internal.com/ 1 B
591 B 117ms
103ms Image
text/html 52.7.156.29
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://corp-internal.com/trace?id=8a5bb7bbff&msg=BrowserDetect%20-%20browser%20%3D%20Chrome&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Protocol: HTTP/1.1
Server: 52.7.156.29 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-7-156-29.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Cookie: EXFILGUID=8a5bb7bbff; link_clicked_8a5bb7bbff=2; _ga=GA1.2.424541225.1529357090; _gid=GA1.2.1951163777.1529357090; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002277
Date: Mon, 18 Jun 2018 21:24:51 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-09dd8c20349e9ee04 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: 4004f73112975af7dbacf3badd495181
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
corp-internal.com/ 1 B
591 B 108ms
104ms Image
text/html 52.7.156.29
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://corp-internal.com/trace?id=8a5bb7bbff&msg=BrowserDetect%20-%20browser_version%20%3D%2066&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Protocol: HTTP/1.1
Server: 52.7.156.29 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-7-156-29.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Cookie: EXFILGUID=8a5bb7bbff; link_clicked_8a5bb7bbff=2; _ga=GA1.2.424541225.1529357090; _gid=GA1.2.1951163777.1529357090; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002416
Date: Mon, 18 Jun 2018 21:24:51 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0059ce99ab1ef5e53 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: ae52f6262b75cd8f3e400ca495de0746
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
corp-internal.com/ 1 B
591 B 102ms
101ms Image
text/html 52.7.156.29
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://corp-internal.com/trace?id=8a5bb7bbff&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Protocol: HTTP/1.1
Server: 52.7.156.29 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-7-156-29.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Cookie: EXFILGUID=8a5bb7bbff; link_clicked_8a5bb7bbff=2; _ga=GA1.2.424541225.1529357090; _gid=GA1.2.1951163777.1529357090; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002123
Date: Mon, 18 Jun 2018 21:24:51 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-09dd8c20349e9ee04 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: c220d90c8a4bd1306fd83ffbc881eaed
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
corp-internal.com/ 1 B
591 B 106ms
106ms Image
text/html 52.7.156.29
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://corp-internal.com/trace?id=8a5bb7bbff&msg=BrowserDetect%20-%20os_version%20%3D%20&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Protocol: HTTP/1.1
Server: 52.7.156.29 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-7-156-29.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Cookie: EXFILGUID=8a5bb7bbff; link_clicked_8a5bb7bbff=2; _ga=GA1.2.424541225.1529357090; _gid=GA1.2.1951163777.1529357090; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002395
Date: Mon, 18 Jun 2018 21:24:51 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03dc482c0d4393748 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: fdaa7d0781f6b2f9a60c233a715416d4
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
corp-internal.com/ 1 B
591 B 106ms
106ms Image
text/html 52.7.156.29
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://corp-internal.com/trace?id=8a5bb7bbff&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Protocol: HTTP/1.1
Server: 52.7.156.29 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-7-156-29.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Cookie: EXFILGUID=8a5bb7bbff; link_clicked_8a5bb7bbff=2; _ga=GA1.2.424541225.1529357090; _gid=GA1.2.1951163777.1529357090; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002463
Date: Mon, 18 Jun 2018 21:24:51 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03325ecf4818a6139 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: 39c575b353f017d2b9d488e66fb02bbe
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
corp-internal.com/ 1 B
591 B 108ms
105ms Image
text/html 52.7.156.29
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://corp-internal.com/trace?id=8a5bb7bbff&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Protocol: HTTP/1.1
Server: 52.7.156.29 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-7-156-29.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Cookie: EXFILGUID=8a5bb7bbff; link_clicked_8a5bb7bbff=2; _ga=GA1.2.424541225.1529357090; _gid=GA1.2.1951163777.1529357090; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002279
Date: Mon, 18 Jun 2018 21:24:51 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0059ce99ab1ef5e53 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: b9d6bd343d91bdad20bcf0ab45ee4d0e
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
corp-internal.com/ 1 B
591 B 106ms
105ms Image
text/html 52.7.156.29
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://corp-internal.com/trace?id=8a5bb7bbff&msg=BrowserDetect%20-%20width%20%3D%201600&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Protocol: HTTP/1.1
Server: 52.7.156.29 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-7-156-29.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Cookie: EXFILGUID=8a5bb7bbff; link_clicked_8a5bb7bbff=2; _ga=GA1.2.424541225.1529357090; _gid=GA1.2.1951163777.1529357090; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.001823
Date: Mon, 18 Jun 2018 21:24:51 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-09dd8c20349e9ee04 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: b3ef9e246968e03597ba2e84f3e30e7a
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
corp-internal.com/ 1 B
591 B 105ms
104ms Image
text/html 52.7.156.29
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://corp-internal.com/trace?id=8a5bb7bbff&msg=BrowserDetect%20-%20height%20%3D%201200&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Protocol: HTTP/1.1
Server: 52.7.156.29 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-7-156-29.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Cookie: EXFILGUID=8a5bb7bbff; link_clicked_8a5bb7bbff=2; _ga=GA1.2.424541225.1529357090; _gid=GA1.2.1951163777.1529357090; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.001795
Date: Mon, 18 Jun 2018 21:24:51 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03dc482c0d4393748 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: 5253cc2b0802aa978224de37a03d387e
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
corp-internal.com/ 1 B
591 B 102ms
101ms Image
text/html 52.7.156.29
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://corp-internal.com/trace?id=8a5bb7bbff&msg=Chrome%20browser%2C%20using%20more%20detailed%20version&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Protocol: HTTP/1.1
Server: 52.7.156.29 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-7-156-29.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Cookie: EXFILGUID=8a5bb7bbff; link_clicked_8a5bb7bbff=2; _ga=GA1.2.424541225.1529357090; _gid=GA1.2.1951163777.1529357090; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002145
Date: Mon, 18 Jun 2018 21:24:51 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03325ecf4818a6139 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: 7473e8782872b39fc80c954a46b6bb92
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
corp-internal.com/ 1 B
591 B 106ms
106ms Image
text/html 52.7.156.29
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://corp-internal.com/trace?id=8a5bb7bbff&msg=Skipping%20java%20detection&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Protocol: HTTP/1.1
Server: 52.7.156.29 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-7-156-29.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Cookie: EXFILGUID=8a5bb7bbff; link_clicked_8a5bb7bbff=2; _ga=GA1.2.424541225.1529357090; _gid=GA1.2.1951163777.1529357090; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002347
Date: Mon, 18 Jun 2018 21:24:51 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0059ce99ab1ef5e53 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: fb0667734f181c3e34c6e788d7196a82
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
corp-internal.com/ 1 B
591 B 105ms
104ms Image
text/html 52.7.156.29
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://corp-internal.com/trace?id=8a5bb7bbff&msg=Skipping%20flash%20detection&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Protocol: HTTP/1.1
Server: 52.7.156.29 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-7-156-29.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Cookie: EXFILGUID=8a5bb7bbff; link_clicked_8a5bb7bbff=2; _ga=GA1.2.424541225.1529357090; _gid=GA1.2.1951163777.1529357090; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.001741
Date: Mon, 18 Jun 2018 21:24:51 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0059ce99ab1ef5e53 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: 9645c639682dc58b7306de6df9b02ea3
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
corp-internal.com/ 1 B
591 B 105ms
104ms Image
text/html 52.7.156.29
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://corp-internal.com/trace?id=8a5bb7bbff&msg=Skipping%20pdf%20detection&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Protocol: HTTP/1.1
Server: 52.7.156.29 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-7-156-29.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Cookie: EXFILGUID=8a5bb7bbff; link_clicked_8a5bb7bbff=2; _ga=GA1.2.424541225.1529357090; _gid=GA1.2.1951163777.1529357090; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.001982
Date: Mon, 18 Jun 2018 21:24:51 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03dc482c0d4393748 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: 3e1f35f23a0adfa89b0800af558b55c5
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
corp-internal.com/ 1 B
591 B 103ms
103ms Image
text/html 52.7.156.29
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://corp-internal.com/trace?id=8a5bb7bbff&msg=Skipping%20quicktime%20detection&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Protocol: HTTP/1.1
Server: 52.7.156.29 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-7-156-29.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Cookie: EXFILGUID=8a5bb7bbff; link_clicked_8a5bb7bbff=2; _ga=GA1.2.424541225.1529357090; _gid=GA1.2.1951163777.1529357090; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.001696
Date: Mon, 18 Jun 2018 21:24:51 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0059ce99ab1ef5e53 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: 6f7f481540562064f59e5b12cc768596
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
corp-internal.com/ 1 B
591 B 105ms
105ms Image
text/html 52.7.156.29
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://corp-internal.com/trace?id=8a5bb7bbff&msg=Skipping%20RealPlayer%20detection&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Protocol: HTTP/1.1
Server: 52.7.156.29 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-7-156-29.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Cookie: EXFILGUID=8a5bb7bbff; link_clicked_8a5bb7bbff=2; _ga=GA1.2.424541225.1529357090; _gid=GA1.2.1951163777.1529357090; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.001779
Date: Mon, 18 Jun 2018 21:24:51 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-09dd8c20349e9ee04 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: 566ea9441c4122085f2af3b58043cb8a
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
corp-internal.com/ 1 B
591 B 102ms
101ms Image
text/html 52.7.156.29
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://corp-internal.com/trace?id=8a5bb7bbff&msg=Skipping%20Silverlight%20detection&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Protocol: HTTP/1.1
Server: 52.7.156.29 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-7-156-29.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Cookie: EXFILGUID=8a5bb7bbff; link_clicked_8a5bb7bbff=2; _ga=GA1.2.424541225.1529357090; _gid=GA1.2.1951163777.1529357090; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002327
Date: Mon, 18 Jun 2018 21:24:51 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03dc482c0d4393748 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: 7164d63af99d685ff4ce735e0afbc785
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
corp-internal.com/ 1 B
591 B 113ms
112ms Image
text/html 52.7.156.29
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://corp-internal.com/trace?id=8a5bb7bbff&msg=Skipping%20WindowsMediaPlayer%20detection&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Protocol: HTTP/1.1
Server: 52.7.156.29 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-7-156-29.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Cookie: EXFILGUID=8a5bb7bbff; link_clicked_8a5bb7bbff=2; _ga=GA1.2.424541225.1529357090; _gid=GA1.2.1951163777.1529357090; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002105
Date: Mon, 18 Jun 2018 21:24:51 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-09dd8c20349e9ee04 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: 4f3c26606f2a2bd06e061bf6c0806731
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
corp-internal.com/ 1 B
591 B 113ms
112ms Image
text/html 52.7.156.29
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://corp-internal.com/trace?id=8a5bb7bbff&msg=training_page_no_browser_post&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Protocol: HTTP/1.1
Server: 52.7.156.29 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-7-156-29.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Cookie: EXFILGUID=8a5bb7bbff; link_clicked_8a5bb7bbff=2; _ga=GA1.2.424541225.1529357090; _gid=GA1.2.1951163777.1529357090; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002285
Date: Mon, 18 Jun 2018 21:24:51 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03325ecf4818a6139 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: de76215306c1229b12c0880d99a4940b
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
corp-internal.com/ 1 B
591 B 113ms
112ms Image
text/html 52.7.156.29
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://corp-internal.com/trace?id=8a5bb7bbff&msg=redirect_url%20is%20undefined&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Protocol: HTTP/1.1
Server: 52.7.156.29 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-7-156-29.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
Cookie: EXFILGUID=8a5bb7bbff; link_clicked_8a5bb7bbff=2; _ga=GA1.2.424541225.1529357090; _gid=GA1.2.1951163777.1529357090; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Runtime: 0.002250
Date: Mon, 18 Jun 2018 21:24:51 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0059ce99ab1ef5e53 ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: c08dee3df0df4ceb884906bc21420afa
X-UA-Compatible: IE=Edge,chrome=1

GET
S

200

collect
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/collect?v=1&_v=j68&a=596755441&t=pageview&_s=1&dl=http%3A%2F%2Fcorp-internal.com%2Fload_training%3Fguid%3D8a5bb7bbff%26correlation_id%3Dda1c3fb7-a486-400f-b2c8-a073d...
https://www.google-analytics.com/collect?v=1&_v=j68&a=596755441&t=pageview&_s=1&dl=http%3A%2F%2Fcorp-internal.com%2Fload_training%3Fguid%3D8a5bb7bbff%26correlation_id%3Dda1c3fb7-a486-400f-b2c8-a073...

35 B
109 B

6ms
5ms

Image
image/gif

2a00:1450:4001:817::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j68&a=596755441&t=pageview&_s=1&dl=http%3A%2F%2Fcorp-internal.com%2Fload_training%3Fguid%3D8a5bb7bbff%26correlation_id%3Dda1c3fb7-a486-400f-b2c8-a073df0adcbd&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=AACAAEAB~&jid=&gjid=&cid=424541225.1529357090&tid=UA-83403-17&_gid=1951163777.1529357090&z=1080253802

Requested by

Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd

Protocol

SPDY

Server

2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jun 2018 13:11:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1239172
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/collect?v=1&_v=j68&a=596755441&t=pageview&_s=1&dl=http%3A%2F%2Fcorp-internal.com%2Fload_training%3Fguid%3D8a5bb7bbff%26correlation_id%3Dda1c3fb7-a486-400f-b2c8-a073df0adcbd&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=AACAAEAB~&jid=&gjid=&cid=424541225.1529357090&tid=UA-83403-17&_gid=1951163777.1529357090&z=1080253802
Non-Authoritative-Reason: HSTS

GET
S

200

collect
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/collect?v=1&_v=j68&a=596755441&t=pageview&_s=2&dl=http%3A%2F%2Fcorp-internal.com%2Fload_training%3Fguid%3D8a5bb7bbff%26correlation_id%3Dda1c3fb7-a486-400f-b2c8-a073d...
https://www.google-analytics.com/collect?v=1&_v=j68&a=596755441&t=pageview&_s=2&dl=http%3A%2F%2Fcorp-internal.com%2Fload_training%3Fguid%3D8a5bb7bbff%26correlation_id%3Dda1c3fb7-a486-400f-b2c8-a073...

35 B
103 B

6ms
6ms

Image
image/gif

2a00:1450:4001:817::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j68&a=596755441&t=pageview&_s=2&dl=http%3A%2F%2Fcorp-internal.com%2Fload_training%3Fguid%3D8a5bb7bbff%26correlation_id%3Dda1c3fb7-a486-400f-b2c8-a073df0adcbd&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAEAB~&jid=&gjid=&cid=424541225.1529357090&tid=UA-83403-17&_gid=1951163777.1529357090&z=2082477458

Requested by

Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd

Protocol

SPDY

Server

2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://corp-internal.com/load_training?guid=8a5bb7bbff&correlation_id=da1c3fb7-a486-400f-b2c8-a073df0adcbd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jun 2018 13:11:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1239172
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/collect?v=1&_v=j68&a=596755441&t=pageview&_s=2&dl=http%3A%2F%2Fcorp-internal.com%2Fload_training%3Fguid%3D8a5bb7bbff%26correlation_id%3Dda1c3fb7-a486-400f-b2c8-a073df0adcbd&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAEAB~&jid=&gjid=&cid=424541225.1529357090&tid=UA-83403-17&_gid=1951163777.1529357090&z=2082477458
Non-Authoritative-Reason: HSTS

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.corp-internal.com/	1970-01-18 16:49:17	Name: _gat Value: 1
.corp-internal.com/	1970-01-18 16:50:43	Name: _gid Value: GA1.2.1951163777.1529357090
.corp-internal.com/	1970-01-19 10:20:29	Name: _ga Value: GA1.2.424541225.1529357090
corp-internal.com/	1969-12-31 23:59:59	Name: link_clicked_8a5bb7bbff Value: 2
corp-internal.com/	1969-12-31 23:59:59	Name: EXFILGUID Value: 8a5bb7bbff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
corp-internal.com
d2wy8f7a9ursnm.cloudfront.net
dataentry.threatsim.com
stats.g.doubleclick.net
ts-uploads.s3.amazonaws.com
tslp.s3.amazonaws.com
www.google-analytics.com
2a00:1450:4001:810::200a
2a00:1450:4001:817::200e
2a00:1450:4001:820::200a
2a00:1450:400c:c0a::9c
34.224.159.233
52.7.156.29
52.85.245.243
54.231.49.186
54.231.72.107
155189205fb0f3f2b814039179ba67b3d8cedb9e5e6de92af955c5283f6e8aab
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a
5a2daf00fa1c94dd645199883beb1b033df62aed77589663a37bb10edf1b066b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
bae06f323013a94b766da34246d6439db4b57a1144e7b4f4c6a18848eb7a4cf8
bc304c4cc6f5f41c323728bede77664d6afec9f4c8f44b87f61ef3a45ffd274e
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fce517e48a56b76d45fd456264b90c82aa6e9ddb578f9f36d844ace5816d9841

corp-internal.com Open in urlscan Pro 52.7.156.29 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

66 Requests

0 %HTTPS

44 %IPv6

7 Domains

8 Subdomains

9 IPs

2 Countries

402 kBTransfer

583 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

corp-internal.com Open in urlscan Pro
52.7.156.29 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

0 %
HTTPS

44 %
IPv6

7
Domains

8
Subdomains

9
IPs

2
Countries

402 kB
Transfer

583 kB
Size

5
Cookies

66 HTTP transactions
0 data transactions