messages.micrasoft-395office.com Open in urlscan Pro
99.80.138.64 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Effective URL:
http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Submission: On September 28 via manual (September 28th 2022, 10:02:25 am UTC) from IN — Scanned from DE

Summary HTTP 107 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 4 countries across 6 domains to perform 107 HTTP transactions. The main IP is 99.80.138.64, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is messages.micrasoft-395office.com.

This is the only time messages.micrasoft-395office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
80	99.80.138.64 99.80.138.64	16509 (AMAZON-02) (AMAZON-02)
18	52.216.79.20 52.216.79.20	16509 (AMAZON-02) (AMAZON-02)
2 2	2a02:26f0:350... 2a02:26f0:3500:58c::196	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:26f0:dc:... 2a02:26f0:dc:183::196	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	52.222.206.51 52.222.206.51	16509 (AMAZON-02) (AMAZON-02)
1	52.92.33.106 52.92.33.106	16509 (AMAZON-02) (AMAZON-02)
1	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
2	162.247.241.2 162.247.241.2	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
107	8

80 99.80.138.64 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

messages.micrasoft-395office.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 52.216.79.20 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

tslp.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:58c::196 (Frankfurt am Main, Germany) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)

java.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:dc:183::196 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

www.java.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.206.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-206-51.fra56.r.cloudfront.net

d2wy8f7a9ursnm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.92.33.106 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1-r-w.amazonaws.com

ts-eu-uploads.s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.241.2 (United States)

ASN23467 (NEWRELIC-AS-1, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
80	micrasoft-395office.com messages.micrasoft-395office.com	159 KB
19	amazonaws.com tslp.s3.amazonaws.com — Cisco Umbrella Rank: 183389 ts-eu-uploads.s3-eu-west-1.amazonaws.com	341 KB
4	java.com 2 redirects java.com — Cisco Umbrella Rank: 32502 www.java.com — Cisco Umbrella Rank: 50892	13 KB
2	nr-data.net bam-cell.nr-data.net — Cisco Umbrella Rank: 1793	2 KB
2	cloudfront.net d2wy8f7a9ursnm.cloudfront.net	7 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 318	18 KB
107	6

	Domain	Requested by
80	messages.micrasoft-395office.com	messages.micrasoft-395office.com
18	tslp.s3.amazonaws.com	messages.micrasoft-395office.com
2	bam-cell.nr-data.net	messages.micrasoft-395office.com
2	d2wy8f7a9ursnm.cloudfront.net	messages.micrasoft-395office.com
2	www.java.com	messages.micrasoft-395office.com
2	java.com	2 redirects
1	js-agent.newrelic.com	messages.micrasoft-395office.com
1	ts-eu-uploads.s3-eu-west-1.amazonaws.com	messages.micrasoft-395office.com
107	8

This site contains no links.

Subject Issuer	Validity	Valid
*.s3.amazonaws.com Amazon	`2021-12-15` - `2022-12-03`	a year	crt.sh
*.s3-eu-west-1.amazonaws.com Amazon	`2021-12-17` - `2022-12-07`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Frame ID: 334C3A11954289AAFE9CDDAA9D953FC6
Requests: 107 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Training Excercise

Page URL History Show full URLs

http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27 Page URL
http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6... Page URL

Detected technologies

BugSnag (Analytics) Expand

Overall confidence: 100%
Detected patterns

/bugsnag.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

107
Requests

21 %
HTTPS

25 %
IPv6

6
Domains

8
Subdomains

8
IPs

4
Countries

539 kB
Transfer

774 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27 Page URL
http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://java.com/js/deployJava.js HTTP 302
https://www.java.com/js/deployJava.js

Request Chain 54

https://java.com/js/deployJava.js HTTP 302
https://www.java.com/js/deployJava.js

107 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK ae3628704f0bffcf Show response
messages.micrasoft-395office.com/ 35 KB
12 KB 149ms
67ms Document
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

b25c59bdaeff213940971d55b162cf850e4d00a94fe2e1ac54fd1ad4570fe929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Wed, 28 Sep 2022 10:02:19 GMT
ETag: W/"b25c59bdaeff213940971d55b162cf85"
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Host-Info: lw-prod-eu-i-0c8c60e3b9e5fc665 ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: c11cbc33-78bc-4068-95fe-8be74041457d
X-Runtime: 0.014762
X-XSS-Protection: 1; mode=block

GET alt_pixel_click_36287f0bff.gif
messages.micrasoft-395office.com/ 0
0

GET
H/1.1 200
OK plugin_detect.js Show response
tslp.s3.amazonaws.com/detect/ 49 KB
49 KB 358ms
138ms Script
text/javascript 52.216.79.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=36287f0bff&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by: Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.79.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:20 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 17:56:07 GMT
Server: AmazonS3
x-amz-request-id: 03J8GR5CREQC6YQV
ETag: "00a513f07603df01e3b99be00f370754"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 50085
x-amz-id-2: BkdUBUb70rzbC0x7TaZ67Y1yx6NfqNaISLlexiHNJPJvSezZtjigUks45K9LhnZv0uNswvefEvg=

GET
H/1.1 200
OK java.js Show response
tslp.s3.amazonaws.com/detect/ 50 KB
50 KB 356ms
142ms Script
text/javascript 52.216.79.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/java.js?guid=36287f0bff&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by: Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.79.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4805fc6abdad8075af2165e241b781c3073d4769ae725e4004bf79064acb5f24

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:20 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 14:38:28 GMT
Server: AmazonS3
x-amz-request-id: 03JFXZ9Z86119SJD
ETag: "2bec0061039dc3fb25fc20aaf611d5b9"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 50717
x-amz-id-2: p7HIVf+DEbJ4uE/JlBnaoRXYdGaayN4dicDftBzvZrg9ycQdyvS+0o9GJUwMgOfnbrnXTY1womU=

GET
H2

200

deployJava.js Show response
www.java.com/js/
Redirect Chain

https://java.com/js/deployJava.js
https://www.java.com/js/deployJava.js

18 KB
6 KB

244ms
80ms

Script
application/javascript

2a02:26f0:dc:183::196
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.java.com/js/deployJava.js

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27

Protocol

Server

2a02:26f0:dc:183::196 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

358bb442f5d81ddc8e393d922458a9d84010efee2c346763ae87a45be92224d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 10:02:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
akamai-grn: , , , 0.e7611702.1664359339.b0f12ca2
x-oracle-dms-rid: 0
content-disposition: attachment; filename="deployJava.js";filename*=UTF-8''deployJava.js
server-timing: cdn-cache; desc=HIT, edge; dur=26
content-length: 5512
x-xss-protection: 1
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
etag: D07B023847CD4DC5C4ED4AB4FC46AD47BDD6E99A0663:19
vary: Accept-Encoding
x-oracle-dms-ecid: 45ef283e-e669-41bc-8d48-f79320634a9c-007e0f41
content-type: application/javascript
cache-control: public, max-age=86400
expires: Thu, 29 Sep 2022 10:02:19 GMT

Redirect headers

date: Wed, 28 Sep 2022 10:02:19 GMT
server: AkamaiGHost
akamai-grn: 0.90a02417.1664359339.27dcfe92
location: https://www.java.com/js/deployJava.js
cache-control: max-age=86400
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 0
x-xss-protection: 1
expires: Thu, 29 Sep 2022 10:02:19 GMT

GET
H/1.1 200
OK flash.js Show response
tslp.s3.amazonaws.com/detect/ 7 KB
7 KB 356ms
142ms Script
text/javascript 52.216.79.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/flash.js?guid=36287f0bff&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by: Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.79.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: a26d01d5912459798481786640dc44fd7605d09f2f9e6dd24720205efcab6861

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:20 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 03:54:01 GMT
Server: AmazonS3
x-amz-request-id: 03JB0H4W5QPG407K
ETag: "f9ad9a096894ba248e4a1f73e7eba1be"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 6680
x-amz-id-2: TIkqMElfWbVEq243Q/YqApJ0o+8mesevmCDt29wLavlJHkEeUKiimsNLxqeny+XoQWbhCnunM04=

GET
H/1.1 200
OK pdf.js Show response
tslp.s3.amazonaws.com/detect/ 22 KB
23 KB 364ms
150ms Script
text/javascript 52.216.79.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/pdf.js?guid=36287f0bff&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by: Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.79.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d9b7c6163477008469af64b211e2dbd4f4171b85b51e3714f11c99f9ba2c32f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:20 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 14:39:34 GMT
Server: AmazonS3
x-amz-request-id: 03JDMHQZC3HNVVHX
ETag: "0d5882d41c8b6e40059c8d9acbcf1518"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 22855
x-amz-id-2: hL5HiAHpSxCeWdBEQWqlG6dmTwPz3Sa2mfWl6e4BbeyJEBBu438VG5TCkZY2S3FDT1OYNMFihRc=

GET
H/1.1 200
OK quicktime.js Show response
tslp.s3.amazonaws.com/detect/ 7 KB
7 KB 362ms
147ms Script
text/javascript 52.216.79.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/quicktime.js?guid=36287f0bff&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by: Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.79.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6ae53963f41133561c78b4332b564c01f551c471cd91d980436a9f5dacdd8f19

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:20 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 14:41:05 GMT
Server: AmazonS3
x-amz-request-id: 03JC1YK6WWXQC7ZY
ETag: "ee73f2f47d51116dc40b85a6b57eaf20"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 6999
x-amz-id-2: 5wjP+qLYuMcceDwboiMvSVOy9MaBOsXIh0vAklEILoIprYdwSO96G9qzYymGYKc7HdEnJajFIhI=

GET
H/1.1 200
OK realplayer.js Show response
tslp.s3.amazonaws.com/detect/ 10 KB
10 KB 355ms
140ms Script
text/javascript 52.216.79.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/realplayer.js?guid=36287f0bff&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by: Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.79.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 88be902cc76b5ec1ec932b6ae93457b6b0ca69d7a36bfadefc2f24db225dc238

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:20 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 14:45:02 GMT
Server: AmazonS3
x-amz-request-id: 03J7AKPT5KKPPSRF
ETag: "3d7be656672c16a34806c13388410325"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 9775
x-amz-id-2: v7RDCDZDWl+ZwEAFl1RqSqVtiGsJFo5GpTWXD4xVvfndc6PNlvgeO2r1XKAfj+lDP155soU1IeM=

GET
H/1.1 200
OK silverlight.js Show response
tslp.s3.amazonaws.com/detect/ 4 KB
5 KB 117ms
117ms Script
text/javascript 52.216.79.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/silverlight.js?guid=36287f0bff&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by: Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.79.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0730a7e6770925fa4232096e4d9874514985ec791a63fe873f0e4e3cd7722381

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:20 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 18:00:03 GMT
Server: AmazonS3
x-amz-request-id: 03JACX4DST7WMN02
ETag: "e6dd596d2bc204ea573b868b92028c26"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 4234
x-amz-id-2: HhSMmLAzLO3D5Jayy2LveluuuLhS9Z/LLyygjuhJTPkf272JUkTE4tjZZanvaDtjTrDUHLlfg5Y=

GET
H/1.1 200
OK wmp.js Show response
tslp.s3.amazonaws.com/detect/ 6 KB
6 KB 120ms
120ms Script
text/javascript 52.216.79.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/wmp.js?guid=36287f0bff&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by: Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.79.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: cdb16ca3ddd3cead71121799751fa80d3033375abcdbc5fc84d35fb82c7fc9de

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:20 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 15:07:14 GMT
Server: AmazonS3
x-amz-request-id: 03JAN5TAKRNMS37E
ETag: "ffd2cc77bb64d40beeb5d561fffe1f79"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 5941
x-amz-id-2: wEfnVHAYp+coztctdnkzRJkUxP5sDwgBd1XfAoxcpsO/mO6xRvHwGfCsTfogNKN5vHdIdZlHe0M=

GET
H/1.1 200
OK bugsnag-2.min.js Show response
d2wy8f7a9ursnm.cloudfront.net/ 6 KB
3 KB 43ms
15ms Script
application/javascript 52.222.206.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
Requested by: Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol: HTTP/1.1
Server: 52.222.206.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-206-51.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 15:53:21 GMT
Content-Encoding: gzip
Via: 1.1 920a6dce56a0ee957dbaa3bf4429f8fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P3
Age: 65339
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 2962
Last-Modified: Wed, 10 Aug 2016 00:30:49 GMT
Server: AmazonS3
ETag: "6103bb5e4ec6141e19e1100caafc780c"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
X-Amz-Cf-Id: hCUsExfZ-hlfcI2NsVZ_6CAscPVS5D5Teh9nqCxgRngOTYhsd9xeYw==

GET
H/1.1 200
OK jquery.min.js Show response
messages.micrasoft-395office.com/assets/ajax/libs/jquery/1.9.1/ 90 KB
32 KB 45ms
45ms Script
application/javascript 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://messages.micrasoft-395office.com/assets/ajax/libs/jquery/1.9.1/jquery.min.js
Requested by: Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol: HTTP/1.1
Server: 99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 25 Aug 2022 13:01:55 GMT
Server: ThreatSim-Web-Server
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK all.js Show response
messages.micrasoft-395office.com/assets/ 28 KB
7 KB 79ms
39ms Script
application/javascript 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://messages.micrasoft-395office.com/assets/all.js?g=36287f0bff
Requested by: Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol: HTTP/1.1
Server: 99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: 39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 25 Aug 2022 13:02:01 GMT
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Content-Length: 7191
Expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H/1.1 200
OK browser_post Show response
messages.micrasoft-395office.com/secure/ 0
716 B 48ms
48ms XHR
image/gif 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

http://messages.micrasoft-395office.com/secure/browser_post

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: XQ4GVVFACQAAU1VQDwQHUw==
tracestate: 1506924@nr=0-1-98147-1307432040-4e849638c2fb1f1f----1664359339993
traceparent: 00-9c413d24b480a93210b940ded50d2aec-4e849638c2fb1f1f-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6Ijk4MTQ3IiwiYXAiOiIxMzA3NDMyMDQwIiwiaWQiOiI0ZTg0OTYzOGMyZmIxZjFmIiwidHIiOiI5YzQxM2QyNGI0ODBhOTMyMTBiOTQwZGVkNTBkMmFlYyIsInRpIjoxNjY0MzU5MzM5OTkzLCJ0ayI6IjE1MDY5MjQifX0=
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: */*
Referer: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
X-Requested-With: XMLHttpRequest

Response headers

Date: Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 05c597f7-57a1-4679-bd96-55bbb7155597
X-Runtime: 0.007192
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding, Accept
Content-Type: image/gif; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 44ms
44ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: e8490ba9-8aa0-4e08-bea6-2330db7887d1
X-Runtime: 0.002584
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 100ms
59ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 324cabc2-6dcb-464e-b350-aecc146f7a82
X-Runtime: 0.019368
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 96ms
55ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 2409f640-4984-4f1e-9d97-ef0df0b7be1f
X-Runtime: 0.002463
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 97ms
54ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=BrowserDetect%20-%20browser%20%3D%20Chrome&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 546b7e15-62f4-4158-9a9b-ac225c95afd4
X-Runtime: 0.002436
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 98ms
54ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=BrowserDetect%20-%20browser_version%20%3D%20106&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 0c932a87-43f1-408b-adbe-d690548c2d0e
X-Runtime: 0.002456
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 54ms
48ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=BrowserDetect%20-%20os%20%3D%20Windows&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 65dffe5c-bbaa-4dbe-9f9b-6cd48511a5f2
X-Runtime: 0.001961
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 68ms
61ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=BrowserDetect%20-%20os_version%20%3D%2010&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 8fcb55d9-7e91-4fa2-b5e3-abe3468f6e96
X-Runtime: 0.003274
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 50ms
44ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 74a90de9-1d0c-427f-88a3-3ace8c65b5fe
X-Runtime: 0.002922
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 47ms
44ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 6380f6d7-0e6a-4eba-82c3-c6d667858937
X-Runtime: 0.003173
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 49ms
46ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=BrowserDetect%20-%20width%20%3D%201600&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 0c91957f-58b1-4c08-8b5b-3dbe40257e51
X-Runtime: 0.002989
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 46ms
45ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=BrowserDetect%20-%20height%20%3D%201200&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 42c6b23c-b649-4a90-9f64-3aa50f4b9b4f
X-Runtime: 0.002437
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 48ms
47ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Plugin&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 1f480839-d029-4d28-8270-637809a0d9d5
X-Runtime: 0.003357
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 65ms
65ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Viewer&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 2bfbc2e4-a8ef-4a26-aa5d-2240c728542e
X-Runtime: 0.001930
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 51ms
48ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=BrowserDetect%20-%20plugin%20Native%20Client&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: fbb45d19-3bd7-41ac-9bd6-3cd6e02a0e3c
X-Runtime: 0.003473
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 48ms
47ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=Chrome%20browser%2C%20using%20more%20detailed%20version&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 3b108745-05e2-476b-aa82-507664986466
X-Runtime: 0.003012
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 48ms
48ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: da6ab53a-9bf5-49b2-8574-3709cc8a9bad
X-Runtime: 0.003140
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 46ms
46ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=java_version_pl%20%3D%20unknown&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: b7a036e8-ae33-4acc-b58e-845e0f4b0760
X-Runtime: 0.003391
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 46ms
45ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: c803bba5-4e8b-4456-90ed-21a15bbd7d36
X-Runtime: 0.002158
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 67ms
67ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=java_version_jres%20%3D%20unknown&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 6e4d0946-6a98-4602-a115-1a6068ce1ce6
X-Runtime: 0.002291
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 41ms
41ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=java_version%20%3D%20undefined&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 411ad7ac-e7ab-4183-8fd3-a15b56a79834
X-Runtime: 0.002191
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 43ms
43ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=Loading%20flash%20version&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 6272d967-cd9d-43e6-813b-8bf593dfd5ee
X-Runtime: 0.002322
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 47ms
46ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=flash%20%3D%20unknown&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 8481642e-6ebd-45aa-bacb-56ab1b3b213b
X-Runtime: 0.003050
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 45ms
45ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=Loading%20pdf%20version&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 185a2d42-c003-4754-b84c-a62aa51ae145
X-Runtime: 0.003107
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 47ms
47ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=Could%20not%20find%20AdobeReader%20version&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 7516d97f-2b6a-4658-a245-e43e4dd16e70
X-Runtime: 0.002530
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 42ms
42ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=pdf%20%3D%20unknown&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 8d346b23-dfc4-48f8-8d7b-abb147dcad50
X-Runtime: 0.002593
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 42ms
42ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=Loading%20quicktime%20version&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: d30d8679-dfe6-420a-a92e-9a6035d587fa
X-Runtime: 0.001835
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 46ms
46ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=quicktime%20%3D%20unknown&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 355721f8-7305-496c-bcf4-2ed1d7bf1281
X-Runtime: 0.004666
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 42ms
42ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=Loading%20RealPlayer%20version&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 939528c8-83c5-47e1-890b-e8cd429215df
X-Runtime: 0.002608
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 45ms
44ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=realplayer%20%3D%20unknown&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: a9152332-33d9-443d-8235-4131ecf4de6b
X-Runtime: 0.002347
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 67ms
66ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=Loading%20Silverlight%20version&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: a9bcfbf0-943c-4582-9ca4-058acb1dcdb2
X-Runtime: 0.002406
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 41ms
41ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=silverlight%20%3D%20unknown&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 8dcee4b4-4e51-463b-bb25-4ba2ff06c172
X-Runtime: 0.002489
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 43ms
43ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 0292d6a2-2f95-40f6-9042-d355f553c42a
X-Runtime: 0.002315
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 43ms
42ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=wmp%20%3D%20unknown&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: fde69de5-cdde-401c-8bb1-7aa1332715ba
X-Runtime: 0.002347
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 43ms
42ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=redirecting%20to%20%2Fload_training%3Fguid%3D563628725f0bff7c%26correlation_id%3D59380ee4-4403-4cda-80dd-6eae493a761e&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: f415cae5-a8fd-40fa-946f-25e503d45d5f
X-Runtime: 0.001936
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 45ms
44ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=browser_post_successful&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: bb51c194-936b-4947-a0dd-dc80ae366c81
X-Runtime: 0.002297
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK Primary Request load_training Show response
messages.micrasoft-395office.com/ 68 KB
17 KB 66ms
65ms Document
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/assets/all.js?g=36287f0bff

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

68bb10788acbb6715bdaaf56145035dce38b6c5ecd4298e91901107962d7f65d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Wed, 28 Sep 2022 10:02:21 GMT
ETag: W/"68bb10788acbb6715bdaaf56145035dc"
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Host-Info: lw-prod-eu-i-0c8c60e3b9e5fc665 ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 17b484f3-71f8-4442-9ee0-c741e5e0227f
X-Runtime: 0.021064
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bugsnag-2.min.js Show response
d2wy8f7a9ursnm.cloudfront.net/ 6 KB
3 KB 15ms
15ms Script
application/javascript 52.222.206.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
Requested by: Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Protocol: HTTP/1.1
Server: 52.222.206.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-206-51.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 15:53:21 GMT
Content-Encoding: gzip
Via: 1.1 920a6dce56a0ee957dbaa3bf4429f8fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P3
Age: 65341
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 2962
Last-Modified: Wed, 10 Aug 2016 00:30:49 GMT
Server: AmazonS3
ETag: "6103bb5e4ec6141e19e1100caafc780c"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
X-Amz-Cf-Id: f97Bz1JeMAWm_qr9zFri8dA13mu9aiWchj6HH7U0aMRCGvzAkV-oEg==

GET
H/1.1 200
OK jquery.min.js Show response
messages.micrasoft-395office.com/assets/ajax/libs/jquery/1.11.0/ 94 KB
33 KB 45ms
45ms Script
application/javascript 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://messages.micrasoft-395office.com/assets/ajax/libs/jquery/1.11.0/jquery.min.js
Requested by: Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Protocol: HTTP/1.1
Server: 99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 25 Aug 2022 13:01:55 GMT
Server: ThreatSim-Web-Server
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK plugin_detect.js Show response
tslp.s3.amazonaws.com/detect/ 49 KB
49 KB 119ms
117ms Script
text/javascript 52.216.79.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=36287f0bff&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by: Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.79.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:22 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 17:56:07 GMT
Server: AmazonS3
x-amz-request-id: SDQANMF9X3QH92TN
ETag: "00a513f07603df01e3b99be00f370754"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 50085
x-amz-id-2: sybXBHkHKf4YiW7IufUrWL24aEc3FAD7zvxgkndOSS75VQ+vacwCqyExMNYUn3Qn5eb/ch8gdEQ=

GET
H/1.1 200
OK java.js Show response
tslp.s3.amazonaws.com/detect/ 50 KB
50 KB 119ms
118ms Script
text/javascript 52.216.79.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/java.js?guid=36287f0bff&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by: Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.79.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4805fc6abdad8075af2165e241b781c3073d4769ae725e4004bf79064acb5f24

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:22 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 14:38:28 GMT
Server: AmazonS3
x-amz-request-id: SDQ6R4DXK0SNAHQF
ETag: "2bec0061039dc3fb25fc20aaf611d5b9"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 50717
x-amz-id-2: GsFdODkBhzR9bfohqdJRNoMa8pJtINdcZXfa2j/Fjoh7OKDiGnzR5jcUpJGSoQSeB9sVxE++v0w=

GET
H2

200

deployJava.js Show response
www.java.com/js/
Redirect Chain

https://java.com/js/deployJava.js
https://www.java.com/js/deployJava.js

18 KB
6 KB

54ms
54ms

Script
application/javascript

2a02:26f0:dc:183::196
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.java.com/js/deployJava.js

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Protocol

Server

2a02:26f0:dc:183::196 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

358bb442f5d81ddc8e393d922458a9d84010efee2c346763ae87a45be92224d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 10:02:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
akamai-grn: , , , 0.e7611702.1664359341.b0f14ca5
x-oracle-dms-rid: 0
content-disposition: attachment; filename="deployJava.js";filename*=UTF-8''deployJava.js
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 5512
x-xss-protection: 1
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
etag: D07B023847CD4DC5C4ED4AB4FC46AD47BDD6E99A0663:19
vary: Accept-Encoding
x-oracle-dms-ecid: 45ef283e-e669-41bc-8d48-f79320634a9c-007e0f41
content-type: application/javascript
cache-control: public, max-age=86400
expires: Thu, 29 Sep 2022 10:02:21 GMT

Redirect headers

date: Wed, 28 Sep 2022 10:02:21 GMT
server: AkamaiGHost
akamai-grn: 0.90a02417.1664359341.27dd1681
location: https://www.java.com/js/deployJava.js
cache-control: max-age=86400
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 0
x-xss-protection: 1
expires: Thu, 29 Sep 2022 10:02:21 GMT

GET
H/1.1 200
OK flash.js Show response
tslp.s3.amazonaws.com/detect/ 7 KB
7 KB 121ms
119ms Script
text/javascript 52.216.79.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/flash.js?guid=36287f0bff&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by: Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.79.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: a26d01d5912459798481786640dc44fd7605d09f2f9e6dd24720205efcab6861

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:22 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 03:54:01 GMT
Server: AmazonS3
x-amz-request-id: SDQFZN01CR4P48B7
ETag: "f9ad9a096894ba248e4a1f73e7eba1be"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 6680
x-amz-id-2: 5YGzVdCkxsvKjciZwQHOZTMt7AFH+CgI9hKeUwx+L5dYMVQqevG16pkDIf61zmh7y/X3h3NE6Ho=

GET
H/1.1 200
OK pdf.js Show response
tslp.s3.amazonaws.com/detect/ 22 KB
23 KB 122ms
121ms Script
text/javascript 52.216.79.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/pdf.js?guid=36287f0bff&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by: Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.79.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d9b7c6163477008469af64b211e2dbd4f4171b85b51e3714f11c99f9ba2c32f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:22 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 14:39:34 GMT
Server: AmazonS3
x-amz-request-id: SDQ31Q68STG5YZ91
ETag: "0d5882d41c8b6e40059c8d9acbcf1518"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 22855
x-amz-id-2: fUNxcByyCnd26JeUxCc3llcBth2mlhN05uEihtQnkSIXZeugo0eroeVmhDH6n7+Ppz9kSv4Y21Y=

GET
H/1.1 200
OK quicktime.js Show response
tslp.s3.amazonaws.com/detect/ 7 KB
7 KB 119ms
118ms Script
text/javascript 52.216.79.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/quicktime.js?guid=36287f0bff&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by: Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.79.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6ae53963f41133561c78b4332b564c01f551c471cd91d980436a9f5dacdd8f19

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:22 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 14:41:05 GMT
Server: AmazonS3
x-amz-request-id: SDQ19AER3D6T6HVS
ETag: "ee73f2f47d51116dc40b85a6b57eaf20"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 6999
x-amz-id-2: mpBO+FJIdycIzyieHNDuyYzl+5clsY4XhO1GvD77GOfNqOre0O28u0J53anJkHNfRvWWWVVXN6s=

GET
H/1.1 200
OK realplayer.js Show response
tslp.s3.amazonaws.com/detect/ 10 KB
10 KB 121ms
120ms Script
text/javascript 52.216.79.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/realplayer.js?guid=36287f0bff&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by: Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.79.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 88be902cc76b5ec1ec932b6ae93457b6b0ca69d7a36bfadefc2f24db225dc238

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:22 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 14:45:02 GMT
Server: AmazonS3
x-amz-request-id: SDQ4T7JRYPZ8TBC5
ETag: "3d7be656672c16a34806c13388410325"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 9775
x-amz-id-2: of0jeS7eNYwgQ9SLRXzoiyY5Nxuqk5QWeAXmx+36bdh8oxZo/KGqFurwRzQzbHaLAuh/sk8QUe4=

GET
H/1.1 200
OK silverlight.js Show response
tslp.s3.amazonaws.com/detect/ 4 KB
5 KB 243ms
122ms Script
text/javascript 52.216.79.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/silverlight.js?guid=36287f0bff&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by: Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.79.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0730a7e6770925fa4232096e4d9874514985ec791a63fe873f0e4e3cd7722381

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:22 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 18:00:03 GMT
Server: AmazonS3
x-amz-request-id: SDQ6WJP41T11SB7G
ETag: "e6dd596d2bc204ea573b868b92028c26"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 4234
x-amz-id-2: h6y7+rzYcZn+TthBAKXWP/YNti7KHyHwhyq25qcnt6foq5cnx7gVqh+CTnu+9C2Apedo6F0Bl/I=

GET
H/1.1 200
OK wmp.js Show response
tslp.s3.amazonaws.com/detect/ 6 KB
6 KB 243ms
120ms Script
text/javascript 52.216.79.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/wmp.js?guid=36287f0bff&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by: Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.79.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: cdb16ca3ddd3cead71121799751fa80d3033375abcdbc5fc84d35fb82c7fc9de

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:22 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 15:07:14 GMT
Server: AmazonS3
x-amz-request-id: SDQF2BG8NRQT00G1
ETag: "ffd2cc77bb64d40beeb5d561fffe1f79"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 5941
x-amz-id-2: sSP+t39mvMFj70oa7/u/3eFCaEOi16vsqqj0tq2OUFJ3UUcrOTQ8bB2jtk7uodvQ8quFv+iya+o=

GET
H/1.1 200
OK res-logo-300px-c9036a.png
ts-eu-uploads.s3-eu-west-1.amazonaws.com/training/production/10744/ 9 KB
9 KB 260ms
137ms Image
image/png 52.92.33.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ts-eu-uploads.s3-eu-west-1.amazonaws.com/training/production/10744/res-logo-300px-c9036a.png
Requested by: Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.33.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 51d06f219512dec8108fc9305b53cba3e78613509c26857827f04e719cde07dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:22 GMT
Last-Modified: Wed, 23 Jun 2021 16:17:50 GMT
Server: AmazonS3
x-amz-request-id: SDQ598E60GB6HZYR
ETag: "8e9e6445452d47e42eda1c07a1819099"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 9147
x-amz-id-2: YtCvsEMVCdwbtHwXDn4huJ/59dtPX92fPJOGtjeDKQqFHEU6DMlv3IOZW/QedmsIcQ4eVWRHdb0=

GET
H/1.1 200
OK all.js Show response
messages.micrasoft-395office.com/assets/ 28 KB
7 KB 42ms
41ms Script
application/javascript 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://messages.micrasoft-395office.com/assets/all.js?guid=36287f0bff&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by: Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Protocol: HTTP/1.1
Server: 99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: 39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 25 Aug 2022 13:01:55 GMT
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Content-Length: 7191
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK email-link-825ff1.png
tslp.s3.amazonaws.com/training/production/314/ 13 KB
14 KB 120ms
119ms Image
image/png 52.216.79.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tslp.s3.amazonaws.com/training/production/314/email-link-825ff1.png
Requested by: Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.79.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: e4e3f828d50fbfe9f6f7783802a424b638f89c8c66f881afdb5490f0f3dc995a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:22 GMT
x-amz-version-id: Qu2oiCk2hDnN088.2PlgydVBeWPtVnE5
Last-Modified: Thu, 24 Oct 2019 12:45:20 GMT
Server: AmazonS3
x-amz-request-id: SDQEEJVPQYZASRAE
ETag: "669af43ab1f782235899ca3b267c6a59"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 13426
x-amz-id-2: BVdbVilQe0mZH/PKD32AUmtg3Z0Sle8GEpIRCok4grmEY/h58vZoHus9m0mBwod+5hWJIMwhDcw=

GET
H/1.1 200
OK comp-bad83b.png
tslp.s3.amazonaws.com/training/production/314/ 4 KB
5 KB 117ms
117ms Image
image/png 52.216.79.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tslp.s3.amazonaws.com/training/production/314/comp-bad83b.png
Requested by: Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.79.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9c33c855ff5d739fb06705fd05aff042724a4135c911993d222c5f700ef308c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:22 GMT
x-amz-version-id: BBSZr6_NZTUHwqDxWBkl204iQ6MXfpU5
Last-Modified: Thu, 24 Oct 2019 12:44:47 GMT
Server: AmazonS3
x-amz-request-id: SDQBMY35DN13ZH0A
ETag: "f7e292234bb684ffd2aab275f00efd18"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4481
x-amz-id-2: HZ26IwIQvqg2NkRMscs3WaaWBVcIg6ZuJyd55kFFRbwUWhNQY6bAyTU0flY6Gu9JrPr72rMcoyE=

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 45ms
45ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=undefined&msg=window.tracking_id%20is%20not%20set%2C%20let%27s%20get%20it&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: a6132f87-956e-4c67-bd06-14841e1756b0
X-Runtime: 0.003536
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 45ms
45ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=unknown&msg=get-id%20is%20undefined&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 15e6fd8a-b287-41e2-9fdd-7ce69222db9f
X-Runtime: 0.003517
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 42ms
42ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=unknown&msg=did%20not%20find%20guid%20in%20last%20part%20of%20location&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 42148d14-a663-479c-a6b9-af7e041027a6
X-Runtime: 0.002267
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 45ms
44ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=563628725f0bff7c&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 85d0dc91-db69-476d-9b9a-09fbea6b5849
X-Runtime: 0.002784
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 46ms
40ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=563628725f0bff7c&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 1abf9078-b0fa-470b-8cde-1f2984624151
X-Runtime: 0.001948
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 63ms
57ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=563628725f0bff7c&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 8c8ab6ef-fd7a-43c2-bce8-d4e10012f879
X-Runtime: 0.002339
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 44ms
44ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=563628725f0bff7c&msg=BrowserDetect%20-%20browser%20%3D%20Chrome&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 4e75bca9-318b-481a-8062-8fefcf7b2c9f
X-Runtime: 0.002572
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 44ms
44ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=563628725f0bff7c&msg=BrowserDetect%20-%20browser_version%20%3D%20106&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: ab195211-205b-4392-8ad5-cdd12a2c652b
X-Runtime: 0.001927
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 45ms
45ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=563628725f0bff7c&msg=BrowserDetect%20-%20os%20%3D%20Windows&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: d7dc266e-0845-4ba7-a21c-fdc2cf36e92b
X-Runtime: 0.002068
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 43ms
43ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=563628725f0bff7c&msg=BrowserDetect%20-%20os_version%20%3D%2010&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: ad2cae90-bf06-4034-947d-ac9bc5b43886
X-Runtime: 0.002312
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 40ms
40ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=563628725f0bff7c&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 0c12707f-d542-42e9-a549-9c02af722e32
X-Runtime: 0.001697
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 60ms
59ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=563628725f0bff7c&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 15a8403e-2459-4bb2-a225-d6e29019e4e1
X-Runtime: 0.002474
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 46ms
43ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=563628725f0bff7c&msg=BrowserDetect%20-%20width%20%3D%201600&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 381aa2d0-7d89-474e-908f-cffad6e67d6a
X-Runtime: 0.003904
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 46ms
45ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=563628725f0bff7c&msg=BrowserDetect%20-%20height%20%3D%201200&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 33b4bb07-06dc-4991-a215-819f941e6618
X-Runtime: 0.003170
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 44ms
43ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=563628725f0bff7c&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Plugin&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 6b187202-eede-4869-ae46-247dddf7944f
X-Runtime: 0.002327
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 45ms
44ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=563628725f0bff7c&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Viewer&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 953de547-d49c-4314-8638-6f0731eaac2e
X-Runtime: 0.002681
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 45ms
44ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=563628725f0bff7c&msg=BrowserDetect%20-%20plugin%20Native%20Client&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 81d92385-c6cb-4705-bf1c-6fd67057235f
X-Runtime: 0.003316
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 66ms
65ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=563628725f0bff7c&msg=Chrome%20browser%2C%20using%20more%20detailed%20version&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: f1d47053-0c7d-491a-b95e-190c579efdee
X-Runtime: 0.001775
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 48ms
45ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=563628725f0bff7c&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 013e2840-0866-4977-a46a-d3757e514ba9
X-Runtime: 0.002117
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 58ms
55ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=563628725f0bff7c&msg=java_version_pl%20%3D%20unknown&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: b1d0650b-36fa-4f1c-8606-7123526762dd
X-Runtime: 0.002959
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 45ms
43ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=563628725f0bff7c&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: bd298b6f-44a5-4cb2-86ea-46a25d3771f0
X-Runtime: 0.002320
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 48ms
46ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=563628725f0bff7c&msg=java_version_jres%20%3D%20unknown&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: d9e4218d-7ee4-4186-912f-7fd8393aba33
X-Runtime: 0.002384
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 47ms
46ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=563628725f0bff7c&msg=java_version%20%3D%20undefined&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: f4f97766-0189-4738-b7e7-84205ae3a4df
X-Runtime: 0.003641
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 48ms
48ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=563628725f0bff7c&msg=Loading%20flash%20version&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 2950c527-bb0d-42bf-8cc5-edc79e915a35
X-Runtime: 0.001827
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 64ms
64ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=563628725f0bff7c&msg=flash%20%3D%20unknown&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 13283891-99f0-4a86-acfc-7914ad9751e9
X-Runtime: 0.003150
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 43ms
43ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=563628725f0bff7c&msg=Loading%20pdf%20version&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 18f48728-8b21-4068-895d-73253f79c7f1
X-Runtime: 0.003106
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 47ms
46ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=563628725f0bff7c&msg=Could%20not%20find%20AdobeReader%20version&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 76297d54-e615-4809-ab73-ae291b66b568
X-Runtime: 0.002595
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 46ms
46ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=563628725f0bff7c&msg=pdf%20%3D%20unknown&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 2dd5a338-3240-4d23-95e6-51d7e57c9c87
X-Runtime: 0.004987
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 42ms
42ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=563628725f0bff7c&msg=Loading%20quicktime%20version&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: b4e87b94-d282-465d-8c85-456d738e475e
X-Runtime: 0.002202
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 41ms
40ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=563628725f0bff7c&msg=quicktime%20%3D%20unknown&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 6d9b2f0c-95b2-4a8b-baba-8c06f278d019
X-Runtime: 0.001931
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 43ms
43ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=563628725f0bff7c&msg=Loading%20RealPlayer%20version&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: a2a7ca20-ad2b-43ed-ac59-e0734b3f6bcc
X-Runtime: 0.002458
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 47ms
47ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=563628725f0bff7c&msg=realplayer%20%3D%20unknown&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 1c37d246-3608-4c09-a92b-032015bceabb
X-Runtime: 0.004782
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 43ms
43ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=563628725f0bff7c&msg=Loading%20Silverlight%20version&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 57136055-055c-4a86-b22d-dd3aef9b2896
X-Runtime: 0.002040
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 42ms
42ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=563628725f0bff7c&msg=silverlight%20%3D%20unknown&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: fc66f276-cbbb-445b-ba0c-c5567a911dda
X-Runtime: 0.001735
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 66ms
66ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=563628725f0bff7c&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: d2b1421d-6f63-4334-94b2-c9b1f60bc61a
X-Runtime: 0.002419
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 46ms
46ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=563628725f0bff7c&msg=wmp%20%3D%20unknown&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 96d57ff0-2ec3-4e35-ad5c-b0f1792bcf3f
X-Runtime: 0.006166
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 42ms
42ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=563628725f0bff7c&msg=training_page_no_browser_post&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 2e92a6f9-0703-4bcd-b290-35de7f08f86d
X-Runtime: 0.002347
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
messages.micrasoft-395office.com/ 0
687 B 47ms
43ms Image
text/html 99.80.138.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://messages.micrasoft-395office.com/trace?id=563628725f0bff7c&msg=redirect_url%20is%20undefined&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Requested by

Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Protocol

HTTP/1.1

Server

99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-138-64.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 241dd556-cab5-4641-a888-e2c48e2ad7e1
X-Runtime: 0.002252
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H2 200 nr-spa-1216.min.js Show response
js-agent.newrelic.com/ 49 KB
18 KB 70ms
20ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1216.min.js
Requested by: Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-encoding: gzip
via: 1.1 varnish
date: Wed, 28 Sep 2022 10:02:21 GMT
x-amz-request-id: G3KFPVCN8YNTXH50
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 18216
x-amz-id-2: tAu6Bn1ZIXl3oOFdA99wBbvl4B5k9x4HUuY+yHxi1gSDuAiQ8dsY6p1L2pd/4eB409hsM7w2iD8=
x-served-by: cache-hhn4024-HHN
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
server: AmazonS3
x-timer: S1664359342.876493,VS0,VE0
etag: "63e2df852d15ab21d7ff8fc4363222e8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 11949

GET
H/1.1 200
OK 4b7a74eb40 Show response
bam-cell.nr-data.net/1/ 49 B
946 B 206ms
151ms Script
text/javascript 162.247.241.2
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/4b7a74eb40?a=1307428239&v=1216.487a282&to=dVtXQkUKCFpTQxtYFF8bTURWDApfWFZrTR1GUUoZRA0LQQ%3D%3D&rst=900&ck=1&ref=http://messages.micrasoft-395office.com/load_training&ap=16&be=179&fe=820&dc=485&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1664359340995,%22n%22:0,%22u%22:151,%22ue%22:151,%22f%22:82,%22dn%22:82,%22dne%22:82,%22c%22:82,%22ce%22:82,%22rq%22:83,%22rp%22:148,%22rpe%22:188,%22dl%22:152,%22di%22:484,%22ds%22:484,%22de%22:492,%22dc%22:819,%22l%22:819,%22le%22:820%7D,%22navigation%22:%7B%7D%7D&fp=474&fcp=474&jsonp=NREUM.setToken
Requested by: Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.2 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://messages.micrasoft-395office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 10:02:22 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vjSDMYEVM9JwF6db87Y3BO3EHLIMLL50f1hCMwNE5jIeL130sCEwA%2B283wvhywelrNfdkZqfqmk0NeH8y5pLDC4qP5QZS2K7VVIDVwpCnJit9l5EWG6uq40Fk1l8UcOV0hxqLaVv"}],"group":"cf-nel","max_age":604800}
Vary: Accept-Encoding
access-control-allow-credentials: true
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
CF-Ray: 751ba49f3ca868f8-FRA

POST
H/1.1 200
OK 4b7a74eb40 Show response
bam-cell.nr-data.net/events/1/ 24 B
765 B 184ms
184ms XHR
image/gif 162.247.241.2
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/events/1/4b7a74eb40?a=1307428239&v=1216.487a282&to=dVtXQkUKCFpTQxtYFF8bTURWDApfWFZrTR1GUUoZRA0LQQ%3D%3D&rst=1113&ck=1&ref=http://messages.micrasoft-395office.com/load_training
Requested by: Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.2 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: http://messages.micrasoft-395office.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
content-type: text/plain

Response headers

Date: Wed, 28 Sep 2022 10:02:22 GMT
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: http://messages.micrasoft-395office.com
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3pnAE%2BcjhlAC4mWCgfEcECHdFnVl25l%2BhgK6OpJ3cONETLstYJ5MpHV5FtMk%2FY722RL2tpoNQ9McqJLyK%2BroFy%2FXd5nXCqDl61j1pQ1Ko8olojuGq%2BNzSK%2B%2Fi%2FMhF7Ekf%2F9ps%2FuT"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 751ba4a03eaa68f8-FRA
Content-Length: 24

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: messages.micrasoft-395office.com
URL: https://messages.micrasoft-395office.com:49153/alt_pixel_click_36287f0bff.gif?correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
messages.micrasoft-395office.com/	1969-12-31 23:59:59	Name: EXFILGUID Value: 36287f0bff
messages.micrasoft-395office.com/	1969-12-31 23:59:59	Name: link_clicked_36287f0bff Value: 1
java.com/	1970-01-20 06:19:19	Name: akaalb_OCE_Failover Value: 1664359399~op=JCOM_OCE:oceProdappJcomProdOrigin\|~rv=11~m=oceProdappJcomProdOrigin:0\|~os=2708f36cb43ca861e42dc0215e4669c5~id=6c1ba693678207726be2a89d00c3d572
www.java.com/	1970-01-20 06:19:19	Name: akaalb_OCE_Failover Value: 1664359399~op=JCOM_OCE:oceProdappJcomProdOrigin\|~rv=29~m=oceProdappJcomProdOrigin:0\|~os=2708f36cb43ca861e42dc0215e4669c5~id=a88f02bae6bda4d4492c545b4018ad85
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 90ec05cec4258038

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam-cell.nr-data.net
d2wy8f7a9ursnm.cloudfront.net
java.com
js-agent.newrelic.com
messages.micrasoft-395office.com
ts-eu-uploads.s3-eu-west-1.amazonaws.com
tslp.s3.amazonaws.com
www.java.com
messages.micrasoft-395office.com
151.101.194.137
162.247.241.2
2a02:26f0:3500:58c::196
2a02:26f0:dc:183::196
52.216.79.20
52.222.206.51
52.92.33.106
99.80.138.64
0730a7e6770925fa4232096e4d9874514985ec791a63fe873f0e4e3cd7722381
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
358bb442f5d81ddc8e393d922458a9d84010efee2c346763ae87a45be92224d1
39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9
4805fc6abdad8075af2165e241b781c3073d4769ae725e4004bf79064acb5f24
4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a
51d06f219512dec8108fc9305b53cba3e78613509c26857827f04e719cde07dd
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe
68bb10788acbb6715bdaaf56145035dce38b6c5ecd4298e91901107962d7f65d
6ae53963f41133561c78b4332b564c01f551c471cd91d980436a9f5dacdd8f19
88be902cc76b5ec1ec932b6ae93457b6b0ca69d7a36bfadefc2f24db225dc238
9c33c855ff5d739fb06705fd05aff042724a4135c911993d222c5f700ef308c2
9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc
a26d01d5912459798481786640dc44fd7605d09f2f9e6dd24720205efcab6861
b25c59bdaeff213940971d55b162cf850e4d00a94fe2e1ac54fd1ad4570fe929
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
cdb16ca3ddd3cead71121799751fa80d3033375abcdbc5fc84d35fb82c7fc9de
d9b7c6163477008469af64b211e2dbd4f4171b85b51e3714f11c99f9ba2c32f9
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e3f828d50fbfe9f6f7783802a424b638f89c8c66f881afdb5490f0f3dc995a

messages.micrasoft-395office.com Open in urlscan Pro 99.80.138.64 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

107 Requests

21 %HTTPS

25 %IPv6

6 Domains

8 Subdomains

8 IPs

4 Countries

539 kBTransfer

774 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

107 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

messages.micrasoft-395office.com Open in urlscan Pro
99.80.138.64 Public Scan

Screenshot
Live screenshot

Full Image

107
Requests

21 %
HTTPS

25 %
IPv6

6
Domains

8
Subdomains

8
IPs

4
Countries

539 kB
Transfer

774 kB
Size

5
Cookies

107 HTTP transactions
0 data transactions