Submitted URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Effective URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Submission: On September 28 via manual from IN — Scanned from DE

Summary

This website contacted 8 IPs in 4 countries across 6 domains to perform 107 HTTP transactions. The main IP is 99.80.138.64, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is messages.micrasoft-395office.com.
This is the only time messages.micrasoft-395office.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
80 99.80.138.64 16509 (AMAZON-02)
18 52.216.79.20 16509 (AMAZON-02)
2 2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2a02:26f0:dc:... 20940 (AKAMAI-ASN1)
2 52.222.206.51 16509 (AMAZON-02)
1 52.92.33.106 16509 (AMAZON-02)
1 151.101.194.137 54113 (FASTLY)
2 162.247.241.2 23467 (NEWRELIC-...)
107 8
Apex Domain
Subdomains
Transfer
80 micrasoft-395office.com
messages.micrasoft-395office.com
159 KB
19 amazonaws.com
tslp.s3.amazonaws.com — Cisco Umbrella Rank: 183389
ts-eu-uploads.s3-eu-west-1.amazonaws.com
341 KB
4 java.com
java.com — Cisco Umbrella Rank: 32502
www.java.com — Cisco Umbrella Rank: 50892
13 KB
2 nr-data.net
bam-cell.nr-data.net — Cisco Umbrella Rank: 1793
2 KB
2 cloudfront.net
d2wy8f7a9ursnm.cloudfront.net
7 KB
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 318
18 KB
107 6
Domain Requested by
80 messages.micrasoft-395office.com messages.micrasoft-395office.com
18 tslp.s3.amazonaws.com messages.micrasoft-395office.com
2 bam-cell.nr-data.net messages.micrasoft-395office.com
2 d2wy8f7a9ursnm.cloudfront.net messages.micrasoft-395office.com
2 www.java.com messages.micrasoft-395office.com
2 java.com 2 redirects
1 js-agent.newrelic.com messages.micrasoft-395office.com
1 ts-eu-uploads.s3-eu-west-1.amazonaws.com messages.micrasoft-395office.com
107 8

This site contains no links.

Subject Issuer Validity Valid
*.s3.amazonaws.com
Amazon
2021-12-15 -
2022-12-03
a year crt.sh
*.s3-eu-west-1.amazonaws.com
Amazon
2021-12-17 -
2022-12-07
a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2
2022-07-10 -
2023-08-11
a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1
2022-01-10 -
2023-02-10
a year crt.sh

This page contains 1 frames:

Primary Page: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Frame ID: 334C3A11954289AAFE9CDDAA9D953FC6
Requests: 107 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27 Page URL
  2. http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /bugsnag.*\.js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

107
Requests

21 %
HTTPS

25 %
IPv6

6
Domains

8
Subdomains

8
IPs

4
Countries

539 kB
Transfer

774 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27 Page URL
  2. http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://java.com/js/deployJava.js HTTP 302
  • https://www.java.com/js/deployJava.js
Request Chain 54
  • https://java.com/js/deployJava.js HTTP 302
  • https://www.java.com/js/deployJava.js

107 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
ae3628704f0bffcf
messages.micrasoft-395office.com/
35 KB
12 KB
Document
General
Full URL
http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
b25c59bdaeff213940971d55b162cf850e4d00a94fe2e1ac54fd1ad4570fe929
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 28 Sep 2022 10:02:19 GMT
ETag
W/"b25c59bdaeff213940971d55b162cf85"
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Host-Info
lw-prod-eu-i-0c8c60e3b9e5fc665 ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Permitted-Cross-Domain-Policies
none
X-Request-Id
c11cbc33-78bc-4068-95fe-8be74041457d
X-Runtime
0.014762
X-XSS-Protection
1; mode=block
alt_pixel_click_36287f0bff.gif
messages.micrasoft-395office.com/
0
0

plugin_detect.js
tslp.s3.amazonaws.com/detect/
49 KB
49 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=36287f0bff&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.79.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:20 GMT
x-amz-version-id
null
Last-Modified
Wed, 15 Feb 2017 17:56:07 GMT
Server
AmazonS3
x-amz-request-id
03J8GR5CREQC6YQV
ETag
"00a513f07603df01e3b99be00f370754"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
50085
x-amz-id-2
BkdUBUb70rzbC0x7TaZ67Y1yx6NfqNaISLlexiHNJPJvSezZtjigUks45K9LhnZv0uNswvefEvg=
java.js
tslp.s3.amazonaws.com/detect/
50 KB
50 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/java.js?guid=36287f0bff&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.79.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
4805fc6abdad8075af2165e241b781c3073d4769ae725e4004bf79064acb5f24

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:20 GMT
x-amz-version-id
null
Last-Modified
Wed, 15 Feb 2017 14:38:28 GMT
Server
AmazonS3
x-amz-request-id
03JFXZ9Z86119SJD
ETag
"2bec0061039dc3fb25fc20aaf611d5b9"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
50717
x-amz-id-2
p7HIVf+DEbJ4uE/JlBnaoRXYdGaayN4dicDftBzvZrg9ycQdyvS+0o9GJUwMgOfnbrnXTY1womU=
deployJava.js
www.java.com/js/
Redirect Chain
  • https://java.com/js/deployJava.js
  • https://www.java.com/js/deployJava.js
18 KB
6 KB
Script
General
Full URL
https://www.java.com/js/deployJava.js
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol
H2
Server
2a02:26f0:dc:183::196 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
358bb442f5d81ddc8e393d922458a9d84010efee2c346763ae87a45be92224d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 10:02:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
akamai-grn
, , , 0.e7611702.1664359339.b0f12ca2
x-oracle-dms-rid
0
content-disposition
attachment; filename="deployJava.js";filename*=UTF-8''deployJava.js
server-timing
cdn-cache; desc=HIT, edge; dur=26
content-length
5512
x-xss-protection
1
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
etag
D07B023847CD4DC5C4ED4AB4FC46AD47BDD6E99A0663:19
vary
Accept-Encoding
x-oracle-dms-ecid
45ef283e-e669-41bc-8d48-f79320634a9c-007e0f41
content-type
application/javascript
cache-control
public, max-age=86400
expires
Thu, 29 Sep 2022 10:02:19 GMT

Redirect headers

date
Wed, 28 Sep 2022 10:02:19 GMT
server
AkamaiGHost
akamai-grn
0.90a02417.1664359339.27dcfe92
location
https://www.java.com/js/deployJava.js
cache-control
max-age=86400
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
0
x-xss-protection
1
expires
Thu, 29 Sep 2022 10:02:19 GMT
flash.js
tslp.s3.amazonaws.com/detect/
7 KB
7 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/flash.js?guid=36287f0bff&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.79.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
a26d01d5912459798481786640dc44fd7605d09f2f9e6dd24720205efcab6861

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:20 GMT
x-amz-version-id
null
Last-Modified
Wed, 15 Feb 2017 03:54:01 GMT
Server
AmazonS3
x-amz-request-id
03JB0H4W5QPG407K
ETag
"f9ad9a096894ba248e4a1f73e7eba1be"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
6680
x-amz-id-2
TIkqMElfWbVEq243Q/YqApJ0o+8mesevmCDt29wLavlJHkEeUKiimsNLxqeny+XoQWbhCnunM04=
pdf.js
tslp.s3.amazonaws.com/detect/
22 KB
23 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/pdf.js?guid=36287f0bff&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.79.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
d9b7c6163477008469af64b211e2dbd4f4171b85b51e3714f11c99f9ba2c32f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:20 GMT
x-amz-version-id
null
Last-Modified
Wed, 15 Feb 2017 14:39:34 GMT
Server
AmazonS3
x-amz-request-id
03JDMHQZC3HNVVHX
ETag
"0d5882d41c8b6e40059c8d9acbcf1518"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
22855
x-amz-id-2
hL5HiAHpSxCeWdBEQWqlG6dmTwPz3Sa2mfWl6e4BbeyJEBBu438VG5TCkZY2S3FDT1OYNMFihRc=
quicktime.js
tslp.s3.amazonaws.com/detect/
7 KB
7 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/quicktime.js?guid=36287f0bff&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.79.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
6ae53963f41133561c78b4332b564c01f551c471cd91d980436a9f5dacdd8f19

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:20 GMT
x-amz-version-id
null
Last-Modified
Wed, 15 Feb 2017 14:41:05 GMT
Server
AmazonS3
x-amz-request-id
03JC1YK6WWXQC7ZY
ETag
"ee73f2f47d51116dc40b85a6b57eaf20"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
6999
x-amz-id-2
5wjP+qLYuMcceDwboiMvSVOy9MaBOsXIh0vAklEILoIprYdwSO96G9qzYymGYKc7HdEnJajFIhI=
realplayer.js
tslp.s3.amazonaws.com/detect/
10 KB
10 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/realplayer.js?guid=36287f0bff&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.79.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
88be902cc76b5ec1ec932b6ae93457b6b0ca69d7a36bfadefc2f24db225dc238

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:20 GMT
x-amz-version-id
null
Last-Modified
Wed, 15 Feb 2017 14:45:02 GMT
Server
AmazonS3
x-amz-request-id
03J7AKPT5KKPPSRF
ETag
"3d7be656672c16a34806c13388410325"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
9775
x-amz-id-2
v7RDCDZDWl+ZwEAFl1RqSqVtiGsJFo5GpTWXD4xVvfndc6PNlvgeO2r1XKAfj+lDP155soU1IeM=
silverlight.js
tslp.s3.amazonaws.com/detect/
4 KB
5 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/silverlight.js?guid=36287f0bff&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.79.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
0730a7e6770925fa4232096e4d9874514985ec791a63fe873f0e4e3cd7722381

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:20 GMT
x-amz-version-id
null
Last-Modified
Wed, 15 Feb 2017 18:00:03 GMT
Server
AmazonS3
x-amz-request-id
03JACX4DST7WMN02
ETag
"e6dd596d2bc204ea573b868b92028c26"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
4234
x-amz-id-2
HhSMmLAzLO3D5Jayy2LveluuuLhS9Z/LLyygjuhJTPkf272JUkTE4tjZZanvaDtjTrDUHLlfg5Y=
wmp.js
tslp.s3.amazonaws.com/detect/
6 KB
6 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/wmp.js?guid=36287f0bff&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.79.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
cdb16ca3ddd3cead71121799751fa80d3033375abcdbc5fc84d35fb82c7fc9de

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:20 GMT
x-amz-version-id
null
Last-Modified
Wed, 15 Feb 2017 15:07:14 GMT
Server
AmazonS3
x-amz-request-id
03JAN5TAKRNMS37E
ETag
"ffd2cc77bb64d40beeb5d561fffe1f79"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
5941
x-amz-id-2
wEfnVHAYp+coztctdnkzRJkUxP5sDwgBd1XfAoxcpsO/mO6xRvHwGfCsTfogNKN5vHdIdZlHe0M=
bugsnag-2.min.js
d2wy8f7a9ursnm.cloudfront.net/
6 KB
3 KB
Script
General
Full URL
http://d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol
HTTP/1.1
Server
52.222.206.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-206-51.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 15:53:21 GMT
Content-Encoding
gzip
Via
1.1 920a6dce56a0ee957dbaa3bf4429f8fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-P3
Age
65339
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
2962
Last-Modified
Wed, 10 Aug 2016 00:30:49 GMT
Server
AmazonS3
ETag
"6103bb5e4ec6141e19e1100caafc780c"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Accept-Ranges
bytes
X-Amz-Cf-Id
hCUsExfZ-hlfcI2NsVZ_6CAscPVS5D5Teh9nqCxgRngOTYhsd9xeYw==
jquery.min.js
messages.micrasoft-395office.com/assets/ajax/libs/jquery/1.9.1/
90 KB
32 KB
Script
General
Full URL
http://messages.micrasoft-395office.com/assets/ajax/libs/jquery/1.9.1/jquery.min.js
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:19 GMT
Content-Encoding
gzip
Last-Modified
Thu, 25 Aug 2022 13:01:55 GMT
Server
ThreatSim-Web-Server
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
all.js
messages.micrasoft-395office.com/assets/
28 KB
7 KB
Script
General
Full URL
http://messages.micrasoft-395office.com/assets/all.js?g=36287f0bff
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:19 GMT
Content-Encoding
gzip
Last-Modified
Thu, 25 Aug 2022 13:02:01 GMT
Server
ThreatSim-Web-Server
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Content-Length
7191
Expires
Thu, 31 Dec 2037 23:55:55 GMT
browser_post
messages.micrasoft-395office.com/secure/
0
716 B
XHR
General
Full URL
http://messages.micrasoft-395office.com/secure/browser_post
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

X-NewRelic-ID
XQ4GVVFACQAAU1VQDwQHUw==
tracestate
1506924@nr=0-1-98147-1307432040-4e849638c2fb1f1f----1664359339993
traceparent
00-9c413d24b480a93210b940ded50d2aec-4e849638c2fb1f1f-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6Ijk4MTQ3IiwiYXAiOiIxMzA3NDMyMDQwIiwiaWQiOiI0ZTg0OTYzOGMyZmIxZjFmIiwidHIiOiI5YzQxM2QyNGI0ODBhOTMyMTBiOTQwZGVkNTBkMmFlYyIsInRpIjoxNjY0MzU5MzM5OTkzLCJ0ayI6IjE1MDY5MjQifX0=
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Referer
http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
X-Requested-With
XMLHttpRequest

Response headers

Date
Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
05c597f7-57a1-4679-bd96-55bbb7155597
X-Runtime
0.007192
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding, Accept
Content-Type
image/gif; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
e8490ba9-8aa0-4e08-bea6-2330db7887d1
X-Runtime
0.002584
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
324cabc2-6dcb-464e-b350-aecc146f7a82
X-Runtime
0.019368
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
2409f640-4984-4f1e-9d97-ef0df0b7be1f
X-Runtime
0.002463
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=BrowserDetect%20-%20browser%20%3D%20Chrome&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
546b7e15-62f4-4158-9a9b-ac225c95afd4
X-Runtime
0.002436
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=BrowserDetect%20-%20browser_version%20%3D%20106&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
0c932a87-43f1-408b-adbe-d690548c2d0e
X-Runtime
0.002456
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=BrowserDetect%20-%20os%20%3D%20Windows&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
65dffe5c-bbaa-4dbe-9f9b-6cd48511a5f2
X-Runtime
0.001961
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=BrowserDetect%20-%20os_version%20%3D%2010&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
8fcb55d9-7e91-4fa2-b5e3-abe3468f6e96
X-Runtime
0.003274
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
74a90de9-1d0c-427f-88a3-3ace8c65b5fe
X-Runtime
0.002922
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
6380f6d7-0e6a-4eba-82c3-c6d667858937
X-Runtime
0.003173
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=BrowserDetect%20-%20width%20%3D%201600&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
0c91957f-58b1-4c08-8b5b-3dbe40257e51
X-Runtime
0.002989
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=BrowserDetect%20-%20height%20%3D%201200&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
42c6b23c-b649-4a90-9f64-3aa50f4b9b4f
X-Runtime
0.002437
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Plugin&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
1f480839-d029-4d28-8270-637809a0d9d5
X-Runtime
0.003357
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Viewer&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
2bfbc2e4-a8ef-4a26-aa5d-2240c728542e
X-Runtime
0.001930
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=BrowserDetect%20-%20plugin%20Native%20Client&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
fbb45d19-3bd7-41ac-9bd6-3cd6e02a0e3c
X-Runtime
0.003473
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=Chrome%20browser%2C%20using%20more%20detailed%20version&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
3b108745-05e2-476b-aa82-507664986466
X-Runtime
0.003012
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
da6ab53a-9bf5-49b2-8574-3709cc8a9bad
X-Runtime
0.003140
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=java_version_pl%20%3D%20unknown&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
b7a036e8-ae33-4acc-b58e-845e0f4b0760
X-Runtime
0.003391
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
c803bba5-4e8b-4456-90ed-21a15bbd7d36
X-Runtime
0.002158
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=java_version_jres%20%3D%20unknown&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
6e4d0946-6a98-4602-a115-1a6068ce1ce6
X-Runtime
0.002291
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=java_version%20%3D%20undefined&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
411ad7ac-e7ab-4183-8fd3-a15b56a79834
X-Runtime
0.002191
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=Loading%20flash%20version&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
6272d967-cd9d-43e6-813b-8bf593dfd5ee
X-Runtime
0.002322
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=flash%20%3D%20unknown&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
8481642e-6ebd-45aa-bacb-56ab1b3b213b
X-Runtime
0.003050
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=Loading%20pdf%20version&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
185a2d42-c003-4754-b84c-a62aa51ae145
X-Runtime
0.003107
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=Could%20not%20find%20AdobeReader%20version&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
7516d97f-2b6a-4658-a245-e43e4dd16e70
X-Runtime
0.002530
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=pdf%20%3D%20unknown&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
8d346b23-dfc4-48f8-8d7b-abb147dcad50
X-Runtime
0.002593
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=Loading%20quicktime%20version&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
d30d8679-dfe6-420a-a92e-9a6035d587fa
X-Runtime
0.001835
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=quicktime%20%3D%20unknown&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
355721f8-7305-496c-bcf4-2ed1d7bf1281
X-Runtime
0.004666
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=Loading%20RealPlayer%20version&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
939528c8-83c5-47e1-890b-e8cd429215df
X-Runtime
0.002608
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=realplayer%20%3D%20unknown&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
a9152332-33d9-443d-8235-4131ecf4de6b
X-Runtime
0.002347
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=Loading%20Silverlight%20version&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
a9bcfbf0-943c-4582-9ca4-058acb1dcdb2
X-Runtime
0.002406
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=silverlight%20%3D%20unknown&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
8dcee4b4-4e51-463b-bb25-4ba2ff06c172
X-Runtime
0.002489
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
0292d6a2-2f95-40f6-9042-d355f553c42a
X-Runtime
0.002315
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=wmp%20%3D%20unknown&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
fde69de5-cdde-401c-8bb1-7aa1332715ba
X-Runtime
0.002347
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=redirecting%20to%20%2Fload_training%3Fguid%3D563628725f0bff7c%26correlation_id%3D59380ee4-4403-4cda-80dd-6eae493a761e&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
f415cae5-a8fd-40fa-946f-25e503d45d5f
X-Runtime
0.001936
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=36287f0bff&msg=browser_post_successful&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
bb51c194-936b-4947-a0dd-dc80ae366c81
X-Runtime
0.002297
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Primary Request load_training
messages.micrasoft-395office.com/
68 KB
17 KB
Document
General
Full URL
http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/assets/all.js?g=36287f0bff
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
68bb10788acbb6715bdaaf56145035dce38b6c5ecd4298e91901107962d7f65d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://messages.micrasoft-395office.com/ae3628704f0bffcf?l=27
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 28 Sep 2022 10:02:21 GMT
ETag
W/"68bb10788acbb6715bdaaf56145035dc"
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Host-Info
lw-prod-eu-i-0c8c60e3b9e5fc665 ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Permitted-Cross-Domain-Policies
none
X-Request-Id
17b484f3-71f8-4442-9ee0-c741e5e0227f
X-Runtime
0.021064
X-XSS-Protection
1; mode=block
bugsnag-2.min.js
d2wy8f7a9ursnm.cloudfront.net/
6 KB
3 KB
Script
General
Full URL
http://d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Protocol
HTTP/1.1
Server
52.222.206.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-206-51.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 15:53:21 GMT
Content-Encoding
gzip
Via
1.1 920a6dce56a0ee957dbaa3bf4429f8fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-P3
Age
65341
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
2962
Last-Modified
Wed, 10 Aug 2016 00:30:49 GMT
Server
AmazonS3
ETag
"6103bb5e4ec6141e19e1100caafc780c"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Accept-Ranges
bytes
X-Amz-Cf-Id
f97Bz1JeMAWm_qr9zFri8dA13mu9aiWchj6HH7U0aMRCGvzAkV-oEg==
jquery.min.js
messages.micrasoft-395office.com/assets/ajax/libs/jquery/1.11.0/
94 KB
33 KB
Script
General
Full URL
http://messages.micrasoft-395office.com/assets/ajax/libs/jquery/1.11.0/jquery.min.js
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 25 Aug 2022 13:01:55 GMT
Server
ThreatSim-Web-Server
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
plugin_detect.js
tslp.s3.amazonaws.com/detect/
49 KB
49 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=36287f0bff&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.79.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:22 GMT
x-amz-version-id
null
Last-Modified
Wed, 15 Feb 2017 17:56:07 GMT
Server
AmazonS3
x-amz-request-id
SDQANMF9X3QH92TN
ETag
"00a513f07603df01e3b99be00f370754"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
50085
x-amz-id-2
sybXBHkHKf4YiW7IufUrWL24aEc3FAD7zvxgkndOSS75VQ+vacwCqyExMNYUn3Qn5eb/ch8gdEQ=
java.js
tslp.s3.amazonaws.com/detect/
50 KB
50 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/java.js?guid=36287f0bff&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.79.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
4805fc6abdad8075af2165e241b781c3073d4769ae725e4004bf79064acb5f24

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:22 GMT
x-amz-version-id
null
Last-Modified
Wed, 15 Feb 2017 14:38:28 GMT
Server
AmazonS3
x-amz-request-id
SDQ6R4DXK0SNAHQF
ETag
"2bec0061039dc3fb25fc20aaf611d5b9"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
50717
x-amz-id-2
GsFdODkBhzR9bfohqdJRNoMa8pJtINdcZXfa2j/Fjoh7OKDiGnzR5jcUpJGSoQSeB9sVxE++v0w=
deployJava.js
www.java.com/js/
Redirect Chain
  • https://java.com/js/deployJava.js
  • https://www.java.com/js/deployJava.js
18 KB
6 KB
Script
General
Full URL
https://www.java.com/js/deployJava.js
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Protocol
H2
Server
2a02:26f0:dc:183::196 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
358bb442f5d81ddc8e393d922458a9d84010efee2c346763ae87a45be92224d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 10:02:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
akamai-grn
, , , 0.e7611702.1664359341.b0f14ca5
x-oracle-dms-rid
0
content-disposition
attachment; filename="deployJava.js";filename*=UTF-8''deployJava.js
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
5512
x-xss-protection
1
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
etag
D07B023847CD4DC5C4ED4AB4FC46AD47BDD6E99A0663:19
vary
Accept-Encoding
x-oracle-dms-ecid
45ef283e-e669-41bc-8d48-f79320634a9c-007e0f41
content-type
application/javascript
cache-control
public, max-age=86400
expires
Thu, 29 Sep 2022 10:02:21 GMT

Redirect headers

date
Wed, 28 Sep 2022 10:02:21 GMT
server
AkamaiGHost
akamai-grn
0.90a02417.1664359341.27dd1681
location
https://www.java.com/js/deployJava.js
cache-control
max-age=86400
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
0
x-xss-protection
1
expires
Thu, 29 Sep 2022 10:02:21 GMT
flash.js
tslp.s3.amazonaws.com/detect/
7 KB
7 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/flash.js?guid=36287f0bff&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.79.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
a26d01d5912459798481786640dc44fd7605d09f2f9e6dd24720205efcab6861

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:22 GMT
x-amz-version-id
null
Last-Modified
Wed, 15 Feb 2017 03:54:01 GMT
Server
AmazonS3
x-amz-request-id
SDQFZN01CR4P48B7
ETag
"f9ad9a096894ba248e4a1f73e7eba1be"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
6680
x-amz-id-2
5YGzVdCkxsvKjciZwQHOZTMt7AFH+CgI9hKeUwx+L5dYMVQqevG16pkDIf61zmh7y/X3h3NE6Ho=
pdf.js
tslp.s3.amazonaws.com/detect/
22 KB
23 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/pdf.js?guid=36287f0bff&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.79.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
d9b7c6163477008469af64b211e2dbd4f4171b85b51e3714f11c99f9ba2c32f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:22 GMT
x-amz-version-id
null
Last-Modified
Wed, 15 Feb 2017 14:39:34 GMT
Server
AmazonS3
x-amz-request-id
SDQ31Q68STG5YZ91
ETag
"0d5882d41c8b6e40059c8d9acbcf1518"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
22855
x-amz-id-2
fUNxcByyCnd26JeUxCc3llcBth2mlhN05uEihtQnkSIXZeugo0eroeVmhDH6n7+Ppz9kSv4Y21Y=
quicktime.js
tslp.s3.amazonaws.com/detect/
7 KB
7 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/quicktime.js?guid=36287f0bff&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.79.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
6ae53963f41133561c78b4332b564c01f551c471cd91d980436a9f5dacdd8f19

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:22 GMT
x-amz-version-id
null
Last-Modified
Wed, 15 Feb 2017 14:41:05 GMT
Server
AmazonS3
x-amz-request-id
SDQ19AER3D6T6HVS
ETag
"ee73f2f47d51116dc40b85a6b57eaf20"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
6999
x-amz-id-2
mpBO+FJIdycIzyieHNDuyYzl+5clsY4XhO1GvD77GOfNqOre0O28u0J53anJkHNfRvWWWVVXN6s=
realplayer.js
tslp.s3.amazonaws.com/detect/
10 KB
10 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/realplayer.js?guid=36287f0bff&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.79.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
88be902cc76b5ec1ec932b6ae93457b6b0ca69d7a36bfadefc2f24db225dc238

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:22 GMT
x-amz-version-id
null
Last-Modified
Wed, 15 Feb 2017 14:45:02 GMT
Server
AmazonS3
x-amz-request-id
SDQ4T7JRYPZ8TBC5
ETag
"3d7be656672c16a34806c13388410325"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
9775
x-amz-id-2
of0jeS7eNYwgQ9SLRXzoiyY5Nxuqk5QWeAXmx+36bdh8oxZo/KGqFurwRzQzbHaLAuh/sk8QUe4=
silverlight.js
tslp.s3.amazonaws.com/detect/
4 KB
5 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/silverlight.js?guid=36287f0bff&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.79.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
0730a7e6770925fa4232096e4d9874514985ec791a63fe873f0e4e3cd7722381

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:22 GMT
x-amz-version-id
null
Last-Modified
Wed, 15 Feb 2017 18:00:03 GMT
Server
AmazonS3
x-amz-request-id
SDQ6WJP41T11SB7G
ETag
"e6dd596d2bc204ea573b868b92028c26"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
4234
x-amz-id-2
h6y7+rzYcZn+TthBAKXWP/YNti7KHyHwhyq25qcnt6foq5cnx7gVqh+CTnu+9C2Apedo6F0Bl/I=
wmp.js
tslp.s3.amazonaws.com/detect/
6 KB
6 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/wmp.js?guid=36287f0bff&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.79.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
cdb16ca3ddd3cead71121799751fa80d3033375abcdbc5fc84d35fb82c7fc9de

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:22 GMT
x-amz-version-id
null
Last-Modified
Wed, 15 Feb 2017 15:07:14 GMT
Server
AmazonS3
x-amz-request-id
SDQF2BG8NRQT00G1
ETag
"ffd2cc77bb64d40beeb5d561fffe1f79"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
5941
x-amz-id-2
sSP+t39mvMFj70oa7/u/3eFCaEOi16vsqqj0tq2OUFJ3UUcrOTQ8bB2jtk7uodvQ8quFv+iya+o=
res-logo-300px-c9036a.png
ts-eu-uploads.s3-eu-west-1.amazonaws.com/training/production/10744/
9 KB
9 KB
Image
General
Full URL
https://ts-eu-uploads.s3-eu-west-1.amazonaws.com/training/production/10744/res-logo-300px-c9036a.png
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.33.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
51d06f219512dec8108fc9305b53cba3e78613509c26857827f04e719cde07dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:22 GMT
Last-Modified
Wed, 23 Jun 2021 16:17:50 GMT
Server
AmazonS3
x-amz-request-id
SDQ598E60GB6HZYR
ETag
"8e9e6445452d47e42eda1c07a1819099"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
9147
x-amz-id-2
YtCvsEMVCdwbtHwXDn4huJ/59dtPX92fPJOGtjeDKQqFHEU6DMlv3IOZW/QedmsIcQ4eVWRHdb0=
all.js
messages.micrasoft-395office.com/assets/
28 KB
7 KB
Script
General
Full URL
http://messages.micrasoft-395office.com/assets/all.js?guid=36287f0bff&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 25 Aug 2022 13:01:55 GMT
Server
ThreatSim-Web-Server
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Content-Length
7191
Expires
Thu, 31 Dec 2037 23:55:55 GMT
email-link-825ff1.png
tslp.s3.amazonaws.com/training/production/314/
13 KB
14 KB
Image
General
Full URL
https://tslp.s3.amazonaws.com/training/production/314/email-link-825ff1.png
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.79.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
e4e3f828d50fbfe9f6f7783802a424b638f89c8c66f881afdb5490f0f3dc995a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:22 GMT
x-amz-version-id
Qu2oiCk2hDnN088.2PlgydVBeWPtVnE5
Last-Modified
Thu, 24 Oct 2019 12:45:20 GMT
Server
AmazonS3
x-amz-request-id
SDQEEJVPQYZASRAE
ETag
"669af43ab1f782235899ca3b267c6a59"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
13426
x-amz-id-2
BVdbVilQe0mZH/PKD32AUmtg3Z0Sle8GEpIRCok4grmEY/h58vZoHus9m0mBwod+5hWJIMwhDcw=
comp-bad83b.png
tslp.s3.amazonaws.com/training/production/314/
4 KB
5 KB
Image
General
Full URL
https://tslp.s3.amazonaws.com/training/production/314/comp-bad83b.png
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.79.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
9c33c855ff5d739fb06705fd05aff042724a4135c911993d222c5f700ef308c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:22 GMT
x-amz-version-id
BBSZr6_NZTUHwqDxWBkl204iQ6MXfpU5
Last-Modified
Thu, 24 Oct 2019 12:44:47 GMT
Server
AmazonS3
x-amz-request-id
SDQBMY35DN13ZH0A
ETag
"f7e292234bb684ffd2aab275f00efd18"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
4481
x-amz-id-2
HZ26IwIQvqg2NkRMscs3WaaWBVcIg6ZuJyd55kFFRbwUWhNQY6bAyTU0flY6Gu9JrPr72rMcoyE=
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=undefined&msg=window.tracking_id%20is%20not%20set%2C%20let%27s%20get%20it&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
a6132f87-956e-4c67-bd06-14841e1756b0
X-Runtime
0.003536
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=unknown&msg=get-id%20is%20undefined&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
15e6fd8a-b287-41e2-9fdd-7ce69222db9f
X-Runtime
0.003517
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=unknown&msg=did%20not%20find%20guid%20in%20last%20part%20of%20location&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
42148d14-a663-479c-a6b9-af7e041027a6
X-Runtime
0.002267
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=563628725f0bff7c&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
85d0dc91-db69-476d-9b9a-09fbea6b5849
X-Runtime
0.002784
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=563628725f0bff7c&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
1abf9078-b0fa-470b-8cde-1f2984624151
X-Runtime
0.001948
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=563628725f0bff7c&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
8c8ab6ef-fd7a-43c2-bce8-d4e10012f879
X-Runtime
0.002339
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=563628725f0bff7c&msg=BrowserDetect%20-%20browser%20%3D%20Chrome&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
4e75bca9-318b-481a-8062-8fefcf7b2c9f
X-Runtime
0.002572
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=563628725f0bff7c&msg=BrowserDetect%20-%20browser_version%20%3D%20106&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
ab195211-205b-4392-8ad5-cdd12a2c652b
X-Runtime
0.001927
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=563628725f0bff7c&msg=BrowserDetect%20-%20os%20%3D%20Windows&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
d7dc266e-0845-4ba7-a21c-fdc2cf36e92b
X-Runtime
0.002068
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=563628725f0bff7c&msg=BrowserDetect%20-%20os_version%20%3D%2010&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
ad2cae90-bf06-4034-947d-ac9bc5b43886
X-Runtime
0.002312
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=563628725f0bff7c&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
0c12707f-d542-42e9-a549-9c02af722e32
X-Runtime
0.001697
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=563628725f0bff7c&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
15a8403e-2459-4bb2-a225-d6e29019e4e1
X-Runtime
0.002474
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=563628725f0bff7c&msg=BrowserDetect%20-%20width%20%3D%201600&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
381aa2d0-7d89-474e-908f-cffad6e67d6a
X-Runtime
0.003904
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=563628725f0bff7c&msg=BrowserDetect%20-%20height%20%3D%201200&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
33b4bb07-06dc-4991-a215-819f941e6618
X-Runtime
0.003170
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=563628725f0bff7c&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Plugin&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
6b187202-eede-4869-ae46-247dddf7944f
X-Runtime
0.002327
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=563628725f0bff7c&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Viewer&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
953de547-d49c-4314-8638-6f0731eaac2e
X-Runtime
0.002681
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=563628725f0bff7c&msg=BrowserDetect%20-%20plugin%20Native%20Client&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
81d92385-c6cb-4705-bf1c-6fd67057235f
X-Runtime
0.003316
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=563628725f0bff7c&msg=Chrome%20browser%2C%20using%20more%20detailed%20version&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
f1d47053-0c7d-491a-b95e-190c579efdee
X-Runtime
0.001775
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=563628725f0bff7c&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
013e2840-0866-4977-a46a-d3757e514ba9
X-Runtime
0.002117
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0c8c60e3b9e5fc665, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=563628725f0bff7c&msg=java_version_pl%20%3D%20unknown&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
b1d0650b-36fa-4f1c-8606-7123526762dd
X-Runtime
0.002959
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=563628725f0bff7c&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
bd298b6f-44a5-4cb2-86ea-46a25d3771f0
X-Runtime
0.002320
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-0d0ba1f1acab1612e, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=563628725f0bff7c&msg=java_version_jres%20%3D%20unknown&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
d9e4218d-7ee4-4186-912f-7fd8393aba33
X-Runtime
0.002384
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-061cc655cca80585c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
messages.micrasoft-395office.com/
0
687 B
Image
General
Full URL
http://messages.micrasoft-395office.com/trace?id=563628725f0bff7c&msg=java_version%20%3D%20undefined&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Requested by
Host: messages.micrasoft-395office.com
URL: http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
Protocol
HTTP/1.1
Server
99.80.138.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-138-64.eu-west-1.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://messages.micrasoft-395office.com/load_training?guid=563628725f0bff7c&correlation_id=59380ee4-4403-4cda-80dd-6eae493a761e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 10:02:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
f4f97766-0189-4738-b7e7-84205ae3a4df
X-Runtime
0.003641
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-eu-i-07015552f8eaef43c, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache