Submitted URL: http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Effective URL: http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Submission: On September 15 via manual from SG — Scanned from DE

Summary

This website contacted 12 IPs in 3 countries across 8 domains to perform 120 HTTP transactions. The main IP is 13.210.207.204, located in Sydney, Australia and belongs to AMAZON-02, US. The main domain is activation.micrasoft-office365.online.
This is the only time activation.micrasoft-office365.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
69 13.210.207.204 16509 (AMAZON-02)
23 52.216.1.88 16509 (AMAZON-02)
2 104.117.215.95 16625 (AKAMAI-AS)
2 13.32.23.106 16509 (AMAZON-02)
1 142.250.200.10 15169 (GOOGLE)
1 172.217.169.42 15169 (GOOGLE)
1 13.32.23.85 16509 (AMAZON-02)
2 142.250.180.3 15169 (GOOGLE)
1 52.95.128.78 16509 (AMAZON-02)
1 151.101.14.137 54113 (FASTLY)
2 162.247.243.146 13335 (CLOUDFLAR...)
120 12
Domain Requested by
69 activation.micrasoft-office365.online activation.micrasoft-office365.online
23 tslp.s3.amazonaws.com activation.micrasoft-office365.online
tslp.s3.amazonaws.com
2 bam-cell.nr-data.net activation.micrasoft-office365.online
2 fonts.gstatic.com fonts.googleapis.com
2 d2wy8f7a9ursnm.cloudfront.net activation.micrasoft-office365.online
2 java.com activation.micrasoft-office365.online
1 js-agent.newrelic.com activation.micrasoft-office365.online
1 ts-content-ap.s3-ap-southeast-2.amazonaws.com activation.micrasoft-office365.online
1 d25q7gseii1o1q.cloudfront.net tslp.s3.amazonaws.com
1 ajax.googleapis.com activation.micrasoft-office365.online
1 fonts.googleapis.com activation.micrasoft-office365.online
120 11

This site contains links to these domains. Also see Links.

Domain
www.wombatsecurity.com
Subject Issuer Validity Valid
*.s3.amazonaws.com
DigiCert Baltimore CA-2 G2
2021-01-11 -
2022-02-11
a year crt.sh
www.java.com
DigiCert SHA2 Extended Validation Server CA
2019-11-24 -
2022-02-22
2 years crt.sh
upload.video.google.com
GTS CA 1O1
2021-08-30 -
2021-11-22
3 months crt.sh
*.cloudfront.net
Amazon
2021-03-19 -
2022-03-17
a year crt.sh
*.gstatic.com
GTS CA 1C3
2021-08-23 -
2021-11-15
3 months crt.sh
*.s3-ap-southeast-2.amazonaws.com
DigiCert Baltimore CA-2 G2
2021-06-23 -
2022-07-24
a year crt.sh
*.newrelic.com
R3
2021-07-19 -
2021-10-17
3 months crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA
2020-02-05 -
2022-02-08
2 years crt.sh

This page contains 1 frames:

Primary Page: http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Frame ID: 6FF7430D6A6DBF48F9F54BAE7B4994CF
Requests: 120 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37 Page URL
  2. http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /bugsnag.*\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

120
Requests

27 %
HTTPS

0 %
IPv6

8
Domains

11
Subdomains

12
IPs

3
Countries

633 kB
Transfer

905 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37 Page URL
  2. http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

120 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Cookie set eae3e5f838f75f48
activation.micrasoft-office365.online/
33 KB
12 KB
Document
General
Full URL
http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Protocol
HTTP/1.1
Server
13.210.207.204 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-207-204.ap-southeast-2.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
6a87aaa19e6751f43baff9f147e9f74302643c286b57b62313f2f8f5f3cae62e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
activation.micrasoft-office365.online
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Wed, 15 Sep 2021 08:32:29 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Permitted-Cross-Domain-Policies
none
Referrer-Policy
strict-origin-when-cross-origin
ETag
W/"6a87aaa19e6751f43baff9f147e9f743"
Cache-Control
max-age=0, private, must-revalidate
Set-Cookie
EXFILGUID=e3e5f8f75f; path=/ link_clicked_e3e5f8f75f=1; path=/
X-Request-Id
a1934af2-8063-49c2-976e-f7c6c9de5752
X-Runtime
0.024057
X-Host-Info
lw-prod-ap-i-052f698671fa95754 ; 16a2fb2ef64da5f54972094d3bc70bf49e529bb7
Server
ThreatSim-Web-Server
Access-Control-Allow-Origin
*
Content-Encoding
gzip
alt_pixel_click_e3e5f8f75f.gif
activation.micrasoft-office365.online/
0
0

plugin_detect.js
tslp.s3.amazonaws.com/detect/
49 KB
49 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=e3e5f8f75f&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.1.88 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:30 GMT
Last-Modified
Wed, 15 Feb 2017 17:56:07 GMT
Server
AmazonS3
x-amz-request-id
XZ9YYK2X2XQ6WF8J
ETag
"00a513f07603df01e3b99be00f370754"
Content-Type
text/javascript
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
50085
x-amz-id-2
HGYMSzWhnIsfGh+Qc+LFB/91ZsIXeGzRzhvN2Sj8ANqZYa5r3n/taDwvqXU0+RxaRu1TSOkHsMc=
java.js
tslp.s3.amazonaws.com/detect/
50 KB
50 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/java.js?guid=e3e5f8f75f&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.1.88 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
4805fc6abdad8075af2165e241b781c3073d4769ae725e4004bf79064acb5f24

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:30 GMT
Last-Modified
Wed, 15 Feb 2017 14:38:28 GMT
Server
AmazonS3
x-amz-request-id
XZ9S3K3WJR22SE19
ETag
"2bec0061039dc3fb25fc20aaf611d5b9"
Content-Type
text/javascript
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
50717
x-amz-id-2
+++DIGlMIny6lLjNXdWM3UzEHZHgVfZ2rn8gfKvzXTGNZ6H7Xiu74mOaDfHal5eV4ahv6621QFU=
deployJava.js
java.com/js/
18 KB
6 KB
Script
General
Full URL
https://java.com/js/deployJava.js
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.117.215.95 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-117-215-95.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
358bb442f5d81ddc8e393d922458a9d84010efee2c346763ae87a45be92224d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 08:32:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
etag
"D07B023847CD4DC5C4ED4AB4FC46AD47BDD6E99A0663:19"
vary
Accept-Encoding
x-oracle-dms-ecid
2f4a217b-5209-4737-8a82-a0aeb16d69f6-0025d07e
content-type
application/javascript
x-oracle-dms-rid
0
cache-control
public, max-age=86400
content-disposition
attachment; filename="deployJava.js";filename*=UTF-8''deployJava.js
server-timing
cdn-cache; desc=HIT, edge; dur=6
content-length
5512
x-xss-protection
1
expires
Thu, 16 Sep 2021 08:32:29 GMT
flash.js
tslp.s3.amazonaws.com/detect/
7 KB
7 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/flash.js?guid=e3e5f8f75f&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.1.88 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
a26d01d5912459798481786640dc44fd7605d09f2f9e6dd24720205efcab6861

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:30 GMT
Last-Modified
Wed, 15 Feb 2017 03:54:01 GMT
Server
AmazonS3
x-amz-request-id
XZ9WPF2NT1RD0D3C
ETag
"f9ad9a096894ba248e4a1f73e7eba1be"
Content-Type
text/javascript
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
6680
x-amz-id-2
AEe7nlkKOcf41ClgQm+XVez6p47JAKfVPYIFpjjojqaRpQ/J2jnoC9pKcr0EX7Ckymtr6aEhziw=
pdf.js
tslp.s3.amazonaws.com/detect/
22 KB
23 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/pdf.js?guid=e3e5f8f75f&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.1.88 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
d9b7c6163477008469af64b211e2dbd4f4171b85b51e3714f11c99f9ba2c32f9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:30 GMT
Last-Modified
Wed, 15 Feb 2017 14:39:34 GMT
Server
AmazonS3
x-amz-request-id
XZ9M3MFNJPETMGV3
ETag
"0d5882d41c8b6e40059c8d9acbcf1518"
Content-Type
text/javascript
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
22855
x-amz-id-2
swGmIHBu8/oGFFSbolcJ+TmxswNb5Z8qcDJDhyh+NU4VshgZDVw8lkGUOOV/AnvWeU/7Wp3AUZU=
quicktime.js
tslp.s3.amazonaws.com/detect/
7 KB
7 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/quicktime.js?guid=e3e5f8f75f&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.1.88 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
6ae53963f41133561c78b4332b564c01f551c471cd91d980436a9f5dacdd8f19

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:30 GMT
Last-Modified
Wed, 15 Feb 2017 14:41:05 GMT
Server
AmazonS3
x-amz-request-id
XZ9HG2YCYKQ38BPA
ETag
"ee73f2f47d51116dc40b85a6b57eaf20"
Content-Type
text/javascript
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
6999
x-amz-id-2
JgCWDEBZhRq8TRmDT/0z8CSf7OJL7ZokcV5MFUlTk3mfUQTryQxuTEKr7x5gcPvQLl2wZov0PiU=
realplayer.js
tslp.s3.amazonaws.com/detect/
10 KB
10 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/realplayer.js?guid=e3e5f8f75f&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.1.88 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
88be902cc76b5ec1ec932b6ae93457b6b0ca69d7a36bfadefc2f24db225dc238

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:30 GMT
Last-Modified
Wed, 15 Feb 2017 14:45:02 GMT
Server
AmazonS3
x-amz-request-id
XZ9QXRTQV2XPG2JN
ETag
"3d7be656672c16a34806c13388410325"
Content-Type
text/javascript
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
9775
x-amz-id-2
z7AZPMoYhY/CsF8yCMERDnagyRNn57l44EtzdMyBjlKKL7bunv6Q1Wr9fNYOWnS8W4ps9Vjftns=
silverlight.js
tslp.s3.amazonaws.com/detect/
4 KB
5 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/silverlight.js?guid=e3e5f8f75f&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.1.88 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
0730a7e6770925fa4232096e4d9874514985ec791a63fe873f0e4e3cd7722381

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:31 GMT
Last-Modified
Wed, 15 Feb 2017 18:00:03 GMT
Server
AmazonS3
x-amz-request-id
96KGVJCFF9D23R53
ETag
"e6dd596d2bc204ea573b868b92028c26"
Content-Type
text/javascript
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
4234
x-amz-id-2
N3Kg2LP0sKFFF+crQPwvChNzw/r4SHToq5oqqlvfszZ3zrbVdup5V9ZckNf5lBk3a8s6NTeHh40=
wmp.js
tslp.s3.amazonaws.com/detect/
6 KB
6 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/wmp.js?guid=e3e5f8f75f&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.1.88 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
cdb16ca3ddd3cead71121799751fa80d3033375abcdbc5fc84d35fb82c7fc9de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:31 GMT
Last-Modified
Wed, 15 Feb 2017 15:07:14 GMT
Server
AmazonS3
x-amz-request-id
96KN1QYV3KBYBZT3
ETag
"ffd2cc77bb64d40beeb5d561fffe1f79"
Content-Type
text/javascript
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
5941
x-amz-id-2
vvOs9HTMqbx3mjQNT3AcM878sVfvULk36C922ko6sKyWiEMQXFdv2bUfqrUqr88uoIAegtfheOA=
bugsnag-2.min.js
d2wy8f7a9ursnm.cloudfront.net/
6 KB
3 KB
Script
General
Full URL
http://d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Protocol
HTTP/1.1
Server
13.32.23.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-106.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 09 Sep 2021 23:28:50 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 10 Aug 2016 00:30:49 GMT
Server
AmazonS3
Age
464621
ETag
"6103bb5e4ec6141e19e1100caafc780c"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 103eb504d36d97c9f30550032223d996.cloudfront.net (CloudFront)
Cache-Control
public, max-age=604800
X-Amz-Cf-Pop
FRA56-C2
Accept-Ranges
bytes
Content-Length
2962
X-Amz-Cf-Id
jI6H6ELmUglfAxd-beItFmailEZxdJHIGQ1pzU-tlglYDd_7mCwEBw==
jquery.min.js
activation.micrasoft-office365.online/assets/ajax/libs/jquery/1.9.1/
90 KB
32 KB
Script
General
Full URL
http://activation.micrasoft-office365.online/assets/ajax/libs/jquery/1.9.1/jquery.min.js
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Protocol
HTTP/1.1
Server
13.210.207.204 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-207-204.ap-southeast-2.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
activation.micrasoft-office365.online
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
*/*
Referer
http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Cookie
EXFILGUID=e3e5f8f75f; link_clicked_e3e5f8f75f=1
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:29 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Jul 2021 14:51:58 GMT
Server
ThreatSim-Web-Server
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000 public
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
all.js
activation.micrasoft-office365.online/assets/
28 KB
7 KB
Script
General
Full URL
http://activation.micrasoft-office365.online/assets/all.js?g=e3e5f8f75f
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Protocol
HTTP/1.1
Server
13.210.207.204 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-207-204.ap-southeast-2.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
activation.micrasoft-office365.online
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
*/*
Referer
http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Cookie
EXFILGUID=e3e5f8f75f; link_clicked_e3e5f8f75f=1
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:29 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Jul 2021 14:51:58 GMT
Server
ThreatSim-Web-Server
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000 public
Connection
keep-alive
Content-Length
7191
Expires
Thu, 31 Dec 2037 23:55:55 GMT
browser_post
activation.micrasoft-office365.online/secure/
0
865 B
XHR
General
Full URL
http://activation.micrasoft-office365.online/secure/browser_post
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Protocol
HTTP/1.1
Server
13.210.207.204 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-207-204.ap-southeast-2.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Cookie
EXFILGUID=e3e5f8f75f; link_clicked_e3e5f8f75f=1
Origin
http://activation.micrasoft-office365.online
Accept-Encoding
gzip, deflate
tracestate
1506924@nr=0-1-98147-1307572296-887521b36b957c0f----1631694750219
traceparent
00-bde603432fc871de79e8b82d12a1ff20-887521b36b957c0f-01
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6Ijk4MTQ3IiwiYXAiOiIxMzA3NTcyMjk2IiwiaWQiOiI4ODc1MjFiMzZiOTU3YzBmIiwidHIiOiJiZGU2MDM0MzJmYzg3MWRlNzllOGI4MmQxMmExZmYyMCIsInRpIjoxNjMxNjk0NzUwMjE5LCJ0ayI6IjE1MDY5MjQifX0=
Accept-Language
de-DE,de;q=0.9
X-Requested-With
XMLHttpRequest
Connection
keep-alive
Content-Length
1563
Pragma
no-cache
X-NewRelic-ID
XQ4GVVFACQAAU1RUBwIAVg==
Host
activation.micrasoft-office365.online
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Cache-Control
no-cache
Referer
http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
X-NewRelic-ID
XQ4GVVFACQAAU1RUBwIAVg==
tracestate
1506924@nr=0-1-98147-1307572296-887521b36b957c0f----1631694750219
traceparent
00-bde603432fc871de79e8b82d12a1ff20-887521b36b957c0f-01
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6Ijk4MTQ3IiwiYXAiOiIxMzA3NTcyMjk2IiwiaWQiOiI4ODc1MjFiMzZiOTU3YzBmIiwidHIiOiJiZGU2MDM0MzJmYzg3MWRlNzllOGI4MmQxMmExZmYyMCIsInRpIjoxNjMxNjk0NzUwMjE5LCJ0ayI6IjE1MDY5MjQifX0=
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Referer
http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
X-Requested-With
XMLHttpRequest

Response headers

Date
Wed, 15 Sep 2021 08:32:30 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
b3967ca1-cdff-47e0-bfa3-20bec4f94404
X-Runtime
0.013660
Referrer-Policy
strict-origin-when-cross-origin
X-NewRelic-App-Data
PxQOWVdXDxABV1FVAgcHVVMBFB9AJQwMRBBXDlRdRh1VDFcGVBNsEhZfWRVJAEpWURAEQBsBGVZIARgDU1JQVwhXClINCAMKAlcMTRxQH0BdVFVSBAdcUlFTBAdUVAUCRh1QUg4VBj8=
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-ap-i-052f698671fa95754 ; 16a2fb2ef64da5f54972094d3bc70bf49e529bb7
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
image/gif; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.micrasoft-office365.online/
0
600 B
Image
General
Full URL
http://activation.micrasoft-office365.online/trace?id=e3e5f8f75f&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Protocol
HTTP/1.1
Server
13.210.207.204 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-207-204.ap-southeast-2.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
activation.micrasoft-office365.online
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Cookie
EXFILGUID=e3e5f8f75f; link_clicked_e3e5f8f75f=1
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:30 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
X-Request-Id
1eda564a-4997-4972-ab3e-8a8e85d20d0c
X-Runtime
0.007307
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-ap-i-052f698671fa95754 ; 16a2fb2ef64da5f54972094d3bc70bf49e529bb7
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.micrasoft-office365.online/
0
600 B
Image
General
Full URL
http://activation.micrasoft-office365.online/trace?id=e3e5f8f75f&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Protocol
HTTP/1.1
Server
13.210.207.204 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-207-204.ap-southeast-2.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
activation.micrasoft-office365.online
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Cookie
EXFILGUID=e3e5f8f75f; link_clicked_e3e5f8f75f=1
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:30 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
X-Request-Id
bb032892-0aa2-4c60-b729-8f176698907a
X-Runtime
0.008156
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-ap-i-083bf9df7e9f42a93 ; 16a2fb2ef64da5f54972094d3bc70bf49e529bb7
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.micrasoft-office365.online/
0
600 B
Image
General
Full URL
http://activation.micrasoft-office365.online/trace?id=e3e5f8f75f&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Protocol
HTTP/1.1
Server
13.210.207.204 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-207-204.ap-southeast-2.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
activation.micrasoft-office365.online
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Cookie
EXFILGUID=e3e5f8f75f; link_clicked_e3e5f8f75f=1
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:30 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
X-Request-Id
a5ada9d9-684c-497e-98af-a39e58ceb8b2
X-Runtime
0.003118
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-ap-i-052f698671fa95754 ; 16a2fb2ef64da5f54972094d3bc70bf49e529bb7
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.micrasoft-office365.online/
0
600 B
Image
General
Full URL
http://activation.micrasoft-office365.online/trace?id=e3e5f8f75f&msg=BrowserDetect%20-%20browser%20%3D%20Chrome&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Protocol
HTTP/1.1
Server
13.210.207.204 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-207-204.ap-southeast-2.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
activation.micrasoft-office365.online
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Cookie
EXFILGUID=e3e5f8f75f; link_clicked_e3e5f8f75f=1
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:30 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
X-Request-Id
eb014e87-7b7e-4d2b-a191-f33bba1df5eb
X-Runtime
0.008213
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-ap-i-083bf9df7e9f42a93 ; 16a2fb2ef64da5f54972094d3bc70bf49e529bb7
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.micrasoft-office365.online/
0
600 B
Image
General
Full URL
http://activation.micrasoft-office365.online/trace?id=e3e5f8f75f&msg=BrowserDetect%20-%20browser_version%20%3D%2092&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Protocol
HTTP/1.1
Server
13.210.207.204 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-207-204.ap-southeast-2.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
activation.micrasoft-office365.online
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Cookie
EXFILGUID=e3e5f8f75f; link_clicked_e3e5f8f75f=1
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:30 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
X-Request-Id
284f9eb3-8fd7-47a7-904c-2c4c71176883
X-Runtime
0.009190
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-ap-i-083bf9df7e9f42a93 ; 16a2fb2ef64da5f54972094d3bc70bf49e529bb7
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.micrasoft-office365.online/
0
600 B
Image
General
Full URL
http://activation.micrasoft-office365.online/trace?id=e3e5f8f75f&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Protocol
HTTP/1.1
Server
13.210.207.204 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-207-204.ap-southeast-2.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
activation.micrasoft-office365.online
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Cookie
EXFILGUID=e3e5f8f75f; link_clicked_e3e5f8f75f=1
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:30 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
X-Request-Id
022c12ec-81f6-46f5-875a-a0f634009e67
X-Runtime
0.002248
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-ap-i-052f698671fa95754 ; 16a2fb2ef64da5f54972094d3bc70bf49e529bb7
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.micrasoft-office365.online/
0
600 B
Image
General
Full URL
http://activation.micrasoft-office365.online/trace?id=e3e5f8f75f&msg=BrowserDetect%20-%20os_version%20%3D%2010&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Protocol
HTTP/1.1
Server
13.210.207.204 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-207-204.ap-southeast-2.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
activation.micrasoft-office365.online
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Cookie
EXFILGUID=e3e5f8f75f; link_clicked_e3e5f8f75f=1
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:30 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
X-Request-Id
9d62de46-3b3c-4cba-818a-26598c38e195
X-Runtime
0.002414
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-ap-i-052f698671fa95754 ; 16a2fb2ef64da5f54972094d3bc70bf49e529bb7
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.micrasoft-office365.online/
0
600 B
Image
General
Full URL
http://activation.micrasoft-office365.online/trace?id=e3e5f8f75f&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Protocol
HTTP/1.1
Server
13.210.207.204 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-207-204.ap-southeast-2.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
activation.micrasoft-office365.online
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Cookie
EXFILGUID=e3e5f8f75f; link_clicked_e3e5f8f75f=1
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:30 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
X-Request-Id
f3cea0c4-355f-43c9-bff4-66947b93309e
X-Runtime
0.004092
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-ap-i-083bf9df7e9f42a93 ; 16a2fb2ef64da5f54972094d3bc70bf49e529bb7
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.micrasoft-office365.online/
0
600 B
Image
General
Full URL
http://activation.micrasoft-office365.online/trace?id=e3e5f8f75f&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Protocol
HTTP/1.1
Server
13.210.207.204 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-207-204.ap-southeast-2.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
activation.micrasoft-office365.online
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Cookie
EXFILGUID=e3e5f8f75f; link_clicked_e3e5f8f75f=1
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:30 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
X-Request-Id
8bd9ece7-ddbd-48e8-b3ed-00c469117ebd
X-Runtime
0.003063
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-ap-i-052f698671fa95754 ; 16a2fb2ef64da5f54972094d3bc70bf49e529bb7
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.micrasoft-office365.online/
0
600 B
Image
General
Full URL
http://activation.micrasoft-office365.online/trace?id=e3e5f8f75f&msg=BrowserDetect%20-%20width%20%3D%201600&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Protocol
HTTP/1.1
Server
13.210.207.204 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-207-204.ap-southeast-2.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
activation.micrasoft-office365.online
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Cookie
EXFILGUID=e3e5f8f75f; link_clicked_e3e5f8f75f=1
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:30 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
X-Request-Id
c4e0ab1b-9b74-49a4-9e4f-92eeeb8e888d
X-Runtime
0.006817
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-ap-i-083bf9df7e9f42a93 ; 16a2fb2ef64da5f54972094d3bc70bf49e529bb7
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.micrasoft-office365.online/
0
600 B
Image
General
Full URL
http://activation.micrasoft-office365.online/trace?id=e3e5f8f75f&msg=BrowserDetect%20-%20height%20%3D%201200&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Protocol
HTTP/1.1
Server
13.210.207.204 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-207-204.ap-southeast-2.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
activation.micrasoft-office365.online
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Cookie
EXFILGUID=e3e5f8f75f; link_clicked_e3e5f8f75f=1
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:30 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
X-Request-Id
a2b69a3f-967f-4445-8b20-6c0c69efe2d1
X-Runtime
0.005647
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-ap-i-083bf9df7e9f42a93 ; 16a2fb2ef64da5f54972094d3bc70bf49e529bb7
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.micrasoft-office365.online/
0
600 B
Image
General
Full URL
http://activation.micrasoft-office365.online/trace?id=e3e5f8f75f&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Plugin&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Protocol
HTTP/1.1
Server
13.210.207.204 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-207-204.ap-southeast-2.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
activation.micrasoft-office365.online
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Cookie
EXFILGUID=e3e5f8f75f; link_clicked_e3e5f8f75f=1
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:30 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
X-Request-Id
985a6f99-a1e9-4d2a-a6ba-b3b641bad782
X-Runtime
0.002873
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-ap-i-052f698671fa95754 ; 16a2fb2ef64da5f54972094d3bc70bf49e529bb7
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.micrasoft-office365.online/
0
600 B
Image
General
Full URL
http://activation.micrasoft-office365.online/trace?id=e3e5f8f75f&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Viewer&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Protocol
HTTP/1.1
Server
13.210.207.204 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-207-204.ap-southeast-2.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
activation.micrasoft-office365.online
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Cookie
EXFILGUID=e3e5f8f75f; link_clicked_e3e5f8f75f=1
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:30 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
X-Request-Id
4a45ea1b-4d3b-48ca-9e61-1f08791e5c3a
X-Runtime
0.002387
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-ap-i-052f698671fa95754 ; 16a2fb2ef64da5f54972094d3bc70bf49e529bb7
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.micrasoft-office365.online/
0
600 B
Image
General
Full URL
http://activation.micrasoft-office365.online/trace?id=e3e5f8f75f&msg=BrowserDetect%20-%20plugin%20Native%20Client&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Protocol
HTTP/1.1
Server
13.210.207.204 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-207-204.ap-southeast-2.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
activation.micrasoft-office365.online
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Cookie
EXFILGUID=e3e5f8f75f; link_clicked_e3e5f8f75f=1
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:31 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
X-Request-Id
7e2af2ce-f257-47e4-b3d4-226840fcbd13
X-Runtime
0.002924
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-ap-i-052f698671fa95754 ; 16a2fb2ef64da5f54972094d3bc70bf49e529bb7
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.micrasoft-office365.online/
0
600 B
Image
General
Full URL
http://activation.micrasoft-office365.online/trace?id=e3e5f8f75f&msg=Chrome%20browser%2C%20using%20more%20detailed%20version&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Protocol
HTTP/1.1
Server
13.210.207.204 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-207-204.ap-southeast-2.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
activation.micrasoft-office365.online
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Cookie
EXFILGUID=e3e5f8f75f; link_clicked_e3e5f8f75f=1
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:31 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
X-Request-Id
aba9d65f-f391-4a9e-ae77-498c7cc25e36
X-Runtime
0.003819
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-ap-i-083bf9df7e9f42a93 ; 16a2fb2ef64da5f54972094d3bc70bf49e529bb7
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.micrasoft-office365.online/
0
600 B
Image
General
Full URL
http://activation.micrasoft-office365.online/trace?id=e3e5f8f75f&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Protocol
HTTP/1.1
Server
13.210.207.204 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-207-204.ap-southeast-2.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
activation.micrasoft-office365.online
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Cookie
EXFILGUID=e3e5f8f75f; link_clicked_e3e5f8f75f=1
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:31 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
X-Request-Id
88717c50-b6d2-4c97-b544-d2c5941b1c9a
X-Runtime
0.002783
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-ap-i-083bf9df7e9f42a93 ; 16a2fb2ef64da5f54972094d3bc70bf49e529bb7
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.micrasoft-office365.online/
0
600 B
Image
General
Full URL
http://activation.micrasoft-office365.online/trace?id=e3e5f8f75f&msg=java_version_pl%20%3D%20unknown&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Protocol
HTTP/1.1
Server
13.210.207.204 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-207-204.ap-southeast-2.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
activation.micrasoft-office365.online
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Cookie
EXFILGUID=e3e5f8f75f; link_clicked_e3e5f8f75f=1
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:31 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
X-Request-Id
1de4410f-435d-495b-bd8e-1831303aff84
X-Runtime
0.002899
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-ap-i-052f698671fa95754 ; 16a2fb2ef64da5f54972094d3bc70bf49e529bb7
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.micrasoft-office365.online/
0
600 B
Image
General
Full URL
http://activation.micrasoft-office365.online/trace?id=e3e5f8f75f&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Protocol
HTTP/1.1
Server
13.210.207.204 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-207-204.ap-southeast-2.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
activation.micrasoft-office365.online
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Cookie
EXFILGUID=e3e5f8f75f; link_clicked_e3e5f8f75f=1
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:31 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
X-Request-Id
11a03174-4411-4a9c-a42b-c8ee6b851220
X-Runtime
0.002729
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-ap-i-083bf9df7e9f42a93 ; 16a2fb2ef64da5f54972094d3bc70bf49e529bb7
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.micrasoft-office365.online/
0
600 B
Image
General
Full URL
http://activation.micrasoft-office365.online/trace?id=e3e5f8f75f&msg=java_version_jres%20%3D%20unknown&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Protocol
HTTP/1.1
Server
13.210.207.204 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-207-204.ap-southeast-2.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
activation.micrasoft-office365.online
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Cookie
EXFILGUID=e3e5f8f75f; link_clicked_e3e5f8f75f=1
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:31 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
X-Request-Id
04a49d97-e132-4ccb-a616-277bc27ad965
X-Runtime
0.002443
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-ap-i-052f698671fa95754 ; 16a2fb2ef64da5f54972094d3bc70bf49e529bb7
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.micrasoft-office365.online/
0
600 B
Image
General
Full URL
http://activation.micrasoft-office365.online/trace?id=e3e5f8f75f&msg=java_version%20%3D%20undefined&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Protocol
HTTP/1.1
Server
13.210.207.204 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-207-204.ap-southeast-2.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
activation.micrasoft-office365.online
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Cookie
EXFILGUID=e3e5f8f75f; link_clicked_e3e5f8f75f=1
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:31 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
X-Request-Id
ae1e35dd-35e3-4ef9-946c-210f43513030
X-Runtime
0.006992
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-ap-i-083bf9df7e9f42a93 ; 16a2fb2ef64da5f54972094d3bc70bf49e529bb7
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.micrasoft-office365.online/
0
600 B
Image
General
Full URL
http://activation.micrasoft-office365.online/trace?id=e3e5f8f75f&msg=Loading%20flash%20version&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Protocol
HTTP/1.1
Server
13.210.207.204 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-207-204.ap-southeast-2.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
activation.micrasoft-office365.online
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Cookie
EXFILGUID=e3e5f8f75f; link_clicked_e3e5f8f75f=1
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:31 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
X-Request-Id
5cd26845-6ca4-44d5-aaaf-0bafe7950e6b
X-Runtime
0.004131
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-ap-i-083bf9df7e9f42a93 ; 16a2fb2ef64da5f54972094d3bc70bf49e529bb7
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.micrasoft-office365.online/
0
0

trace
activation.micrasoft-office365.online/
0
0

trace
activation.micrasoft-office365.online/
0
0

trace
activation.micrasoft-office365.online/
0
0

trace
activation.micrasoft-office365.online/
0
0

trace
activation.micrasoft-office365.online/
0
0

trace
activation.micrasoft-office365.online/
0
0

trace
activation.micrasoft-office365.online/
0
0

trace
activation.micrasoft-office365.online/
0
0

trace
activation.micrasoft-office365.online/
0
0

trace
activation.micrasoft-office365.online/
0
0

trace
activation.micrasoft-office365.online/
0
0

trace
activation.micrasoft-office365.online/
0
0

trace
activation.micrasoft-office365.online/
0
0

Primary Request load_training
activation.micrasoft-office365.online/
38 KB
14 KB
Document
General
Full URL
http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/assets/all.js?g=e3e5f8f75f
Protocol
HTTP/1.1
Server
13.210.207.204 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-207-204.ap-southeast-2.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
d9d689f5925b09eae7d75bda770131253bda583b86cefb07f7a1ee9eaaa425d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
activation.micrasoft-office365.online
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37
Accept-Encoding
gzip, deflate
Cookie
EXFILGUID=e3e5f8f75f; link_clicked_e3e5f8f75f=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/eae3e5f838f75f48?l=37

Response headers

Date
Wed, 15 Sep 2021 08:32:31 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Permitted-Cross-Domain-Policies
none
Referrer-Policy
strict-origin-when-cross-origin
ETag
W/"d9d689f5925b09eae7d75bda77013125"
Cache-Control
max-age=0, private, must-revalidate
X-Request-Id
0713fdf4-69bb-4a5b-b37b-a7c6bd8d3152
X-Runtime
0.019818
X-Host-Info
lw-prod-ap-i-052f698671fa95754 ; 16a2fb2ef64da5f54972094d3bc70bf49e529bb7
Server
ThreatSim-Web-Server
Access-Control-Allow-Origin
*
Content-Encoding
gzip
css
fonts.googleapis.com/
4 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.200.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s29-in-f10.1e100.net
Software
ESF /
Resource Hash
87e5e6d5eea4dd359d5653e1e448a52c6ea8405acf6c97fc44d50aa6ec48bfc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 15 Sep 2021 07:03:30 GMT
server
ESF
date
Wed, 15 Sep 2021 08:32:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 15 Sep 2021 08:32:31 GMT
url.css
tslp.s3.amazonaws.com/training/embedded/css/
6 KB
7 KB
Stylesheet
General
Full URL
https://tslp.s3.amazonaws.com/training/embedded/css/url.css
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.1.88 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
06c7e522070f0323889eebb6103dd7f275ee21ca227cc6b02772177a6f588c18

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:32 GMT
Last-Modified
Thu, 14 Nov 2019 18:45:05 GMT
Server
AmazonS3
x-amz-request-id
X0B3T90YP1MZT6X2
ETag
"42ffc75791c6888656c6dcd917e01b0a"
Content-Type
text/css
x-amz-version-id
Vg2l3Ujt..dWEUTM.wAgeeS0VPOkosXz
Accept-Ranges
bytes
Content-Length
6314
x-amz-id-2
YTxplj9y3hzRtclsg/VFNu9mHfzLgVZox/kdBbVWJnDmmCgRZ/Ce47tucapmOfTt+M1zg2ZiRiY=
langdrop.css
tslp.s3.amazonaws.com/training/teachable_moments/css/
2 KB
2 KB
Stylesheet
General
Full URL
https://tslp.s3.amazonaws.com/training/teachable_moments/css/langdrop.css
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.1.88 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
5243766eedfcba70128c2931dbef8875f942b81e39002d80dc0110167d4ef742

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:32 GMT
Last-Modified
Thu, 14 Nov 2019 18:45:12 GMT
Server
AmazonS3
x-amz-request-id
X0BCXY4R92C86P3F
ETag
"bc7f970ad0f163bc72c9ae9aa09e1cde"
Content-Type
text/css
x-amz-version-id
tSjM6y2TOrD9IlYTH3Kk3oN6LI49V3eZ
Accept-Ranges
bytes
Content-Length
1713
x-amz-id-2
HTJFJD1yjcij5H6YPhY8tGxMoOjs717tvt84BvzEkRD0lpYDFG5kDtiBj8paCqiBfJeyCvwYumY=
bugsnag-2.min.js
d2wy8f7a9ursnm.cloudfront.net/
6 KB
3 KB
Script
General
Full URL
http://d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Protocol
HTTP/1.1
Server
13.32.23.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-106.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 09 Sep 2021 23:28:50 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 10 Aug 2016 00:30:49 GMT
Server
AmazonS3
Age
464623
ETag
"6103bb5e4ec6141e19e1100caafc780c"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 103eb504d36d97c9f30550032223d996.cloudfront.net (CloudFront)
Cache-Control
public, max-age=604800
X-Amz-Cf-Pop
FRA56-C2
Accept-Ranges
bytes
Content-Length
2962
X-Amz-Cf-Id
KpeU3jxhz3fa6JCmlM3uozdI9JZhlPdFXiFdzbEJrHwAfPcU-tUZNQ==
jquery.min.js
activation.micrasoft-office365.online/assets/ajax/libs/jquery/1.11.0/
94 KB
33 KB
Script
General
Full URL
http://activation.micrasoft-office365.online/assets/ajax/libs/jquery/1.11.0/jquery.min.js
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Protocol
HTTP/1.1
Server
13.210.207.204 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-207-204.ap-southeast-2.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
activation.micrasoft-office365.online
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
*/*
Referer
http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Cookie
EXFILGUID=e3e5f8f75f; link_clicked_e3e5f8f75f=1
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Jul 2021 14:51:58 GMT
Server
ThreatSim-Web-Server
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000 public
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
plugin_detect.js
tslp.s3.amazonaws.com/detect/
49 KB
49 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=e3e5f8f75f&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.1.88 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:32 GMT
Last-Modified
Wed, 15 Feb 2017 17:56:07 GMT
Server
AmazonS3
x-amz-request-id
X0B0Z1PMEV098X88
ETag
"00a513f07603df01e3b99be00f370754"
Content-Type
text/javascript
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
50085
x-amz-id-2
9TIKQDzvHpCrQjr67FcAkM5E/+EeHdYKGX0asMVeJFlPoVQCAU+2rbbQL+9TI0yVfi5mTBvBV0I=
java.js
tslp.s3.amazonaws.com/detect/
50 KB
50 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/java.js?guid=e3e5f8f75f&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.1.88 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
4805fc6abdad8075af2165e241b781c3073d4769ae725e4004bf79064acb5f24

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:32 GMT
Last-Modified
Wed, 15 Feb 2017 14:38:28 GMT
Server
AmazonS3
x-amz-request-id
X0B4WK8RD9ZK77KJ
ETag
"2bec0061039dc3fb25fc20aaf611d5b9"
Content-Type
text/javascript
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
50717
x-amz-id-2
0gncYQrZ3uhwjWE5cKSSEMU/ZrLYKGjtd8sv6ozBtnBdGJhqQRhjrTfN3Tw3q0q5+tgqhDTnXz0=
deployJava.js
java.com/js/
18 KB
6 KB
Script
General
Full URL
https://java.com/js/deployJava.js
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.117.215.95 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-117-215-95.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
358bb442f5d81ddc8e393d922458a9d84010efee2c346763ae87a45be92224d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 08:32:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
etag
"D07B023847CD4DC5C4ED4AB4FC46AD47BDD6E99A0663:19"
vary
Accept-Encoding
x-oracle-dms-ecid
2f4a217b-5209-4737-8a82-a0aeb16d69f6-0025d07e
content-type
application/javascript
x-oracle-dms-rid
0
cache-control
public, max-age=86400
content-disposition
attachment; filename="deployJava.js";filename*=UTF-8''deployJava.js
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
5512
x-xss-protection
1
expires
Thu, 16 Sep 2021 08:32:31 GMT
flash.js
tslp.s3.amazonaws.com/detect/
7 KB
7 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/flash.js?guid=e3e5f8f75f&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.1.88 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
a26d01d5912459798481786640dc44fd7605d09f2f9e6dd24720205efcab6861

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:32 GMT
Last-Modified
Wed, 15 Feb 2017 03:54:01 GMT
Server
AmazonS3
x-amz-request-id
X0B2VHJPRD43151J
ETag
"f9ad9a096894ba248e4a1f73e7eba1be"
Content-Type
text/javascript
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
6680
x-amz-id-2
kbrqJ3GUwqd5hxBzp1MdV3zP6C38PWUIE1ENln7HGCF/geeDm7oWT65K8fh+Luxeal41IwkRqYM=
pdf.js
tslp.s3.amazonaws.com/detect/
22 KB
23 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/pdf.js?guid=e3e5f8f75f&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.1.88 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
d9b7c6163477008469af64b211e2dbd4f4171b85b51e3714f11c99f9ba2c32f9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:32 GMT
Last-Modified
Wed, 15 Feb 2017 14:39:34 GMT
Server
AmazonS3
x-amz-request-id
X0B88FECKC3G0TYW
ETag
"0d5882d41c8b6e40059c8d9acbcf1518"
Content-Type
text/javascript
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
22855
x-amz-id-2
7nBCj4SSIKtlCbA10fkMBZhvBBZooyx83A4Ge/fXPTpN6O859hCeNOIne1l2Sc0ABiVr6gDv64E=
quicktime.js
tslp.s3.amazonaws.com/detect/
7 KB
7 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/quicktime.js?guid=e3e5f8f75f&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.1.88 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
6ae53963f41133561c78b4332b564c01f551c471cd91d980436a9f5dacdd8f19

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:32 GMT
Last-Modified
Wed, 15 Feb 2017 14:41:05 GMT
Server
AmazonS3
x-amz-request-id
X0B0PWYC98EAMG46
ETag
"ee73f2f47d51116dc40b85a6b57eaf20"
Content-Type
text/javascript
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
6999
x-amz-id-2
h0kgnbKfyu48q8H9VOin7Y894IhufHRh9ymPEljF7OqR2ptHvuttp0L5ZAl34XJY+xODSIz1jL4=
realplayer.js
tslp.s3.amazonaws.com/detect/
10 KB
10 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/realplayer.js?guid=e3e5f8f75f&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.1.88 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
88be902cc76b5ec1ec932b6ae93457b6b0ca69d7a36bfadefc2f24db225dc238

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:32 GMT
Last-Modified
Wed, 15 Feb 2017 14:45:02 GMT
Server
AmazonS3
x-amz-request-id
X0B25ECM2QTCVDED
ETag
"3d7be656672c16a34806c13388410325"
Content-Type
text/javascript
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
9775
x-amz-id-2
iwNVnfwTDyF+daB4dyTmUjfUCdaPbSa8oP3Eicy8d5Wutx2cwgE4qBFA2REyhvIObBUPusLA8Hk=
silverlight.js
tslp.s3.amazonaws.com/detect/
4 KB
5 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/silverlight.js?guid=e3e5f8f75f&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.1.88 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
0730a7e6770925fa4232096e4d9874514985ec791a63fe873f0e4e3cd7722381

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:32 GMT
Last-Modified
Wed, 15 Feb 2017 18:00:03 GMT
Server
AmazonS3
x-amz-request-id
X0BAM0SKKYV6QQMD
ETag
"e6dd596d2bc204ea573b868b92028c26"
Content-Type
text/javascript
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
4234
x-amz-id-2
8M/4h/ODwxraVJHVdQ/hf3OoFYVoHCoQInO2WN3H/obK9Nmchu8c36pk59QW4KGFHRL8uuD4HK0=
wmp.js
tslp.s3.amazonaws.com/detect/
6 KB
6 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/detect/wmp.js?guid=e3e5f8f75f&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.1.88 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
cdb16ca3ddd3cead71121799751fa80d3033375abcdbc5fc84d35fb82c7fc9de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:32 GMT
Last-Modified
Wed, 15 Feb 2017 15:07:14 GMT
Server
AmazonS3
x-amz-request-id
X0BA602A0RKT8TTX
ETag
"ffd2cc77bb64d40beeb5d561fffe1f79"
Content-Type
text/javascript
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
5941
x-amz-id-2
No2g9bT0L6lgF6z5dqNmwBAeYiYcDYZFKBS8HtQ3fkNPntQbg1hxPnAK0wE2WwegUD8hMGJH4vc=
default.png
tslp.s3.amazonaws.com/training/embedded/
10 KB
10 KB
Image
General
Full URL
https://tslp.s3.amazonaws.com/training/embedded/default.png
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.1.88 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
37c1bad24983b6ac3d9e31b8c76a814cea88f1300e1e24b2f0d15024c5bdedab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:33 GMT
Last-Modified
Thu, 14 Nov 2019 18:45:05 GMT
Server
AmazonS3
x-amz-request-id
3ZA6QHNFJBRRSYTE
ETag
"92a487c56c5c7db7a2bc18ce6bd7aa84"
Content-Type
image/png
x-amz-version-id
C264Mv58ngk0qplyndEl6Yi4W65mhyrp
Accept-Ranges
bytes
Content-Length
10034
x-amz-id-2
W6E6UJhyOopmZLC2SIc9bzSkBjRV/jCc0syYpLVIuqvvO/73QPbl0ZB2owfcEnTQATSZ+ygbkVk=
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.2/
91 KB
34 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.169.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s08-in-f10.1e100.net
Software
sffe /
Resource Hash
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 14:10:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66099
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33621
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Wed, 14 Sep 2022 14:10:53 GMT
language.18071.js
tslp.s3.amazonaws.com/languages/
7 KB
7 KB
Script
General
Full URL
https://tslp.s3.amazonaws.com/languages/language.18071.js
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.1.88 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
eba4750201ea292ceaafeb687f872519bcaa2765a76a8c583bece665b3014b7a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:33 GMT
Last-Modified
Thu, 14 Nov 2019 18:45:04 GMT
Server
AmazonS3
x-amz-request-id
3ZA5H075DDX5H195
ETag
"906aa6146091f2721864efc83676275c"
Content-Type
application/ecmascript
x-amz-version-id
b_6VVgC.R0iKanxo8eQCGb2V7thpHyUn
Accept-Ranges
bytes
Content-Length
6682
x-amz-id-2
WiiMJCy+qEW84TzJw6d1wwHbTvTpeHbjQNwGD447lEY1TcBxs98Y/3SuytG3JE7bfa74uf9QQ5c=
training.js
tslp.s3.amazonaws.com/assets/js/
352 B
773 B
Script
General
Full URL
http://tslp.s3.amazonaws.com/assets/js/training.js
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Protocol
HTTP/1.1
Server
52.216.1.88 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
8a1170223599205267c6ee3a3072855f1727461d9dd1066bb94f39180f963af9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:33 GMT
Last-Modified
Thu, 14 Nov 2019 18:45:04 GMT
Server
AmazonS3
x-amz-request-id
3ZADVXZCRSF71JMT
ETag
"029ab28ca3c245dc425e3f3f6599d480"
Content-Type
application/ecmascript
x-amz-version-id
oPMJQR4dr8a8GRwpJLphOcsbzTKMfWQa
Accept-Ranges
bytes
Content-Length
352
x-amz-id-2
hQIlYldBEuY8znNQotIMHLQYHnKDD5bGQas1rLJJEaTAPR7nla1hZdXQVYn2idujicAQmW0BDCU=
all.js
activation.micrasoft-office365.online/assets/
28 KB
7 KB
Script
General
Full URL
http://activation.micrasoft-office365.online/assets/all.js?guid=e3e5f8f75f&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Protocol
HTTP/1.1
Server
13.210.207.204 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-207-204.ap-southeast-2.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
activation.micrasoft-office365.online
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
*/*
Referer
http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Cookie
EXFILGUID=e3e5f8f75f; link_clicked_e3e5f8f75f=1
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Jul 2021 14:51:58 GMT
Server
ThreatSim-Web-Server
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000 public
Connection
keep-alive
Content-Length
7191
Expires
Thu, 31 Dec 2037 23:55:55 GMT
hooks-a3eab7.png
tslp.s3.amazonaws.com/training/production/314/
5 KB
5 KB
Image
General
Full URL
https://tslp.s3.amazonaws.com/training/production/314/hooks-a3eab7.png
Requested by
Host: tslp.s3.amazonaws.com
URL: https://tslp.s3.amazonaws.com/training/embedded/css/url.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.1.88 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
7789f06bcf267ab54b9bc9c64ea04877c46aa141f67a21a501d908447fd95ebb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tslp.s3.amazonaws.com/training/embedded/css/url.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:33 GMT
Last-Modified
Thu, 14 Nov 2019 18:45:24 GMT
Server
AmazonS3
x-amz-request-id
3ZA10BQEK9MSCTTM
ETag
"3e598c505586e70346fa62d104dd540f"
Content-Type
image/png
x-amz-version-id
lYYEgY_jNpHJ.wNzeHS1ZMyISmYhA1AK
Accept-Ranges
bytes
Content-Length
5003
x-amz-id-2
nEqvw1HLdCbSL/7jvKy5jwgwoxEWhjw9K+AkipCwOly6V+0hfIXjFrxKaAHQdL4/MdgaZoLFmso=
mail.png
d25q7gseii1o1q.cloudfront.net/training/fish/
926 B
1 KB
Image
General
Full URL
https://d25q7gseii1o1q.cloudfront.net/training/fish/mail.png
Requested by
Host: tslp.s3.amazonaws.com
URL: https://tslp.s3.amazonaws.com/training/embedded/css/url.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-85.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a35de3a30e58bf477febca8b47225959f48fd384faf088a218d6bf2251f06cbe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tslp.s3.amazonaws.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 03:49:55 GMT
Via
1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
Last-Modified
Fri, 30 May 2014 15:01:28 GMT
Server
AmazonS3
Age
46094
ETag
"3c506b80d78539262795c9ba59a0631a"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
FRA56-C2
Accept-Ranges
bytes
Content-Length
926
X-Amz-Cf-Id
8xe5rYkMPCxIIzgJnF34ea913M56WYR_tNbwlEe4tddtKOMeV9XR0w==
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v23/
14 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v23/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s32-in-f3.1e100.net
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://activation.micrasoft-office365.online
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 02:40:57 GMT
x-content-type-options
nosniff
age
280295
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:23:25 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 12 Sep 2022 02:40:57 GMT
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s32-in-f3.1e100.net
Software
sffe /
Resource Hash
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://activation.micrasoft-office365.online
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 08 Sep 2021 18:51:43 GMT
x-content-type-options
nosniff
age
567649
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15112
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:23:34 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Sep 2022 18:51:43 GMT
trace
activation.micrasoft-office365.online/
0
600 B
Image
General
Full URL
http://activation.micrasoft-office365.online/trace?id=undefined&msg=window.tracking_id%20is%20not%20set%2C%20let%27s%20get%20it&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Protocol
HTTP/1.1
Server
13.210.207.204 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-207-204.ap-southeast-2.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
activation.micrasoft-office365.online
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Cookie
EXFILGUID=e3e5f8f75f; link_clicked_e3e5f8f75f=1
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:32 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
X-Request-Id
1ec07bc3-fc53-47db-adc7-ac73201fab9a
X-Runtime
0.002758
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-ap-i-052f698671fa95754 ; 16a2fb2ef64da5f54972094d3bc70bf49e529bb7
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.micrasoft-office365.online/
0
600 B
Image
General
Full URL
http://activation.micrasoft-office365.online/trace?id=unknown&msg=get-id%20is%20undefined&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Protocol
HTTP/1.1
Server
13.210.207.204 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-207-204.ap-southeast-2.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
activation.micrasoft-office365.online
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Cookie
EXFILGUID=e3e5f8f75f; link_clicked_e3e5f8f75f=1
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:32 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
X-Request-Id
a60ff85c-c2ed-4ef2-ac29-e5557c4b70a2
X-Runtime
0.004065
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-ap-i-083bf9df7e9f42a93 ; 16a2fb2ef64da5f54972094d3bc70bf49e529bb7
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.micrasoft-office365.online/
0
600 B
Image
General
Full URL
http://activation.micrasoft-office365.online/trace?id=unknown&msg=did%20not%20find%20guid%20in%20last%20part%20of%20location&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Protocol
HTTP/1.1
Server
13.210.207.204 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-207-204.ap-southeast-2.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
activation.micrasoft-office365.online
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Cookie
EXFILGUID=e3e5f8f75f; link_clicked_e3e5f8f75f=1
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:32 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
X-Request-Id
4bee61ce-31ec-4076-b221-430c837bcb8c
X-Runtime
0.006637
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-ap-i-052f698671fa95754 ; 16a2fb2ef64da5f54972094d3bc70bf49e529bb7
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
en-us.json
tslp.s3.amazonaws.com/training/embedded/translations/url/
2 KB
2 KB
XHR
General
Full URL
http://tslp.s3.amazonaws.com/training/embedded/translations/url/en-us.json
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Protocol
HTTP/1.1
Server
52.216.1.88 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
6029db4e8a8928f728f865f2cb26f295ec030e46f621f8296d3af91481e01c27

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
http://activation.micrasoft-office365.online/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:33 GMT
Last-Modified
Thu, 04 Feb 2021 15:41:54 GMT
Server
AmazonS3
x-amz-request-id
3ZA5W6APPWWS9ZYX
ETag
"5113dad20241201a33ab81b33233bd01"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
x-amz-version-id
NPvxp2yO4RmRcJOaZgEm9G1AcuphpyLs
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3000
Accept-Ranges
bytes
Content-Type
application/json
Content-Length
1895
x-amz-id-2
p816r3CmhAP+GARxInzjT0T17TWFzxhTJoRP6j7vWV/hHLKNckFZlbx5rIXna570aiBK/7o1M3w=
log
activation.micrasoft-office365.online/
0
702 B
Image
General
Full URL
http://activation.micrasoft-office365.online/log?id=e3e5f8f75f&campaign_guid=fae60c235c&msg=screenshot%20id%20exists%20with%20environment%20%3D%20production
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Protocol
HTTP/1.1
Server
13.210.207.204 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-207-204.ap-southeast-2.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
activation.micrasoft-office365.online
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Cookie
EXFILGUID=e3e5f8f75f; link_clicked_e3e5f8f75f=1
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:32 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
afa094b2-c15e-4663-8362-2fc96e199b1b
X-Runtime
0.002674
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-ap-i-052f698671fa95754 ; 16a2fb2ef64da5f54972094d3bc70bf49e529bb7
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
image/gif; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
log
activation.micrasoft-office365.online/
0
702 B
Image
General
Full URL
http://activation.micrasoft-office365.online/log?id=e3e5f8f75f&campaign_guid=fae60c235c&msg=screenshot_url%20%3D%20https%3A%2F%2Fts-content-ap.s3-ap-southeast-2.amazonaws.com%2Fproduction%2Fcampaign_emails%2Ffae60c235c%2Fe3e5f8f75f_screenshot.jpg
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Protocol
HTTP/1.1
Server
13.210.207.204 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-207-204.ap-southeast-2.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
activation.micrasoft-office365.online
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Cookie
EXFILGUID=e3e5f8f75f; link_clicked_e3e5f8f75f=1
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:33 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
ea1a5f0d-0967-4be2-8079-ca0dd2b2d90f
X-Runtime
0.023669
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-ap-i-083bf9df7e9f42a93 ; 16a2fb2ef64da5f54972094d3bc70bf49e529bb7
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
image/gif; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
e3e5f8f75f_screenshot.jpg
ts-content-ap.s3-ap-southeast-2.amazonaws.com/production/campaign_emails/fae60c235c/
40 KB
40 KB
Image
General
Full URL
https://ts-content-ap.s3-ap-southeast-2.amazonaws.com/production/campaign_emails/fae60c235c/e3e5f8f75f_screenshot.jpg
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.128.78 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
4460247eca73fa0bafb059719bac80b5f123a2924178ea78c1b2226bcdd251d8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:34 GMT
Last-Modified
Wed, 15 Sep 2021 08:31:10 GMT
Server
AmazonS3
x-amz-request-id
8D0ZGFJ3QPRGPH04
ETag
"9703968a30447c5ca0695fd45ee82e0e"
Content-Type
Accept-Ranges
bytes
Content-Length
41030
x-amz-id-2
mJxPSFm1we/6QlhODt8uX8tu5LXtfIo8sYvM+WlvGA7wDziNpw9tdM/jHoG01YvDUU2oUorOHuU=
log
activation.micrasoft-office365.online/
0
702 B
Image
General
Full URL
http://activation.micrasoft-office365.online/log?id=e3e5f8f75f&campaign_guid=fae60c235c&msg=logo_object%20does%20not%20exist
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Protocol
HTTP/1.1
Server
13.210.207.204 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-207-204.ap-southeast-2.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
activation.micrasoft-office365.online
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Cookie
EXFILGUID=e3e5f8f75f; link_clicked_e3e5f8f75f=1
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:33 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
322dd739-e60a-40ef-9226-3fa17541f8c1
X-Runtime
0.019088
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-ap-i-083bf9df7e9f42a93 ; 16a2fb2ef64da5f54972094d3bc70bf49e529bb7
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
image/gif; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.micrasoft-office365.online/
0
600 B
Image
General
Full URL
http://activation.micrasoft-office365.online/trace?id=7be3e5fbe8f75f7e&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Protocol
HTTP/1.1
Server
13.210.207.204 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-207-204.ap-southeast-2.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
activation.micrasoft-office365.online
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Cookie
EXFILGUID=e3e5f8f75f; link_clicked_e3e5f8f75f=1
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:33 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
X-Request-Id
77a9da19-b4ea-4b7a-a37d-86b5bc33d70e
X-Runtime
0.003077
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-ap-i-052f698671fa95754 ; 16a2fb2ef64da5f54972094d3bc70bf49e529bb7
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.micrasoft-office365.online/
0
600 B
Image
General
Full URL
http://activation.micrasoft-office365.online/trace?id=7be3e5fbe8f75f7e&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Protocol
HTTP/1.1
Server
13.210.207.204 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-207-204.ap-southeast-2.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
activation.micrasoft-office365.online
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Cookie
EXFILGUID=e3e5f8f75f; link_clicked_e3e5f8f75f=1
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:33 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
X-Request-Id
a0198cb0-2328-49e7-b480-fed524471364
X-Runtime
0.002838
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-ap-i-052f698671fa95754 ; 16a2fb2ef64da5f54972094d3bc70bf49e529bb7
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.micrasoft-office365.online/
0
600 B
Image
General
Full URL
http://activation.micrasoft-office365.online/trace?id=7be3e5fbe8f75f7e&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Protocol
HTTP/1.1
Server
13.210.207.204 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-207-204.ap-southeast-2.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
activation.micrasoft-office365.online
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Cookie
EXFILGUID=e3e5f8f75f; link_clicked_e3e5f8f75f=1
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:33 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
X-Request-Id
4eb5be48-3369-4e56-ace6-dfee1442f7f1
X-Runtime
0.004665
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-ap-i-083bf9df7e9f42a93 ; 16a2fb2ef64da5f54972094d3bc70bf49e529bb7
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.micrasoft-office365.online/
0
600 B
Image
General
Full URL
http://activation.micrasoft-office365.online/trace?id=7be3e5fbe8f75f7e&msg=BrowserDetect%20-%20browser%20%3D%20Chrome&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Protocol
HTTP/1.1
Server
13.210.207.204 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-207-204.ap-southeast-2.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
activation.micrasoft-office365.online
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Cookie
EXFILGUID=e3e5f8f75f; link_clicked_e3e5f8f75f=1
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:33 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
X-Request-Id
12ccd14c-72d3-48ff-afa1-ef18a79f72c6
X-Runtime
0.016800
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-ap-i-083bf9df7e9f42a93 ; 16a2fb2ef64da5f54972094d3bc70bf49e529bb7
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.micrasoft-office365.online/
0
600 B
Image
General
Full URL
http://activation.micrasoft-office365.online/trace?id=7be3e5fbe8f75f7e&msg=BrowserDetect%20-%20browser_version%20%3D%2092&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Protocol
HTTP/1.1
Server
13.210.207.204 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-207-204.ap-southeast-2.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
activation.micrasoft-office365.online
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Cookie
EXFILGUID=e3e5f8f75f; link_clicked_e3e5f8f75f=1
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:33 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
X-Request-Id
5db2d9e3-4362-4e8a-a05c-3f57e4875929
X-Runtime
0.002693
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-ap-i-052f698671fa95754 ; 16a2fb2ef64da5f54972094d3bc70bf49e529bb7
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.micrasoft-office365.online/
0
600 B
Image
General
Full URL
http://activation.micrasoft-office365.online/trace?id=7be3e5fbe8f75f7e&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Protocol
HTTP/1.1
Server
13.210.207.204 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-207-204.ap-southeast-2.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
activation.micrasoft-office365.online
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Cookie
EXFILGUID=e3e5f8f75f; link_clicked_e3e5f8f75f=1
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:33 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
X-Request-Id
6ab7c31c-2240-4667-a11b-89b2f38c209f
X-Runtime
0.002803
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-ap-i-052f698671fa95754 ; 16a2fb2ef64da5f54972094d3bc70bf49e529bb7
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.micrasoft-office365.online/
0
600 B
Image
General
Full URL
http://activation.micrasoft-office365.online/trace?id=7be3e5fbe8f75f7e&msg=BrowserDetect%20-%20os_version%20%3D%2010&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Protocol
HTTP/1.1
Server
13.210.207.204 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-207-204.ap-southeast-2.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
activation.micrasoft-office365.online
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Cookie
EXFILGUID=e3e5f8f75f; link_clicked_e3e5f8f75f=1
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:33 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
X-Request-Id
ba50e93b-a5a5-4fc8-bbe1-2b586658743e
X-Runtime
0.006085
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-ap-i-083bf9df7e9f42a93 ; 16a2fb2ef64da5f54972094d3bc70bf49e529bb7
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.micrasoft-office365.online/
0
600 B
Image
General
Full URL
http://activation.micrasoft-office365.online/trace?id=7be3e5fbe8f75f7e&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Protocol
HTTP/1.1
Server
13.210.207.204 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-207-204.ap-southeast-2.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
activation.micrasoft-office365.online
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Cookie
EXFILGUID=e3e5f8f75f; link_clicked_e3e5f8f75f=1
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:33 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
X-Request-Id
d64c85b0-4d77-4fbf-8258-860f3bd34223
X-Runtime
0.004289
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-ap-i-083bf9df7e9f42a93 ; 16a2fb2ef64da5f54972094d3bc70bf49e529bb7
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.micrasoft-office365.online/
0
600 B
Image
General
Full URL
http://activation.micrasoft-office365.online/trace?id=7be3e5fbe8f75f7e&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Protocol
HTTP/1.1
Server
13.210.207.204 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-207-204.ap-southeast-2.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
activation.micrasoft-office365.online
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Cookie
EXFILGUID=e3e5f8f75f; link_clicked_e3e5f8f75f=1
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:33 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
X-Request-Id
0410e18b-785c-49f8-a5c7-727e88fea34d
X-Runtime
0.002390
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-ap-i-052f698671fa95754 ; 16a2fb2ef64da5f54972094d3bc70bf49e529bb7
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.micrasoft-office365.online/
0
600 B
Image
General
Full URL
http://activation.micrasoft-office365.online/trace?id=7be3e5fbe8f75f7e&msg=BrowserDetect%20-%20width%20%3D%201600&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Protocol
HTTP/1.1
Server
13.210.207.204 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-207-204.ap-southeast-2.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
activation.micrasoft-office365.online
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Cookie
EXFILGUID=e3e5f8f75f; link_clicked_e3e5f8f75f=1
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:33 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
X-Request-Id
efe8f5c4-c413-4d19-9242-92bebc962854
X-Runtime
0.002280
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-ap-i-052f698671fa95754 ; 16a2fb2ef64da5f54972094d3bc70bf49e529bb7
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.micrasoft-office365.online/
0
600 B
Image
General
Full URL
http://activation.micrasoft-office365.online/trace?id=7be3e5fbe8f75f7e&msg=BrowserDetect%20-%20height%20%3D%201200&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Protocol
HTTP/1.1
Server
13.210.207.204 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-207-204.ap-southeast-2.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
activation.micrasoft-office365.online
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Cookie
EXFILGUID=e3e5f8f75f; link_clicked_e3e5f8f75f=1
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:33 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
X-Request-Id
c5c73585-abe9-416e-9913-f1d2d802ba4f
X-Runtime
0.006780
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-ap-i-083bf9df7e9f42a93 ; 16a2fb2ef64da5f54972094d3bc70bf49e529bb7
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.micrasoft-office365.online/
0
600 B
Image
General
Full URL
http://activation.micrasoft-office365.online/trace?id=7be3e5fbe8f75f7e&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Plugin&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Protocol
HTTP/1.1
Server
13.210.207.204 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-207-204.ap-southeast-2.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
activation.micrasoft-office365.online
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Cookie
EXFILGUID=e3e5f8f75f; link_clicked_e3e5f8f75f=1
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:33 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
X-Request-Id
b0711f4f-cf5f-4032-bcf1-12bfc7af9909
X-Runtime
0.003499
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-ap-i-083bf9df7e9f42a93 ; 16a2fb2ef64da5f54972094d3bc70bf49e529bb7
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.micrasoft-office365.online/
0
600 B
Image
General
Full URL
http://activation.micrasoft-office365.online/trace?id=7be3e5fbe8f75f7e&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Viewer&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Protocol
HTTP/1.1
Server
13.210.207.204 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-207-204.ap-southeast-2.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
activation.micrasoft-office365.online
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Cookie
EXFILGUID=e3e5f8f75f; link_clicked_e3e5f8f75f=1
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:33 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
X-Request-Id
5da4b0f7-f6f3-41d0-b5dc-2f4bd1b4f90e
X-Runtime
0.003562
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-ap-i-052f698671fa95754 ; 16a2fb2ef64da5f54972094d3bc70bf49e529bb7
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache
trace
activation.micrasoft-office365.online/
0
600 B
Image
General
Full URL
http://activation.micrasoft-office365.online/trace?id=7be3e5fbe8f75f7e&msg=BrowserDetect%20-%20plugin%20Native%20Client&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Requested by
Host: activation.micrasoft-office365.online
URL: http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Protocol
HTTP/1.1
Server
13.210.207.204 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-207-204.ap-southeast-2.compute.amazonaws.com
Software
ThreatSim-Web-Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
activation.micrasoft-office365.online
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
Cookie
EXFILGUID=e3e5f8f75f; link_clicked_e3e5f8f75f=1
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://activation.micrasoft-office365.online/load_training?guid=7be3e5fbe8f75f7e&correlation_id=927b6edb-4272-4ba4-9598-2826b5b15faf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 08:32:33 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
X-Request-Id
81932549-c3ee-4266-ade9-8617f5080538
X-Runtime
0.003784
Referrer-Policy
strict-origin-when-cross-origin
Server
ThreatSim-Web-Server
X-Host-Info
lw-prod-ap-i-052f698671fa95754 ; 16a2fb2ef64da5f54972094d3bc70bf49e529bb7
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache