www.corp-internal.com Open in urlscan Pro
23.23.123.142 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://url.emailprotection.link/?bTc4NblGTqXO45QXc6prvGEbQ0UB0lwA_2Qv4y_GhkzjoriKsreU0a3svzJksuvWoB68Wfx_biQRYJ77gzVzNLa3Bwxm0cb...
Effective URL:
https://www.corp-internal.com/6a846a9703dc058e?l=7
Submission: On March 26 via manual (March 26th 2024, 2:26:12 pm UTC) from US — Scanned from US

Summary HTTP 43 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 1 countries across 4 domains to perform 43 HTTP transactions. The main IP is 23.23.123.142, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.corp-internal.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on November 6th 2023. Valid for: a year.

This is the only time www.corp-internal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	64.78.56.115 64.78.56.115	16406 (AS-INTERM...) (AS-INTERMEDIA)
30	23.23.123.142 23.23.123.142	14618 (AMAZON-AES) (AMAZON-AES)
1	52.216.57.225 52.216.57.225	16509 (AMAZON-02) (AMAZON-02)
1	3.162.7.110 3.162.7.110	16509 (AMAZON-02) (AMAZON-02)
43	5

10 64.78.56.115 (United States)

ASN16406 (AS-INTERMEDIA, US)
PTR: intermedia.net

url.emailprotection.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 23.23.123.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-123-142.compute-1.amazonaws.com

www.corp-internal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.57.225 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

tslp.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.162.7.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-7-110.yul62.r.cloudfront.net

d2wy8f7a9ursnm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	corp-internal.com www.corp-internal.com	53 KB
10	emailprotection.link url.emailprotection.link — Cisco Umbrella Rank: 331298	399 KB
1	cloudfront.net d2wy8f7a9ursnm.cloudfront.net	3 KB
1	amazonaws.com tslp.s3.amazonaws.com — Cisco Umbrella Rank: 743954	49 KB
43	4

	Domain	Requested by
30	www.corp-internal.com	url.emailprotection.link www.corp-internal.com
10	url.emailprotection.link	url.emailprotection.link
1	d2wy8f7a9ursnm.cloudfront.net	www.corp-internal.com
1	tslp.s3.amazonaws.com	www.corp-internal.com
43	4

This site contains no links.

Subject Issuer	Validity	Valid
*.emailprotection.link GeoTrust TLS RSA CA G1	`2023-07-10` - `2024-08-09`	a year	crt.sh
4ooi.co Amazon RSA 2048 M02	`2023-11-06` - `2024-12-03`	a year	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-03`	9 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.corp-internal.com/6a846a9703dc058e?l=7
Frame ID: 3F4B24B84657E2D6D2E23C26933FD6F2
Requests: 43 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://url.emailprotection.link/?bTc4NblGTqXO45QXc6prvGEbQ0UB0lwA_2Qv4y_GhkzjoriKsreU0a3svzJksuvWoB68Wfx_biQ... Page URL
https://www.corp-internal.com/6a846a9703dc058e?l=7 Page URL

Detected technologies

BugSnag (Analytics) Expand

Overall confidence: 100%
Detected patterns

/bugsnag.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

43
Requests

98 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

5
IPs

1
Countries

505 kB
Transfer

697 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://url.emailprotection.link/?bTc4NblGTqXO45QXc6prvGEbQ0UB0lwA_2Qv4y_GhkzjoriKsreU0a3svzJksuvWoB68Wfx_biQRYJ77gzVzNLa3Bwxm0cbX7id4FG5V2XwKvIcotH-pNvIbC-AmOKOQ1 Page URL
https://www.corp-internal.com/6a846a9703dc058e?l=7 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

43 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
url.emailprotection.link/ 5 KB
3 KB 334ms
124ms Document
text/html 64.78.56.115
AS-INTERMEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://url.emailprotection.link/?bTc4NblGTqXO45QXc6prvGEbQ0UB0lwA_2Qv4y_GhkzjoriKsreU0a3svzJksuvWoB68Wfx_biQRYJ77gzVzNLa3Bwxm0cbX7id4FG5V2XwKvIcotH-pNvIbC-AmOKOQ1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.78.56.115 , United States, ASN16406 (AS-INTERMEDIA, US),
Reverse DNS: intermedia.net
Software: nginx /
Resource Hash: fc2dc5f8889d046d7ed399929606ddce53d73b18573184728cb9fc687ae08d70

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 26 Mar 2024 14:26:08 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Robots-Tag: noindex

GET
H/1.1 200
OK new_style.css
url.emailprotection.link/new/css/ 8 KB
2 KB 104ms
102ms Stylesheet
text/css 64.78.56.115
AS-INTERMEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://url.emailprotection.link/new/css/new_style.css
Requested by: Host: url.emailprotection.link
URL: https://url.emailprotection.link/?bTc4NblGTqXO45QXc6prvGEbQ0UB0lwA_2Qv4y_GhkzjoriKsreU0a3svzJksuvWoB68Wfx_biQRYJ77gzVzNLa3Bwxm0cbX7id4FG5V2XwKvIcotH-pNvIbC-AmOKOQ1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.78.56.115 , United States, ASN16406 (AS-INTERMEDIA, US),
Reverse DNS: intermedia.net
Software: nginx /
Resource Hash: 8be2e88f4beed8e6d7c70115a1b71fa50c5da67abbc6e7f393a4960613079069

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://url.emailprotection.link/?bTc4NblGTqXO45QXc6prvGEbQ0UB0lwA_2Qv4y_GhkzjoriKsreU0a3svzJksuvWoB68Wfx_biQRYJ77gzVzNLa3Bwxm0cbX7id4FG5V2XwKvIcotH-pNvIbC-AmOKOQ1
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 26 Mar 2024 14:26:08 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Sep 2023 11:04:24 GMT
Server: nginx
ETag: W/"64f70b38-1e80"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
X-Robots-Tag: noindex

GET
H/1.1 200
OK new_screenshot.js Show response
url.emailprotection.link/new/js/ 1 KB
979 B 311ms
99ms Script
application/javascript 64.78.56.115
AS-INTERMEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://url.emailprotection.link/new/js/new_screenshot.js
Requested by: Host: url.emailprotection.link
URL: https://url.emailprotection.link/?bTc4NblGTqXO45QXc6prvGEbQ0UB0lwA_2Qv4y_GhkzjoriKsreU0a3svzJksuvWoB68Wfx_biQRYJ77gzVzNLa3Bwxm0cbX7id4FG5V2XwKvIcotH-pNvIbC-AmOKOQ1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.78.56.115 , United States, ASN16406 (AS-INTERMEDIA, US),
Reverse DNS: intermedia.net
Software: nginx /
Resource Hash: c92b1aece38d5bae7bfb72e26a5070d5663d40774c7aceb973631025d6e6e592

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://url.emailprotection.link/?bTc4NblGTqXO45QXc6prvGEbQ0UB0lwA_2Qv4y_GhkzjoriKsreU0a3svzJksuvWoB68Wfx_biQRYJ77gzVzNLa3Bwxm0cbX7id4FG5V2XwKvIcotH-pNvIbC-AmOKOQ1
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 26 Mar 2024 14:26:08 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Sep 2023 11:04:24 GMT
Server: nginx
ETag: W/"64f70b38-574"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
X-Robots-Tag: noindex

GET
H/1.1 200
OK tooltipster.css
url.emailprotection.link/new/css/ 10 KB
3 KB 214ms
110ms Stylesheet
text/css 64.78.56.115
AS-INTERMEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://url.emailprotection.link/new/css/tooltipster.css
Requested by: Host: url.emailprotection.link
URL: https://url.emailprotection.link/?bTc4NblGTqXO45QXc6prvGEbQ0UB0lwA_2Qv4y_GhkzjoriKsreU0a3svzJksuvWoB68Wfx_biQRYJ77gzVzNLa3Bwxm0cbX7id4FG5V2XwKvIcotH-pNvIbC-AmOKOQ1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.78.56.115 , United States, ASN16406 (AS-INTERMEDIA, US),
Reverse DNS: intermedia.net
Software: nginx /
Resource Hash: ca8178a737bdd4e6d2394e6c5609d1ca001254667458bb9cd1130bacea58cb86

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://url.emailprotection.link/?bTc4NblGTqXO45QXc6prvGEbQ0UB0lwA_2Qv4y_GhkzjoriKsreU0a3svzJksuvWoB68Wfx_biQRYJ77gzVzNLa3Bwxm0cbX7id4FG5V2XwKvIcotH-pNvIbC-AmOKOQ1
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 26 Mar 2024 14:26:08 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Sep 2023 11:04:24 GMT
Server: nginx
ETag: W/"64f70b38-2965"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
X-Robots-Tag: noindex

GET
H/1.1 200
OK jquery-1.9.1.js Show response
url.emailprotection.link/new/js/libs/ 142 KB
47 KB 421ms
206ms Script
application/javascript 64.78.56.115
AS-INTERMEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://url.emailprotection.link/new/js/libs/jquery-1.9.1.js
Requested by: Host: url.emailprotection.link
URL: https://url.emailprotection.link/?bTc4NblGTqXO45QXc6prvGEbQ0UB0lwA_2Qv4y_GhkzjoriKsreU0a3svzJksuvWoB68Wfx_biQRYJ77gzVzNLa3Bwxm0cbX7id4FG5V2XwKvIcotH-pNvIbC-AmOKOQ1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.78.56.115 , United States, ASN16406 (AS-INTERMEDIA, US),
Reverse DNS: intermedia.net
Software: nginx /
Resource Hash: 6938c77be180b60f67086ac99a2692f9af393675279711f0dad73d541b675964

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://url.emailprotection.link/?bTc4NblGTqXO45QXc6prvGEbQ0UB0lwA_2Qv4y_GhkzjoriKsreU0a3svzJksuvWoB68Wfx_biQRYJ77gzVzNLa3Bwxm0cbX7id4FG5V2XwKvIcotH-pNvIbC-AmOKOQ1
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 26 Mar 2024 14:26:08 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Sep 2023 11:04:24 GMT
Server: nginx
ETag: W/"64f70b38-23758"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
X-Robots-Tag: noindex

GET
H/1.1 200
OK jquery.tooltipster.min.js Show response
url.emailprotection.link/new/js/libs/ 17 KB
6 KB 318ms
103ms Script
application/javascript 64.78.56.115
AS-INTERMEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://url.emailprotection.link/new/js/libs/jquery.tooltipster.min.js
Requested by: Host: url.emailprotection.link
URL: https://url.emailprotection.link/?bTc4NblGTqXO45QXc6prvGEbQ0UB0lwA_2Qv4y_GhkzjoriKsreU0a3svzJksuvWoB68Wfx_biQRYJ77gzVzNLa3Bwxm0cbX7id4FG5V2XwKvIcotH-pNvIbC-AmOKOQ1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.78.56.115 , United States, ASN16406 (AS-INTERMEDIA, US),
Reverse DNS: intermedia.net
Software: nginx /
Resource Hash: e337f687babe708a9f8e6642d7793ee3ed5eb4696cf11e28dd0682a858a591ea

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://url.emailprotection.link/?bTc4NblGTqXO45QXc6prvGEbQ0UB0lwA_2Qv4y_GhkzjoriKsreU0a3svzJksuvWoB68Wfx_biQRYJ77gzVzNLa3Bwxm0cbX7id4FG5V2XwKvIcotH-pNvIbC-AmOKOQ1
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 26 Mar 2024 14:26:08 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Sep 2023 11:04:24 GMT
Server: nginx
ETag: W/"64f70b38-43a9"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
X-Robots-Tag: noindex

GET
H/1.1 200
OK new_scanning.js Show response
url.emailprotection.link/new/js/ 947 B
758 B 320ms
105ms Script
application/javascript 64.78.56.115
AS-INTERMEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://url.emailprotection.link/new/js/new_scanning.js
Requested by: Host: url.emailprotection.link
URL: https://url.emailprotection.link/?bTc4NblGTqXO45QXc6prvGEbQ0UB0lwA_2Qv4y_GhkzjoriKsreU0a3svzJksuvWoB68Wfx_biQRYJ77gzVzNLa3Bwxm0cbX7id4FG5V2XwKvIcotH-pNvIbC-AmOKOQ1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.78.56.115 , United States, ASN16406 (AS-INTERMEDIA, US),
Reverse DNS: intermedia.net
Software: nginx /
Resource Hash: 04ba8897950ca15879762ccae3323b8f0952259461c13c3e90d6d973b213133c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://url.emailprotection.link/?bTc4NblGTqXO45QXc6prvGEbQ0UB0lwA_2Qv4y_GhkzjoriKsreU0a3svzJksuvWoB68Wfx_biQRYJ77gzVzNLa3Bwxm0cbX7id4FG5V2XwKvIcotH-pNvIbC-AmOKOQ1
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 26 Mar 2024 14:26:08 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Sep 2023 11:04:24 GMT
Server: nginx
ETag: W/"64f70b38-3b3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
X-Robots-Tag: noindex

GET
H/1.1 200
OK scanning_70.gif
url.emailprotection.link/new/images/ 30 KB
30 KB 320ms
208ms Image
image/gif 64.78.56.115
AS-INTERMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://url.emailprotection.link/new/images/scanning_70.gif
Requested by: Host: url.emailprotection.link
URL: https://url.emailprotection.link/?bTc4NblGTqXO45QXc6prvGEbQ0UB0lwA_2Qv4y_GhkzjoriKsreU0a3svzJksuvWoB68Wfx_biQRYJ77gzVzNLa3Bwxm0cbX7id4FG5V2XwKvIcotH-pNvIbC-AmOKOQ1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.78.56.115 , United States, ASN16406 (AS-INTERMEDIA, US),
Reverse DNS: intermedia.net
Software: nginx /
Resource Hash: b12ac9e2fa728424155567aa27e3d36d764b33f07d663e496dc178974048a6f8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://url.emailprotection.link/?bTc4NblGTqXO45QXc6prvGEbQ0UB0lwA_2Qv4y_GhkzjoriKsreU0a3svzJksuvWoB68Wfx_biQRYJ77gzVzNLa3Bwxm0cbX7id4FG5V2XwKvIcotH-pNvIbC-AmOKOQ1
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 26 Mar 2024 14:26:08 GMT
Last-Modified: Tue, 05 Sep 2023 11:04:24 GMT
Server: nginx
ETag: "64f70b38-78dd"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex
Content-Length: 30941

GET
H/1.1 200
OK notosans-regular.ttf
url.emailprotection.link/new/fonts/ 306 KB
306 KB 104ms
104ms Font
application/octet-stream 64.78.56.115
AS-INTERMEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://url.emailprotection.link/new/fonts/notosans-regular.ttf
Requested by: Host: url.emailprotection.link
URL: https://url.emailprotection.link/new/css/new_style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.78.56.115 , United States, ASN16406 (AS-INTERMEDIA, US),
Reverse DNS: intermedia.net
Software: nginx /
Resource Hash: c8cff31fcae0edc0e4ffd3628f36361dfc24d71cc5b9793e5ffad8e76e6f182b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://url.emailprotection.link/new/css/new_style.css
Origin: https://url.emailprotection.link
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 26 Mar 2024 14:26:08 GMT
Last-Modified: Tue, 05 Sep 2023 11:04:24 GMT
Server: nginx
ETag: "64f70b38-4c738"
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex
Content-Length: 313144

GET
H/1.1 200
OK favicon.ico
url.emailprotection.link/new/images/ 77 B
332 B 103ms
103ms Other
image/x-icon 64.78.56.115
AS-INTERMEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://url.emailprotection.link/new/images/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.78.56.115 , United States, ASN16406 (AS-INTERMEDIA, US),
Reverse DNS: intermedia.net
Software: nginx /
Resource Hash: a4726c17da1e23c8afa26371cda377460db886588d02acb168afbc7c85e0ecd0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://url.emailprotection.link/?bTc4NblGTqXO45QXc6prvGEbQ0UB0lwA_2Qv4y_GhkzjoriKsreU0a3svzJksuvWoB68Wfx_biQRYJ77gzVzNLa3Bwxm0cbX7id4FG5V2XwKvIcotH-pNvIbC-AmOKOQ1
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 26 Mar 2024 14:26:09 GMT
Last-Modified: Tue, 05 Sep 2023 11:04:24 GMT
Server: nginx
ETag: "64f70b38-4d"
Content-Type: image/x-icon
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex
Content-Length: 77

GET
H2 200 Primary Request 6a846a9703dc058e Show response
www.corp-internal.com/ 3 KB
2 KB 190ms
69ms Document
text/html 23.23.123.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.corp-internal.com/6a846a9703dc058e?l=7

Requested by

Host: url.emailprotection.link
URL: https://url.emailprotection.link/new/js/new_scanning.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.123.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-123-142.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

c0abaeb3980770b43c286ca92f32a3d6ae93feb9e6d8194f20378b1ad28dc95f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://url.emailprotection.link/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 26 Mar 2024 14:26:11 GMT
etag: W/"c0abaeb3980770b43c286ca92f32a3d6"
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-host-info: lw-prod-us-i-0b4ddcf70cad9ae74 ; 518fc85252c184e5a49a43c017fa22c8669fcc4d
x-permitted-cross-domain-policies: none
x-request-id: 509bd646-76a3-4832-a4aa-1f8c39daa493
x-runtime: 0.014687
x-xss-protection: 1; mode=block

GET alt_pixel_click_846a93dc05.gif
www.corp-internal.com/ 0
0

GET
H/1.1 200
OK plugin_detect.js Show response
tslp.s3.amazonaws.com/detect/ 49 KB
49 KB 216ms
101ms Script
text/javascript 52.216.57.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=846a93dc05&correlation_id=60da8031-3055-466b-9c38-ec82f6063a4e
Requested by: Host: www.corp-internal.com
URL: https://www.corp-internal.com/6a846a9703dc058e?l=7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.57.225 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.corp-internal.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 26 Mar 2024 14:26:12 GMT
x-amz-version-id: null
Last-Modified: Wed, 15 Feb 2017 17:56:07 GMT
Server: AmazonS3
x-amz-request-id: 3BKDXX4WZT176F62
ETag: "00a513f07603df01e3b99be00f370754"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 50085
x-amz-id-2: GyQErRmvT8nt3hpMdtandzR62/8hq9Do6WHbbHwXEcJEMDCRh+vhNdobnOo0HINYdjmxHb5yBlE=

GET
H/1.1 200
OK bugsnag-2.min.js Show response
d2wy8f7a9ursnm.cloudfront.net/ 6 KB
3 KB 223ms
71ms Script
application/javascript 3.162.7.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
Requested by: Host: www.corp-internal.com
URL: https://www.corp-internal.com/6a846a9703dc058e?l=7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.7.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-7-110.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.corp-internal.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: null
Content-Encoding: gzip
Via: 1.1 b00903dd6c0e35a04eab89fc03a8023e.cloudfront.net (CloudFront)
Date: Wed, 20 Mar 2024 05:13:32 GMT
X-Amz-Cf-Pop: YUL62-P2
Age: 551559
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 2962
Last-Modified: Wed, 10 Aug 2016 00:30:49 GMT
Server: AmazonS3
ETag: "6103bb5e4ec6141e19e1100caafc780c"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
X-Amz-Cf-Id: 2cB0lzr4IzLd23m9z9b2jJ25xUdkKAitc-DQuyJur42xJNOcfW16tA==

GET
H2 200 jquery.min.js Show response
www.corp-internal.com/assets/ajax/libs/jquery/1.9.1/ 90 KB
32 KB 105ms
104ms Script
application/javascript 23.23.123.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.corp-internal.com/assets/ajax/libs/jquery/1.9.1/jquery.min.js
Requested by: Host: www.corp-internal.com
URL: https://www.corp-internal.com/6a846a9703dc058e?l=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.123.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-23-123-142.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.corp-internal.com/6a846a9703dc058e?l=7
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:26:11 GMT
content-encoding: gzip
last-modified: Tue, 30 Jan 2024 14:02:01 GMT
server: ThreatSim-Web-Server
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 all.js Show response
www.corp-internal.com/assets/ 28 KB
7 KB 53ms
53ms Script
application/javascript 23.23.123.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.corp-internal.com/assets/all.js?g=846a93dc05
Requested by: Host: www.corp-internal.com
URL: https://www.corp-internal.com/6a846a9703dc058e?l=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.123.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-23-123-142.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: 39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.corp-internal.com/6a846a9703dc058e?l=7
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:26:11 GMT
content-encoding: gzip
last-modified: Tue, 30 Jan 2024 14:02:00 GMT
server: ThreatSim-Web-Server
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
content-length: 7191
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 browser_post Show response
www.corp-internal.com/secure/ 0
487 B 68ms
67ms XHR
image/gif 23.23.123.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.corp-internal.com/secure/browser_post

Requested by

Host: www.corp-internal.com
URL: https://www.corp-internal.com/assets/ajax/libs/jquery/1.9.1/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.123.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-123-142.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: */*
Referer: https://www.corp-internal.com/6a846a9703dc058e?l=7
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:26:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: e2aa4362-9fb0-4806-9985-d403395f55de
x-runtime: 0.013064
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-04a710237bdcd6f6a, ; 518fc85252c184e5a49a43c017fa22c8669fcc4d
x-download-options: noopen
vary: Accept-Encoding, Accept
x-frame-options: SAMEORIGIN
content-type: image/gif; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
www.corp-internal.com/ 0
466 B 66ms
57ms Image
text/html 23.23.123.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.corp-internal.com/trace?id=846a93dc05&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=60da8031-3055-466b-9c38-ec82f6063a4e

Requested by

Host: www.corp-internal.com
URL: https://www.corp-internal.com/6a846a9703dc058e?l=7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.123.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-123-142.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.corp-internal.com/6a846a9703dc058e?l=7
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:26:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: a170fd6f-3ec3-4627-97b3-47b99ea68a51
x-runtime: 0.002801
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0873aec3baff4291e, ; 518fc85252c184e5a49a43c017fa22c8669fcc4d
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
www.corp-internal.com/ 0
466 B 64ms
55ms Image
text/html 23.23.123.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.corp-internal.com/trace?id=846a93dc05&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=60da8031-3055-466b-9c38-ec82f6063a4e

Requested by

Host: www.corp-internal.com
URL: https://www.corp-internal.com/6a846a9703dc058e?l=7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.123.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-123-142.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.corp-internal.com/6a846a9703dc058e?l=7
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:26:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 57a83aa8-c64d-4340-bb14-d3ab27ee9a17
x-runtime: 0.001834
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-04a710237bdcd6f6a, ; 518fc85252c184e5a49a43c017fa22c8669fcc4d
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
www.corp-internal.com/ 0
464 B 63ms
54ms Image
text/html 23.23.123.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.corp-internal.com/trace?id=846a93dc05&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=60da8031-3055-466b-9c38-ec82f6063a4e

Requested by

Host: www.corp-internal.com
URL: https://www.corp-internal.com/6a846a9703dc058e?l=7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.123.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-123-142.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.corp-internal.com/6a846a9703dc058e?l=7
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:26:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: adfd2272-2ac1-4862-b829-c21d09bda760
x-runtime: 0.001679
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-000ffa3ac01a05ba5, ; 518fc85252c184e5a49a43c017fa22c8669fcc4d
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
www.corp-internal.com/ 0
466 B 64ms
55ms Image
text/html 23.23.123.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.corp-internal.com/trace?id=846a93dc05&msg=BrowserDetect%20-%20browser%20%3D%20Chrome&correlation_id=60da8031-3055-466b-9c38-ec82f6063a4e

Requested by

Host: www.corp-internal.com
URL: https://www.corp-internal.com/6a846a9703dc058e?l=7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.123.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-123-142.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.corp-internal.com/6a846a9703dc058e?l=7
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:26:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 70ffd1ad-76a2-4b5c-9657-b9a1b9460e90
x-runtime: 0.001997
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0b4ddcf70cad9ae74, ; 518fc85252c184e5a49a43c017fa22c8669fcc4d
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
www.corp-internal.com/ 0
467 B 66ms
58ms Image
text/html 23.23.123.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.corp-internal.com/trace?id=846a93dc05&msg=BrowserDetect%20-%20browser_version%20%3D%20123&correlation_id=60da8031-3055-466b-9c38-ec82f6063a4e

Requested by

Host: www.corp-internal.com
URL: https://www.corp-internal.com/6a846a9703dc058e?l=7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.123.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-123-142.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.corp-internal.com/6a846a9703dc058e?l=7
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:26:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 44117f73-2f3d-49d7-a791-b6e7b5ff2b44
x-runtime: 0.001963
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0873aec3baff4291e, ; 518fc85252c184e5a49a43c017fa22c8669fcc4d
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
www.corp-internal.com/ 0
465 B 65ms
56ms Image
text/html 23.23.123.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.corp-internal.com/trace?id=846a93dc05&msg=BrowserDetect%20-%20os%20%3D%20Windows&correlation_id=60da8031-3055-466b-9c38-ec82f6063a4e

Requested by

Host: www.corp-internal.com
URL: https://www.corp-internal.com/6a846a9703dc058e?l=7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.123.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-123-142.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.corp-internal.com/6a846a9703dc058e?l=7
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:26:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 10d6b3e8-4fc6-40af-ba99-f8a227dde2aa
x-runtime: 0.001271
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-000ffa3ac01a05ba5, ; 518fc85252c184e5a49a43c017fa22c8669fcc4d
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
www.corp-internal.com/ 0
466 B 65ms
57ms Image
text/html 23.23.123.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.corp-internal.com/trace?id=846a93dc05&msg=BrowserDetect%20-%20os_version%20%3D%2010&correlation_id=60da8031-3055-466b-9c38-ec82f6063a4e

Requested by

Host: www.corp-internal.com
URL: https://www.corp-internal.com/6a846a9703dc058e?l=7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.123.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-123-142.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.corp-internal.com/6a846a9703dc058e?l=7
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:26:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 4442d86c-3d59-4ccc-b501-d6dae6e6685d
x-runtime: 0.002128
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0b4ddcf70cad9ae74, ; 518fc85252c184e5a49a43c017fa22c8669fcc4d
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
www.corp-internal.com/ 0
466 B 107ms
99ms Image
text/html 23.23.123.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.corp-internal.com/trace?id=846a93dc05&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=60da8031-3055-466b-9c38-ec82f6063a4e

Requested by

Host: www.corp-internal.com
URL: https://www.corp-internal.com/6a846a9703dc058e?l=7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.123.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-123-142.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.corp-internal.com/6a846a9703dc058e?l=7
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:26:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: e456a4d6-f689-4c86-9ab4-2fbc5be899cb
x-runtime: 0.001880
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-04a710237bdcd6f6a, ; 518fc85252c184e5a49a43c017fa22c8669fcc4d
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
www.corp-internal.com/ 0
466 B 107ms
99ms Image
text/html 23.23.123.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.corp-internal.com/trace?id=846a93dc05&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=60da8031-3055-466b-9c38-ec82f6063a4e

Requested by

Host: www.corp-internal.com
URL: https://www.corp-internal.com/6a846a9703dc058e?l=7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.123.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-123-142.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.corp-internal.com/6a846a9703dc058e?l=7
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:26:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: be8bc6ec-b68f-4deb-9b99-7ec484a6e008
x-runtime: 0.002330
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0873aec3baff4291e, ; 518fc85252c184e5a49a43c017fa22c8669fcc4d
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
www.corp-internal.com/ 0
465 B 104ms
97ms Image
text/html 23.23.123.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.corp-internal.com/trace?id=846a93dc05&msg=BrowserDetect%20-%20width%20%3D%20800&correlation_id=60da8031-3055-466b-9c38-ec82f6063a4e

Requested by

Host: www.corp-internal.com
URL: https://www.corp-internal.com/6a846a9703dc058e?l=7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.123.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-123-142.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.corp-internal.com/6a846a9703dc058e?l=7
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:26:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 4ab20f2a-faed-4015-be4d-3d108bd11093
x-runtime: 0.003360
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-000ffa3ac01a05ba5, ; 518fc85252c184e5a49a43c017fa22c8669fcc4d
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
www.corp-internal.com/ 0
465 B 108ms
101ms Image
text/html 23.23.123.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.corp-internal.com/trace?id=846a93dc05&msg=BrowserDetect%20-%20height%20%3D%20600&correlation_id=60da8031-3055-466b-9c38-ec82f6063a4e

Requested by

Host: www.corp-internal.com
URL: https://www.corp-internal.com/6a846a9703dc058e?l=7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.123.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-123-142.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.corp-internal.com/6a846a9703dc058e?l=7
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:26:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 4b66fc0a-2962-4192-a28c-3a6db62aa1aa
x-runtime: 0.004206
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0b4ddcf70cad9ae74, ; 518fc85252c184e5a49a43c017fa22c8669fcc4d
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
www.corp-internal.com/ 0
466 B 105ms
98ms Image
text/html 23.23.123.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.corp-internal.com/trace?id=846a93dc05&msg=BrowserDetect%20-%20plugin%20PDF%20Viewer&correlation_id=60da8031-3055-466b-9c38-ec82f6063a4e

Requested by

Host: www.corp-internal.com
URL: https://www.corp-internal.com/6a846a9703dc058e?l=7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.123.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-123-142.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.corp-internal.com/6a846a9703dc058e?l=7
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:26:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 83cfb836-258b-4a4e-9216-21398e17998f
x-runtime: 0.002053
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-04a710237bdcd6f6a, ; 518fc85252c184e5a49a43c017fa22c8669fcc4d
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
www.corp-internal.com/ 0
467 B 104ms
98ms Image
text/html 23.23.123.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.corp-internal.com/trace?id=846a93dc05&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Viewer&correlation_id=60da8031-3055-466b-9c38-ec82f6063a4e

Requested by

Host: www.corp-internal.com
URL: https://www.corp-internal.com/6a846a9703dc058e?l=7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.123.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-123-142.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.corp-internal.com/6a846a9703dc058e?l=7
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:26:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 6fe383b7-073b-4979-98c1-dd917f9f312f
x-runtime: 0.002510
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0b4ddcf70cad9ae74, ; 518fc85252c184e5a49a43c017fa22c8669fcc4d
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
www.corp-internal.com/ 0
466 B 106ms
100ms Image
text/html 23.23.123.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.corp-internal.com/trace?id=846a93dc05&msg=BrowserDetect%20-%20plugin%20Chromium%20PDF%20Viewer&correlation_id=60da8031-3055-466b-9c38-ec82f6063a4e

Requested by

Host: www.corp-internal.com
URL: https://www.corp-internal.com/6a846a9703dc058e?l=7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.123.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-123-142.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.corp-internal.com/6a846a9703dc058e?l=7
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:26:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 00f69a32-2370-4548-b48d-98a84df3f1b8
x-runtime: 0.001722
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0873aec3baff4291e, ; 518fc85252c184e5a49a43c017fa22c8669fcc4d
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
www.corp-internal.com/ 0
465 B 102ms
96ms Image
text/html 23.23.123.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.corp-internal.com/trace?id=846a93dc05&msg=BrowserDetect%20-%20plugin%20Microsoft%20Edge%20PDF%20Viewer&correlation_id=60da8031-3055-466b-9c38-ec82f6063a4e

Requested by

Host: www.corp-internal.com
URL: https://www.corp-internal.com/6a846a9703dc058e?l=7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.123.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-123-142.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.corp-internal.com/6a846a9703dc058e?l=7
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:26:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 463bd689-5e28-46cb-bb25-d243f07bed24
x-runtime: 0.001921
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-000ffa3ac01a05ba5, ; 518fc85252c184e5a49a43c017fa22c8669fcc4d
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
www.corp-internal.com/ 0
465 B 105ms
99ms Image
text/html 23.23.123.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.corp-internal.com/trace?id=846a93dc05&msg=BrowserDetect%20-%20plugin%20WebKit%20built-in%20PDF&correlation_id=60da8031-3055-466b-9c38-ec82f6063a4e

Requested by

Host: www.corp-internal.com
URL: https://www.corp-internal.com/6a846a9703dc058e?l=7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.123.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-123-142.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.corp-internal.com/6a846a9703dc058e?l=7
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:26:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 1c8b0a9b-dcdd-4337-9660-8b4733239d42
x-runtime: 0.002840
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-000ffa3ac01a05ba5, ; 518fc85252c184e5a49a43c017fa22c8669fcc4d
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
www.corp-internal.com/ 0
466 B 102ms
97ms Image
text/html 23.23.123.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.corp-internal.com/trace?id=846a93dc05&msg=Chrome%20browser%2C%20using%20more%20detailed%20version&correlation_id=60da8031-3055-466b-9c38-ec82f6063a4e

Requested by

Host: www.corp-internal.com
URL: https://www.corp-internal.com/6a846a9703dc058e?l=7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.123.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-123-142.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.corp-internal.com/6a846a9703dc058e?l=7
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:26:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 29717363-f95c-4805-a2a1-6499dc6f4b3f
x-runtime: 0.002155
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0873aec3baff4291e, ; 518fc85252c184e5a49a43c017fa22c8669fcc4d
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
www.corp-internal.com/ 0
466 B 109ms
104ms Image
text/html 23.23.123.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.corp-internal.com/trace?id=846a93dc05&msg=Skipping%20java%20detection&correlation_id=60da8031-3055-466b-9c38-ec82f6063a4e

Requested by

Host: www.corp-internal.com
URL: https://www.corp-internal.com/6a846a9703dc058e?l=7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.123.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-123-142.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.corp-internal.com/6a846a9703dc058e?l=7
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:26:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 9acf2340-9351-4d76-b76a-63fb48bd1672
x-runtime: 0.001425
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-04a710237bdcd6f6a, ; 518fc85252c184e5a49a43c017fa22c8669fcc4d
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
www.corp-internal.com/ 0
466 B 105ms
100ms Image
text/html 23.23.123.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.corp-internal.com/trace?id=846a93dc05&msg=Skipping%20flash%20detection&correlation_id=60da8031-3055-466b-9c38-ec82f6063a4e

Requested by

Host: www.corp-internal.com
URL: https://www.corp-internal.com/6a846a9703dc058e?l=7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.123.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-123-142.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.corp-internal.com/6a846a9703dc058e?l=7
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:26:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 06519e7d-d28a-4da6-b0fe-eae5736aaac5
x-runtime: 0.003241
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0b4ddcf70cad9ae74, ; 518fc85252c184e5a49a43c017fa22c8669fcc4d
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
www.corp-internal.com/ 0
466 B 109ms
105ms Image
text/html 23.23.123.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.corp-internal.com/trace?id=846a93dc05&msg=Skipping%20pdf%20detection&correlation_id=60da8031-3055-466b-9c38-ec82f6063a4e

Requested by

Host: www.corp-internal.com
URL: https://www.corp-internal.com/6a846a9703dc058e?l=7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.123.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-123-142.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.corp-internal.com/6a846a9703dc058e?l=7
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:26:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 9b8a8743-d6f4-4025-8349-3a1b3d19dce4
x-runtime: 0.001135
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-04a710237bdcd6f6a, ; 518fc85252c184e5a49a43c017fa22c8669fcc4d
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
www.corp-internal.com/ 0
466 B 109ms
105ms Image
text/html 23.23.123.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.corp-internal.com/trace?id=846a93dc05&msg=Skipping%20quicktime%20detection&correlation_id=60da8031-3055-466b-9c38-ec82f6063a4e

Requested by

Host: www.corp-internal.com
URL: https://www.corp-internal.com/6a846a9703dc058e?l=7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.123.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-123-142.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.corp-internal.com/6a846a9703dc058e?l=7
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:26:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 9d1c5cb8-012d-4bf5-a7aa-3bfb72e83708
x-runtime: 0.001798
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0873aec3baff4291e, ; 518fc85252c184e5a49a43c017fa22c8669fcc4d
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
www.corp-internal.com/ 0
465 B 104ms
100ms Image
text/html 23.23.123.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.corp-internal.com/trace?id=846a93dc05&msg=Skipping%20RealPlayer%20detection&correlation_id=60da8031-3055-466b-9c38-ec82f6063a4e

Requested by

Host: www.corp-internal.com
URL: https://www.corp-internal.com/6a846a9703dc058e?l=7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.123.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-123-142.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.corp-internal.com/6a846a9703dc058e?l=7
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:26:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 95c9238d-39cd-4c28-ad25-04d00b80208c
x-runtime: 0.001102
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-000ffa3ac01a05ba5, ; 518fc85252c184e5a49a43c017fa22c8669fcc4d
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
www.corp-internal.com/ 0
466 B 108ms
104ms Image
text/html 23.23.123.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.corp-internal.com/trace?id=846a93dc05&msg=Skipping%20Silverlight%20detection&correlation_id=60da8031-3055-466b-9c38-ec82f6063a4e

Requested by

Host: www.corp-internal.com
URL: https://www.corp-internal.com/6a846a9703dc058e?l=7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.123.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-123-142.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.corp-internal.com/6a846a9703dc058e?l=7
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:26:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 12961615-66ee-4a2b-abee-5e27ba90bdd9
x-runtime: 0.002026
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0b4ddcf70cad9ae74, ; 518fc85252c184e5a49a43c017fa22c8669fcc4d
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
www.corp-internal.com/ 0
466 B 108ms
105ms Image
text/html 23.23.123.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.corp-internal.com/trace?id=846a93dc05&msg=Skipping%20WindowsMediaPlayer%20detection&correlation_id=60da8031-3055-466b-9c38-ec82f6063a4e

Requested by

Host: www.corp-internal.com
URL: https://www.corp-internal.com/6a846a9703dc058e?l=7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.123.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-123-142.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.corp-internal.com/6a846a9703dc058e?l=7
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:26:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: c19ea496-28ed-4d9a-ba36-85178ff86db0
x-runtime: 0.001359
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0873aec3baff4291e, ; 518fc85252c184e5a49a43c017fa22c8669fcc4d
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
www.corp-internal.com/ 0
465 B 100ms
98ms Image
text/html 23.23.123.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.corp-internal.com/trace?id=846a93dc05&msg=redirecting%20to%20%2Fload_training%3Fguid%3D72846a9c33dc05fb%26correlation_id%3D60da8031-3055-466b-9c38-ec82f6063a4e&correlation_id=60da8031-3055-466b-9c38-ec82f6063a4e

Requested by

Host: www.corp-internal.com
URL: https://www.corp-internal.com/6a846a9703dc058e?l=7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.123.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-123-142.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.corp-internal.com/6a846a9703dc058e?l=7
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:26:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 99013cec-2d86-4c0a-92e1-59e99a3a7b1a
x-runtime: 0.001413
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-04a710237bdcd6f6a, ; 518fc85252c184e5a49a43c017fa22c8669fcc4d
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
www.corp-internal.com/ 0
465 B 54ms
54ms Image
text/html 23.23.123.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.corp-internal.com/trace?id=846a93dc05&msg=browser_post_successful&correlation_id=60da8031-3055-466b-9c38-ec82f6063a4e

Requested by

Host: www.corp-internal.com
URL: https://www.corp-internal.com/6a846a9703dc058e?l=7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.123.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-123-142.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.corp-internal.com/6a846a9703dc058e?l=7
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 14:26:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 26023865-b2f3-44fa-89fb-2194be6edb07
x-runtime: 0.001309
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-000ffa3ac01a05ba5, ; 518fc85252c184e5a49a43c017fa22c8669fcc4d
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.corp-internal.com
URL: https://www.corp-internal.com:49153/alt_pixel_click_846a93dc05.gif?correlation_id=60da8031-3055-466b-9c38-ec82f6063a4e

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.corp-internal.com/	1969-12-31 23:59:59	Name: EXFILGUID Value: 846a93dc05
			www.corp-internal.com/	1969-12-31 23:59:59	Name: link_clicked_846a93dc05 Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d2wy8f7a9ursnm.cloudfront.net
tslp.s3.amazonaws.com
url.emailprotection.link
www.corp-internal.com
www.corp-internal.com
23.23.123.142
3.162.7.110
52.216.57.225
64.78.56.115
04ba8897950ca15879762ccae3323b8f0952259461c13c3e90d6d973b213133c
39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9
4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a
6938c77be180b60f67086ac99a2692f9af393675279711f0dad73d541b675964
8be2e88f4beed8e6d7c70115a1b71fa50c5da67abbc6e7f393a4960613079069
9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc
a4726c17da1e23c8afa26371cda377460db886588d02acb168afbc7c85e0ecd0
b12ac9e2fa728424155567aa27e3d36d764b33f07d663e496dc178974048a6f8
c0abaeb3980770b43c286ca92f32a3d6ae93feb9e6d8194f20378b1ad28dc95f
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c8cff31fcae0edc0e4ffd3628f36361dfc24d71cc5b9793e5ffad8e76e6f182b
c92b1aece38d5bae7bfb72e26a5070d5663d40774c7aceb973631025d6e6e592
ca8178a737bdd4e6d2394e6c5609d1ca001254667458bb9cd1130bacea58cb86
e337f687babe708a9f8e6642d7793ee3ed5eb4696cf11e28dd0682a858a591ea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fc2dc5f8889d046d7ed399929606ddce53d73b18573184728cb9fc687ae08d70

www.corp-internal.com Open in urlscan Pro 23.23.123.142 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

43 Requests

98 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

5 IPs

1 Countries

505 kBTransfer

697 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.corp-internal.com Open in urlscan Pro
23.23.123.142 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

98 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

5
IPs

1
Countries

505 kB
Transfer

697 kB
Size

2
Cookies

43 HTTP transactions
0 data transactions