login.eu.threatsim.com Open in urlscan Pro
52.50.150.69 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://phishsim.ws02-securityeducation.com/
Effective URL:
https://login.eu.threatsim.com/users/sign_in
Submission: On March 16 via api (March 16th 2024, 3:29:09 pm UTC) from US — Scanned from US

Summary HTTP 16 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 16 HTTP transactions. The main IP is 52.50.150.69, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is login.eu.threatsim.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on September 10th 2023. Valid for: a year.

This is the only time login.eu.threatsim.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.220.6.158 54.220.6.158	16509 (AMAZON-02) (AMAZON-02)
2	52.50.150.69 52.50.150.69	16509 (AMAZON-02) (AMAZON-02)
7	54.230.48.27 54.230.48.27	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c07::5f	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c17::5f	15169 (GOOGLE) (GOOGLE)
2	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	6

1 54.220.6.158 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-6-158.eu-west-1.compute.amazonaws.com

phishsim.ws02-securityeducation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.50.150.69 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-150-69.eu-west-1.compute.amazonaws.com

login.eu.threatsim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 54.230.48.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-48-27.yul62.r.cloudfront.net

d2k53c71t1ovai.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c07::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c17::5f (Washington, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

assets.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	cloudfront.net d2k53c71t1ovai.cloudfront.net	2 MB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 253	42 KB
2	zendesk.com assets.zendesk.com — Cisco Umbrella Rank: 9439
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 38 ajax.googleapis.com — Cisco Umbrella Rank: 390	31 KB
2	threatsim.com login.eu.threatsim.com	29 KB
1	ws02-securityeducation.com 1 redirects phishsim.ws02-securityeducation.com	2 KB
16	6

	Domain	Requested by
7	d2k53c71t1ovai.cloudfront.net	login.eu.threatsim.com d2k53c71t1ovai.cloudfront.net
3	cdnjs.cloudflare.com	login.eu.threatsim.com
2	assets.zendesk.com	login.eu.threatsim.com
2	login.eu.threatsim.com	login.eu.threatsim.com
1	ajax.googleapis.com	login.eu.threatsim.com
1	fonts.googleapis.com	login.eu.threatsim.com
1	phishsim.ws02-securityeducation.com	1 redirects
16	7

This site contains links to these domains. Also see Links.

Domain
www.proofpoint.com

Subject Issuer	Validity	Valid
*.eu.threatsim.com Amazon RSA 2048 M01	`2023-09-10` - `2024-10-07`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
assets.zendesk.com Cloudflare Inc ECC CA-3	`2024-02-17` - `2024-12-31`	10 months	crt.sh

This page contains 1 frames:

Primary Page: https://login.eu.threatsim.com/users/sign_in
Frame ID: 7CEFE03B08C453FB33AC8D2DC619AB2E
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ThreatSim

Page URL History Show full URLs

https://phishsim.ws02-securityeducation.com/ HTTP 302
https://login.eu.threatsim.com/users/sign_in Page URL

Detected technologies

Stimulus (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-controller

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

16
Requests

100 %
HTTPS

43 %
IPv6

6
Domains

7
Subdomains

6
IPs

3
Countries

2028 kB
Transfer

2332 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.proofpoint.com/us/legal/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://phishsim.ws02-securityeducation.com/ HTTP 302
https://login.eu.threatsim.com/users/sign_in Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request sign_in Show response
login.eu.threatsim.com/users/
Redirect Chain

https://phishsim.ws02-securityeducation.com/
https://login.eu.threatsim.com/users/sign_in

11 KB
7 KB

569ms
150ms

Document
text/html

52.50.150.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.eu.threatsim.com/users/sign_in

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.50.150.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-50-150-69.eu-west-1.compute.amazonaws.com

Software

Wombat-Web-Server /

Resource Hash

a5be60710502e74c98eceef62eb7a324c52d47ca8e4f852ef7a284c6e0a92c56

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' data: blob:; child-src https: 'self' .wistia.com; connect-src https: 'self' .wistia.com bam.nr-data.net localhost:9000; frame-ancestors 'self' https://.securityeducation.com https://.ws02-securityeducation.com; img-src https: 'self' data: .wistia.com; media-src https: 'self' blob: .wistia.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' .bootstrapcdn.com .cloudfront.net .googleapis.com ts-staging-lp.s3.amazonaws.com tslp.s3.amazonaws.com assets.zendesk.com cdnjs.cloudflare.com code.jquery.com fast.wistia.com fast.wistia.net src.litix.io .nr-data.net www.google.com www.google-analytics.com www.gstatic.com *.pendo.io; style-src https: 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-store
Connection: keep-alive
Content-Encoding: gzip
Content-Security-Policy: default-src https: 'self' data: blob:; child-src https: 'self' *.wistia.com; connect-src https: 'self' *.wistia.com bam.nr-data.net localhost:9000; frame-ancestors 'self' https://*.securityeducation.com https://*.ws02-securityeducation.com; img-src https: 'self' data: *.wistia.com; media-src https: 'self' blob: *.wistia.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' *.bootstrapcdn.com *.cloudfront.net *.googleapis.com ts-staging-lp.s3.amazonaws.com tslp.s3.amazonaws.com assets.zendesk.com cdnjs.cloudflare.com code.jquery.com fast.wistia.com fast.wistia.net src.litix.io *.nr-data.net www.google.com www.google-analytics.com www.gstatic.com *.pendo.io; style-src https: 'self' 'unsafe-inline'
Content-Security-Policy-Report-Only: default-src https: 'self' data: blob:; child-src https: 'self' *.wistia.com; connect-src https: 'self' *.wistia.com bam.nr-data.net localhost:9000; frame-ancestors 'self' https://*.securityeducation.com https://*.ws02-securityeducation.com; img-src https: 'self' data: *.wistia.com; media-src https: 'self' blob: *.wistia.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' *.bootstrapcdn.com *.cloudfront.net *.googleapis.com ts-staging-lp.s3.amazonaws.com tslp.s3.amazonaws.com assets.zendesk.com cdnjs.cloudflare.com code.jquery.com fast.wistia.com fast.wistia.net src.litix.io *.nr-data.net www.google.com www.google-analytics.com www.gstatic.com *.pendo.io; style-src https: 'self' 'unsafe-inline'; report-uri /csp_reports
Content-Type: text/html; charset=utf-8
Date: Sat, 16 Mar 2024 15:29:03 GMT
ETag: W/"a5be60710502e74c98eceef62eb7a324"
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Link: <https://d2k53c71t1ovai.cloudfront.net/assets/jquery-82ca8406847ab47ed651a2fe5b46a31f0173e4a8efb8087bd462bfcb99b330a5.js>; rel=preload; as=script; nopush,<https://d2k53c71t1ovai.cloudfront.net/assets/application-f191797f68762d2121bb93ef38c1b0019a2b3650799d3a33e8e2dfa3a9c6493a.css>; rel=preload; as=style; nopush,<https://d2k53c71t1ovai.cloudfront.net/assets/application-48bcdc7b3b1188d4f3f15cc14c9ad7a4d7d2bbf3b2dd87fe76e82fea15ad496f.js>; rel=preload; as=script; nopush,<https://d2k53c71t1ovai.cloudfront.net/assets/devise_sessions/new-d2ef07f0884534b8ad18a39b7773548e6907399028d18742d899c5f59f742be8.js>; rel=preload; as=script; nopush
Pragma: no-cache
Server: Wombat-Web-Server
Strict-Transport-Security: max-age=631138519
Vary: Accept-Encoding
X-Content-Type-Options: nosniff nosniff
X-Download-Options: noopen
X-Frame-Options: sameorigin
X-Host-Info: adm-prod-eu-i-0592f6818dd9029ea ; 6230f08f187147556f282bda1a787957298dbefa
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: e97febdc-ed41-406b-b124-937e974394ac
X-Runtime: 0.012501
X-XSS-Protection: 1; mode=block
transfer-encoding: chunked
vary: Origin

Redirect headers

Cache-Control: no-store
Connection: keep-alive
Content-Length: 110
Content-Security-Policy: default-src https: 'self' data: blob:; child-src https: 'self' *.wistia.com; connect-src https: 'self' *.wistia.com bam.nr-data.net localhost:9000; frame-ancestors 'self' https://*.securityeducation.com https://*.ws02-securityeducation.com; img-src https: 'self' data: *.wistia.com; media-src https: 'self' blob: *.wistia.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' *.bootstrapcdn.com *.cloudfront.net *.googleapis.com ts-staging-lp.s3.amazonaws.com tslp.s3.amazonaws.com assets.zendesk.com cdnjs.cloudflare.com code.jquery.com fast.wistia.com fast.wistia.net src.litix.io *.nr-data.net www.google.com www.google-analytics.com www.gstatic.com *.pendo.io; style-src https: 'self' 'unsafe-inline'
Content-Security-Policy-Report-Only: default-src https: 'self' data: blob:; child-src https: 'self' *.wistia.com; connect-src https: 'self' *.wistia.com bam.nr-data.net localhost:9000; frame-ancestors 'self' https://*.securityeducation.com https://*.ws02-securityeducation.com; img-src https: 'self' data: *.wistia.com; media-src https: 'self' blob: *.wistia.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' *.bootstrapcdn.com *.cloudfront.net *.googleapis.com ts-staging-lp.s3.amazonaws.com tslp.s3.amazonaws.com assets.zendesk.com cdnjs.cloudflare.com code.jquery.com fast.wistia.com fast.wistia.net src.litix.io *.nr-data.net www.google.com www.google-analytics.com www.gstatic.com *.pendo.io; style-src https: 'self' 'unsafe-inline'; report-uri /csp_reports
Content-Type: text/html; charset=utf-8
Date: Sat, 16 Mar 2024 15:29:03 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Location: https://login.eu.threatsim.com/users/sign_in
Pragma: no-cache
Server: Wombat-Web-Server
Strict-Transport-Security: max-age=631138519
X-Content-Type-Options: nosniff nosniff
X-Download-Options: noopen
X-Frame-Options: sameorigin
X-Host-Info: adm-prod-eu-i-0592f6818dd9029ea ; 6230f08f187147556f282bda1a787957298dbefa
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 0593783d-432e-4ab0-871d-2afcdaf22463
X-Runtime: 0.018644
X-XSS-Protection: 1; mode=block
vary: Origin

GET
H2 200 jquery-82ca8406847ab47ed651a2fe5b46a31f0173e4a8efb8087bd462bfcb99b330a5.js Show response
d2k53c71t1ovai.cloudfront.net/assets/ 115 KB
116 KB 275ms
101ms Script
application/javascript 54.230.48.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2k53c71t1ovai.cloudfront.net/assets/jquery-82ca8406847ab47ed651a2fe5b46a31f0173e4a8efb8087bd462bfcb99b330a5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.48.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-48-27.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 82ca8406847ab47ed651a2fe5b46a31f0173e4a8efb8087bd462bfcb99b330a5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://login.eu.threatsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 14:57:07 GMT
via: 1.1 0588a12f9163167120c7c5e825e9110a.cloudfront.net (CloudFront)
last-modified: Thu, 22 Feb 2024 15:03:09 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-C2
age: 1918
etag: "4b12212b5358e71b67b111960cdd45bd"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 118249
x-amz-cf-id: P3ufND-aXyPl2tw8k63Q-sSPaTmmVygaaLRWw7Ldy8cQ990rVkW7sA==

GET
H2 200 application-f191797f68762d2121bb93ef38c1b0019a2b3650799d3a33e8e2dfa3a9c6493a.css
d2k53c71t1ovai.cloudfront.net/assets/ 319 KB
319 KB 441ms
268ms Stylesheet
text/css 54.230.48.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2k53c71t1ovai.cloudfront.net/assets/application-f191797f68762d2121bb93ef38c1b0019a2b3650799d3a33e8e2dfa3a9c6493a.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.48.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-48-27.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f191797f68762d2121bb93ef38c1b0019a2b3650799d3a33e8e2dfa3a9c6493a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://login.eu.threatsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 14:57:07 GMT
via: 1.1 0588a12f9163167120c7c5e825e9110a.cloudfront.net (CloudFront)
last-modified: Thu, 22 Feb 2024 15:03:06 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-C2
age: 1918
x-amz-server-side-encryption: AES256
etag: "a66a9e5c2edc969908a7195801ab05d3"
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 326226
x-amz-cf-id: H0U7DegUn98Iq2qvc7I6zArZHyhsssjZ68dO1yW5tx-25GCoTA8jQw==

GET
H2 200 application-48bcdc7b3b1188d4f3f15cc14c9ad7a4d7d2bbf3b2dd87fe76e82fea15ad496f.js Show response
d2k53c71t1ovai.cloudfront.net/assets/ 1 MB
1 MB 613ms
440ms Script
application/javascript 54.230.48.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2k53c71t1ovai.cloudfront.net/assets/application-48bcdc7b3b1188d4f3f15cc14c9ad7a4d7d2bbf3b2dd87fe76e82fea15ad496f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.48.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-48-27.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 48bcdc7b3b1188d4f3f15cc14c9ad7a4d7d2bbf3b2dd87fe76e82fea15ad496f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://login.eu.threatsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 15:29:05 GMT
via: 1.1 0588a12f9163167120c7c5e825e9110a.cloudfront.net (CloudFront)
last-modified: Thu, 22 Feb 2024 15:03:06 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-C2
etag: "5babc6e098472f16141b5598c5a0d050"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 1190866
x-amz-cf-id: OwNRYIbxB90nEVoPprL5Y-SMzxjay1_xjFUAPi4NyIri92kgr0um8g==

GET
H2 200 new-d2ef07f0884534b8ad18a39b7773548e6907399028d18742d899c5f59f742be8.js Show response
d2k53c71t1ovai.cloudfront.net/assets/devise_sessions/ 27 B
386 B 274ms
101ms Script
application/javascript 54.230.48.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2k53c71t1ovai.cloudfront.net/assets/devise_sessions/new-d2ef07f0884534b8ad18a39b7773548e6907399028d18742d899c5f59f742be8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.48.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-48-27.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d2ef07f0884534b8ad18a39b7773548e6907399028d18742d899c5f59f742be8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://login.eu.threatsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 14:57:07 GMT
via: 1.1 0588a12f9163167120c7c5e825e9110a.cloudfront.net (CloudFront)
last-modified: Thu, 22 Feb 2024 15:03:07 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-C2
age: 1918
etag: "18d55c505153e6a4b4a414aa3c81c429"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 27
x-amz-cf-id: LppmodZHnb8eQUA9f1w7AsSgb96wjlG8TZOhqjduqrjRNEMUKMiVCg==

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/ 23 KB
5 KB 99ms
38ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/font-awesome.min.css

Requested by

Host: login.eu.threatsim.com
URL: https://login.eu.threatsim.com/users/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://login.eu.threatsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 15:29:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 241251
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4364
last-modified: Sat, 06 Jan 2024 12:19:44 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "65993750-110c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2r8cXa3DsnIb0nxiAdC%2B%2B7iCTiQXF4LwHimAODCs9NAwYUe94OlSHb0l5yXh0B9FgVTyVtXXWkvW1%2Bn76YT7Ki0rFD3%2FPWVSOBedbRDFlYJunvEV1i%2Bu%2BmkQieXM7n5ahvKxd2yuDJ3%2FIwipl4DQfcOT"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8655c6d09dd6daad-MIA
expires: Thu, 06 Mar 2025 15:29:04 GMT

GET
H2 200 icon
fonts.googleapis.com/ 569 B
775 B 199ms
90ms Stylesheet
text/css 2607:f8b0:4004:c07::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: login.eu.threatsim.com
URL: https://login.eu.threatsim.com/users/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

452410fef223a412e5608205fc069ecc35a4d919b413b3422a714a17ebfd0651

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://login.eu.threatsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 16 Mar 2024 15:29:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 16 Mar 2024 15:29:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 16 Mar 2024 15:29:04 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 164ms
52ms Script
text/javascript 2607:f8b0:4004:c17::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: login.eu.threatsim.com
URL: https://login.eu.threatsim.com/users/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://login.eu.threatsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 16:14:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170053
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30306
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Mar 2025 16:14:51 GMT

GET
H/1.1 200
OK localize.js Show response
login.eu.threatsim.com/js/ 60 KB
21 KB 141ms
139ms Script
application/javascript 52.50.150.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.eu.threatsim.com/js/localize.js

Requested by

Host: login.eu.threatsim.com
URL: https://login.eu.threatsim.com/users/sign_in

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.50.150.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-50-150-69.eu-west-1.compute.amazonaws.com

Software

Wombat-Web-Server /

Resource Hash

831009dc4ec969f293ff63907612a9f7bb06b165c527dea1520052c7ef3be255

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://login.eu.threatsim.com/users/sign_in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sat, 16 Mar 2024 15:29:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 22 Feb 2024 14:55:28 GMT
Server: Wombat-Web-Server
ETag: W/"65d76060-f0c9"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 21472

GET
H2 200 wombat_logo-313ac720267e0d852f0b17055b68087b1d1cc4ce24f075864d4ab57a7f83b199.png
d2k53c71t1ovai.cloudfront.net/assets/ 11 KB
11 KB 509ms
338ms Image
image/png 54.230.48.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2k53c71t1ovai.cloudfront.net/assets/wombat_logo-313ac720267e0d852f0b17055b68087b1d1cc4ce24f075864d4ab57a7f83b199.png
Requested by: Host: login.eu.threatsim.com
URL: https://login.eu.threatsim.com/users/sign_in
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.48.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-48-27.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 313ac720267e0d852f0b17055b68087b1d1cc4ce24f075864d4ab57a7f83b199

Request headers

accept-language: en-US,en;q=0.9
Referer: https://login.eu.threatsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 14:57:07 GMT
via: 1.1 0588a12f9163167120c7c5e825e9110a.cloudfront.net (CloudFront)
last-modified: Thu, 22 Feb 2024 15:03:15 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-C2
age: 1918
etag: "c510b40b57c8de8c431e25e89eac656f"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 10814
x-amz-cf-id: MGiktQ5XvmTfs5YQtqifYNa3xdxCLeySLMRWTqmN2450Z1k-DjYvHQ==

GET
H2 404 zenbox.js
assets.zendesk.com/external/zenbox/v2.6/ 0
0 103ms
42ms Script
text/html 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.zendesk.com/external/zenbox/v2.6/zenbox.js
Requested by: Host: login.eu.threatsim.com
URL: https://login.eu.threatsim.com/users/sign_in
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://login.eu.threatsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

GET
H2 404 zenbox.css
assets.zendesk.com/external/zenbox/v2.6/ 0
0 48ms
47ms Stylesheet
text/html 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.zendesk.com/external/zenbox/v2.6/zenbox.css
Requested by: Host: login.eu.threatsim.com
URL: https://login.eu.threatsim.com/users/sign_in
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://login.eu.threatsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

GET
H2 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.18.1/ 50 KB
15 KB 38ms
37ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.18.1/moment.min.js

Requested by

Host: login.eu.threatsim.com
URL: https://login.eu.threatsim.com/users/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d618d4869738e0dc22360f0ec0cbb6433257843f24723fac240dda0906685238

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://login.eu.threatsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 15:29:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 115898
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15476
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-c909"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KBhFhp5tEU7WUs9OMTrBmBnTbVMG8PdtEVofyCRvXbBAyf13oxVx%2BhfyMj1ZcBgG50Uwxds3VtghBPkUmlVUUUukrZFJ2OV2KW1C8q1gprqBjMAN63R8aO5SuG5C83jZoXuiJTN2uOWwuIzIinIASTEI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8655c6d12e87daad-MIA
expires: Thu, 06 Mar 2025 15:29:04 GMT

GET
H3 200 moment-timezone-with-data.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment-timezone/0.5.13/ 180 KB
21 KB 38ms
38ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment-timezone/0.5.13/moment-timezone-with-data.min.js

Requested by

Host: login.eu.threatsim.com
URL: https://login.eu.threatsim.com/users/sign_in

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31b9bea01ffef2e8f311eafdbbcdd944a12194fa216d8f54489e15a7188d47dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://login.eu.threatsim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 15:29:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 861345
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 21029
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-2cf80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e0lDglhFO8caveEG2%2FsjoJVX%2Bi2FkChu0dNIxGC%2FMdURSYLbE1kiJpapevhNpGHRI6sxihgjPVhzmsL8Z4oy807NitWSQ5M9sgkfzTTMPGQ5%2FUSwwtmIwdEKk0ukbQS%2FEaB9x%2BIw2YJqgCu7JNncyunR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8655c6d17d029ab9-MIA
expires: Thu, 06 Mar 2025 15:29:04 GMT

GET
H2 200 roboto-bold-24571503140760240924dcd1238f77e7cd0454c0d8b0793990cefa2fad71471f.ttf
d2k53c71t1ovai.cloudfront.net/assets/ 160 KB
160 KB 600ms
444ms Font
binary/octet-stream 54.230.48.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2k53c71t1ovai.cloudfront.net/assets/roboto-bold-24571503140760240924dcd1238f77e7cd0454c0d8b0793990cefa2fad71471f.ttf
Requested by: Host: d2k53c71t1ovai.cloudfront.net
URL: https://d2k53c71t1ovai.cloudfront.net/assets/application-f191797f68762d2121bb93ef38c1b0019a2b3650799d3a33e8e2dfa3a9c6493a.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.48.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-48-27.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 24571503140760240924dcd1238f77e7cd0454c0d8b0793990cefa2fad71471f

Request headers

Referer: https://d2k53c71t1ovai.cloudfront.net/assets/application-f191797f68762d2121bb93ef38c1b0019a2b3650799d3a33e8e2dfa3a9c6493a.css
Origin: https://login.eu.threatsim.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 15:29:06 GMT
via: 1.1 18b0fca4845f3542d7f0566683e26626.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 163448
last-modified: Thu, 22 Feb 2024 15:03:13 GMT
server: AmazonS3
etag: "36b5bab58a18b9c924861a4ccbf1a790"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://login.eu.threatsim.com
vary: Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-cf-id: pXRr36tZl2nNC1f4n2lDet2BMFe2kEU92YlQC19MdvjjV85pgHJ8Rw==

GET
H2 200 roboto-regular-16466ef65064e6f3885a6d2806b8949ac1ac38b524dd0cf8fc96565eb4cc28e8.ttf
d2k53c71t1ovai.cloudfront.net/assets/ 155 KB
156 KB 268ms
111ms Font
binary/octet-stream 54.230.48.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2k53c71t1ovai.cloudfront.net/assets/roboto-regular-16466ef65064e6f3885a6d2806b8949ac1ac38b524dd0cf8fc96565eb4cc28e8.ttf
Requested by: Host: d2k53c71t1ovai.cloudfront.net
URL: https://d2k53c71t1ovai.cloudfront.net/assets/application-f191797f68762d2121bb93ef38c1b0019a2b3650799d3a33e8e2dfa3a9c6493a.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.48.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-48-27.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 16466ef65064e6f3885a6d2806b8949ac1ac38b524dd0cf8fc96565eb4cc28e8

Request headers

Referer: https://d2k53c71t1ovai.cloudfront.net/assets/application-f191797f68762d2121bb93ef38c1b0019a2b3650799d3a33e8e2dfa3a9c6493a.css
Origin: https://login.eu.threatsim.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 15 Mar 2024 17:08:22 GMT
via: 1.1 18b0fca4845f3542d7f0566683e26626.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-C2
age: 80443
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 158604
last-modified: Thu, 22 Feb 2024 15:03:13 GMT
server: AmazonS3
etag: "5673da52c98bb6cb33ada5aaf649703e"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://login.eu.threatsim.com
vary: Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-cf-id: KJDjj1x8nofGWXYlhT47P_6NEFx6M8TJqiloeT8Ti0H1jFziO0H9kQ==

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			login.eu.threatsim.com/	1970-01-20 19:10:10	Name: _ts_session_id Value: 4dd3c1e9a751655bc0493ec9fb4476d0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://assets.zendesk.com/external/zenbox/v2.6/zenbox.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://assets.zendesk.com/external/zenbox/v2.6/zenbox.css Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://login.eu.threatsim.com/users/sign_in Message: The resource https://d2k53c71t1ovai.cloudfront.net/assets/jquery-82ca8406847ab47ed651a2fe5b46a31f0173e4a8efb8087bd462bfcb99b330a5.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src https: 'self' data: blob:; child-src https: 'self' .wistia.com; connect-src https: 'self' .wistia.com bam.nr-data.net localhost:9000; frame-ancestors 'self' https://.securityeducation.com https://.ws02-securityeducation.com; img-src https: 'self' data: .wistia.com; media-src https: 'self' blob: .wistia.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' .bootstrapcdn.com .cloudfront.net .googleapis.com ts-staging-lp.s3.amazonaws.com tslp.s3.amazonaws.com assets.zendesk.com cdnjs.cloudflare.com code.jquery.com fast.wistia.com fast.wistia.net src.litix.io .nr-data.net www.google.com www.google-analytics.com www.gstatic.com *.pendo.io; style-src https: 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
assets.zendesk.com
cdnjs.cloudflare.com
d2k53c71t1ovai.cloudfront.net
fonts.googleapis.com
login.eu.threatsim.com
phishsim.ws02-securityeducation.com
104.18.72.113
2606:4700::6811:190e
2607:f8b0:4004:c07::5f
2607:f8b0:4004:c17::5f
52.50.150.69
54.220.6.158
54.230.48.27
16466ef65064e6f3885a6d2806b8949ac1ac38b524dd0cf8fc96565eb4cc28e8
24571503140760240924dcd1238f77e7cd0454c0d8b0793990cefa2fad71471f
313ac720267e0d852f0b17055b68087b1d1cc4ce24f075864d4ab57a7f83b199
31b9bea01ffef2e8f311eafdbbcdd944a12194fa216d8f54489e15a7188d47dc
452410fef223a412e5608205fc069ecc35a4d919b413b3422a714a17ebfd0651
48bcdc7b3b1188d4f3f15cc14c9ad7a4d7d2bbf3b2dd87fe76e82fea15ad496f
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
82ca8406847ab47ed651a2fe5b46a31f0173e4a8efb8087bd462bfcb99b330a5
831009dc4ec969f293ff63907612a9f7bb06b165c527dea1520052c7ef3be255
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
a5be60710502e74c98eceef62eb7a324c52d47ca8e4f852ef7a284c6e0a92c56
d2ef07f0884534b8ad18a39b7773548e6907399028d18742d899c5f59f742be8
d618d4869738e0dc22360f0ec0cbb6433257843f24723fac240dda0906685238
f191797f68762d2121bb93ef38c1b0019a2b3650799d3a33e8e2dfa3a9c6493a

login.eu.threatsim.com Open in urlscan Pro 52.50.150.69 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

43 %IPv6

6 Domains

7 Subdomains

6 IPs

3 Countries

2028 kBTransfer

2332 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

1 Cookies

3 Console Messages

Security Headers

Indicators

login.eu.threatsim.com Open in urlscan Pro
52.50.150.69 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

43 %
IPv6

6
Domains

7
Subdomains

6
IPs

3
Countries

2028 kB
Transfer

2332 kB
Size

1
Cookies

16 HTTP transactions
0 data transactions