citrix.account-maintenance.com Open in urlscan Pro
54.210.107.188 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://citrix.account-maintenance.com/ffd299ecf5?l=10
Effective URL:
http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Submission: On January 24 via manual (January 24th 2018, 8:13:42 pm UTC) from US

Summary HTTP 68 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 1 countries across 9 domains to perform 68 HTTP transactions. The main IP is 54.210.107.188, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is citrix.account-maintenance.com.

This is the only time citrix.account-maintenance.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
48	54.210.107.188 54.210.107.188	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
4	34.206.124.153 34.206.124.153	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
2	52.216.20.235 52.216.20.235	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	52.85.173.114 52.85.173.114	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	172.217.23.138 172.217.23.138	15169 (GOOGLE) (GOOGLE - Google LLC)
1 6	172.217.21.238 172.217.21.238	15169 (GOOGLE) (GOOGLE - Google LLC)
1	173.194.76.155 173.194.76.155	15169 (GOOGLE) (GOOGLE - Google LLC)
1	172.217.23.170 172.217.23.170	15169 (GOOGLE) (GOOGLE - Google LLC)
1	52.216.96.163 52.216.96.163	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	151.101.114.110 151.101.114.110	54113 (FASTLY) (FASTLY - Fastly)
1	162.247.242.20 162.247.242.20	23467 (NEWRELIC-...) (NEWRELIC-AS-1 - New Relic)
68	12

48 54.210.107.188 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-210-107-188.compute-1.amazonaws.com

citrix.account-maintenance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dataentry.threatsim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.206.124.153 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-206-124-153.compute-1.amazonaws.com

citrix.account-maintenance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.216.20.235 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1-w.amazonaws.com

tslp.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.85.173.114 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-85-173-114.fra6.r.cloudfront.net

d2wy8f7a9ursnm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.138 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s18-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.21.238 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s13-in-f238.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.76.155 (Portage, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: ws-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.170 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s22-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.96.163 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1-w.amazonaws.com

ts-uploads.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.110 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.242.20 (United States)

ASN23467 (NEWRELIC-AS-1 - New Relic, US)
PTR: bam-8.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	account-maintenance.com citrix.account-maintenance.com	67 KB
21	threatsim.com dataentry.threatsim.com	11 KB
6	google-analytics.com 1 redirects www.google-analytics.com	29 KB
3	amazonaws.com tslp.s3.amazonaws.com ts-uploads.s3.amazonaws.com	247 KB
2	googleapis.com ajax.googleapis.com	66 KB
2	cloudfront.net d2wy8f7a9ursnm.cloudfront.net	7 KB
1	nr-data.net bam.nr-data.net	260 B
1	newrelic.com js-agent.newrelic.com	9 KB
1	doubleclick.net stats.g.doubleclick.net	102 B
68	9

	Domain	Requested by
31	citrix.account-maintenance.com	citrix.account-maintenance.com
21	dataentry.threatsim.com	citrix.account-maintenance.com
6	www.google-analytics.com	1 redirects citrix.account-maintenance.com
2	ajax.googleapis.com	citrix.account-maintenance.com
2	d2wy8f7a9ursnm.cloudfront.net	citrix.account-maintenance.com
2	tslp.s3.amazonaws.com	citrix.account-maintenance.com
1	bam.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	citrix.account-maintenance.com
1	ts-uploads.s3.amazonaws.com	citrix.account-maintenance.com
1	stats.g.doubleclick.net	citrix.account-maintenance.com
68	10

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Frame ID: (4AEF6C4EA63C0D7B129C22420A2E1252)
Requests: 68 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://citrix.account-maintenance.com/ffd299ecf5?l=10 Page URL
http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd374... Page URL

Detected technologies

Apache Traffic Server (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /ATS\/?([\d.]+)?/i

BugSnag (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^BugSnag$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

New Relic (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^NREUM/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Page Statistics

68
Requests

0 %
HTTPS

0 %
IPv6

9
Domains

10
Subdomains

12
IPs

1
Countries

436 kB
Transfer

630 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://citrix.account-maintenance.com/ffd299ecf5?l=10 Page URL
http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 29

http://www.google-analytics.com/r/collect?v=1&_v=j66&a=1450085378&t=pageview&_s=1&dl=http%3A%2F%2Fcitrix.account-maintenance.com%2Fffd299ecf5%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1641693942&gjid=2038718112&cid=349102767.1516824808&tid=UA-83403-17&_gid=1808313965.1516824808&_r=1&z=2108055215 HTTP 307
https://www.google-analytics.com/r/collect?v=1&_v=j66&a=1450085378&t=pageview&_s=1&dl=http%3A%2F%2Fcitrix.account-maintenance.com%2Fffd299ecf5%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1641693942&gjid=2038718112&cid=349102767.1516824808&tid=UA-83403-17&_gid=1808313965.1516824808&_r=1&z=2108055215 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-83403-17&cid=349102767.1516824808&jid=1641693942&_gid=1808313965.1516824808&gjid=2038718112&_v=j66&z=2108055215

Request Chain 30

http://www.google-analytics.com/collect?v=1&_v=j66&a=1450085378&t=pageview&_s=2&dl=http%3A%2F%2Fcitrix.account-maintenance.com%2Fffd299ecf5%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=&gjid=&cid=349102767.1516824808&uid=ffd299ecf5&tid=UA-83403-17&_gid=1808313965.1516824808&z=364867829 HTTP 307
https://www.google-analytics.com/collect?v=1&_v=j66&a=1450085378&t=pageview&_s=2&dl=http%3A%2F%2Fcitrix.account-maintenance.com%2Fffd299ecf5%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=&gjid=&cid=349102767.1516824808&uid=ffd299ecf5&tid=UA-83403-17&_gid=1808313965.1516824808&z=364867829

Request Chain 38

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 63

http://www.google-analytics.com/collect?v=1&_v=j66&a=101456168&t=pageview&_s=1&dl=http%3A%2F%2Fcitrix.account-maintenance.com%2Fload_training%3Fguid%3Dffd299ecf5%26correlation_id%3D07761598-490a-4b00-a068-d6fd37499691&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=AACAAEAB~&jid=&gjid=&cid=349102767.1516824808&tid=UA-83403-17&_gid=1808313965.1516824808&z=1817965064 HTTP 307
https://www.google-analytics.com/collect?v=1&_v=j66&a=101456168&t=pageview&_s=1&dl=http%3A%2F%2Fcitrix.account-maintenance.com%2Fload_training%3Fguid%3Dffd299ecf5%26correlation_id%3D07761598-490a-4b00-a068-d6fd37499691&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=AACAAEAB~&jid=&gjid=&cid=349102767.1516824808&tid=UA-83403-17&_gid=1808313965.1516824808&z=1817965064

Request Chain 64

http://www.google-analytics.com/collect?v=1&_v=j66&a=101456168&t=pageview&_s=2&dl=http%3A%2F%2Fcitrix.account-maintenance.com%2Fload_training%3Fguid%3Dffd299ecf5%26correlation_id%3D07761598-490a-4b00-a068-d6fd37499691&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAEAB~&jid=&gjid=&cid=349102767.1516824808&tid=UA-83403-17&_gid=1808313965.1516824808&z=466893793 HTTP 307
https://www.google-analytics.com/collect?v=1&_v=j66&a=101456168&t=pageview&_s=2&dl=http%3A%2F%2Fcitrix.account-maintenance.com%2Fload_training%3Fguid%3Dffd299ecf5%26correlation_id%3D07761598-490a-4b00-a068-d6fd37499691&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAEAB~&jid=&gjid=&cid=349102767.1516824808&tid=UA-83403-17&_gid=1808313965.1516824808&z=466893793

68 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set ffd299ecf5 Show response
citrix.account-maintenance.com/ 18 KB
19 KB 277ms
158ms Document
text/html 54.210.107.188
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://citrix.account-maintenance.com/ffd299ecf5?l=10
Protocol: HTTP/1.1
Server: 54.210.107.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-210-107-188.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: 298de8902f19e3185bd0a2f2aacbc1953fc0054ccf584995e560b779eb3597fa

Request headers

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Connection: keep-alive
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Wed, 24 Jan 2018 20:13:26 GMT
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 6733
X-Request-Id: 91d736712803be174991b94bafddb3b1
X-UA-Compatible: IE=Edge,chrome=1
X-Runtime: 0.044063
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-014da17057e4b7cc9 ; 65eaa7a5a9338af29192b7a55a72a07754ae6cc2
ETag: W/"a9e9c4c942dd6505d1b18c8d7eace10e"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Set-Cookie: EXFILGUID=ffd299ecf5; path=/ link_clicked_ffd299ecf5=1; path=/
X-Rack-Cache: miss

GET
H/1.1 200
OK Cookie set alt_pixel_click_ffd299ecf5.gif
citrix.account-maintenance.com/ 1 B
680 B 227ms
119ms Image
image/gif 34.206.124.153
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://citrix.account-maintenance.com:49152/alt_pixel_click_ffd299ecf5.gif?correlation_id=07761598-490a-4b00-a068-d6fd37499691
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/ffd299ecf5?l=10
Protocol: HTTP/1.1
Server: 34.206.124.153 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-206-124-153.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com:49152
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://citrix.account-maintenance.com/ffd299ecf5?l=10
Cookie: EXFILGUID=ffd299ecf5; link_clicked_ffd299ecf5=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/ffd299ecf5?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Wed, 24 Jan 2018 20:13:27 GMT
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 21
X-Request-Id: 1ee35f9a77e8b8e96c5140d3fac0cf85
X-UA-Compatible: IE=Edge,chrome=1
X-Runtime: 0.008651
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-066b7e17e3f840d95 ; 65eaa7a5a9338af29192b7a55a72a07754ae6cc2
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: image/gif; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Set-Cookie: EXFILGUID=ffd299ecf5; path=/ link_clicked_ffd299ecf5=2; path=/
X-Rack-Cache: miss

GET
H/1.1 200
OK plugin_detect.js Show response
tslp.s3.amazonaws.com/detect/ 49 KB
49 KB 753ms
123ms Script
text/javascript 52.216.20.235
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/ffd299ecf5?l=10
Protocol: HTTP/1.1
Server: 52.216.20.235 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a

Request headers

Referer: http://citrix.account-maintenance.com/ffd299ecf5?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Wed, 24 Jan 2018 20:13:28 GMT
Last-Modified: Wed, 15 Feb 2017 17:56:07 GMT
Server: AmazonS3
x-amz-request-id: BAB9B5A76A96A5CE
ETag: "00a513f07603df01e3b99be00f370754"
Content-Type: text/javascript
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 50085
x-amz-id-2: 5Y4Ca0O2ZsVV6JJc65hklxIbU/dlZD4mqUThs8HiKFfzZNlPnKh91j0wCATuwsJrR45iyt+VhzU=

GET
H/1.1 200
OK bugsnag-2.min.js Show response
d2wy8f7a9ursnm.cloudfront.net/ 6 KB
3 KB 184ms
14ms Script
application/javascript 52.85.173.114
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/ffd299ecf5?l=10
Protocol: HTTP/1.1
Server: 52.85.173.114 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-85-173-114.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc

Request headers

Referer: http://citrix.account-maintenance.com/ffd299ecf5?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Mon, 10 Jul 2017 01:37:12 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Aug 2016 00:30:49 GMT
Server: AmazonS3
Age: 246712
ETag: "6103bb5e4ec6141e19e1100caafc780c"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 d0c574ed517101bf0c21ed5df9b18342.cloudfront.net (CloudFront)
Cache-Control: public, max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2962
X-Amz-Cf-Id: U23SW2zjfuyHRWHk4-W4NMwboau9g35e1Zz5Pi3p-BmuKf7B8_df_Q==

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ 90 KB
33 KB 6ms
5ms Script
text/javascript 172.217.23.138
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

Requested by

Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/ffd299ecf5?l=10

Protocol

HTTP/1.1

Server

172.217.23.138 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s18-in-f10.1e100.net

Software

sffe /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://citrix.account-maintenance.com/ffd299ecf5?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Fri, 08 Dec 2017 07:12:53 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
Server: sffe
Age: 4107634
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 33018
X-XSS-Protection: 1; mode=block
Expires: Sat, 08 Dec 2018 07:12:53 GMT

GET
H/1.1 200
OK google-tracking.js Show response
citrix.account-maintenance.com/assets/ 455 B
707 B 112ms
111ms Script
application/javascript 54.210.107.188
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://citrix.account-maintenance.com/assets/google-tracking.js?g=ffd299ecf5
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/ffd299ecf5?l=10
Protocol: HTTP/1.1
Server: 54.210.107.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-210-107-188.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: fce517e48a56b76d45fd456264b90c82aa6e9ddb578f9f36d844ace5816d9841

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Referer: http://citrix.account-maintenance.com/ffd299ecf5?l=10
Cookie: EXFILGUID=ffd299ecf5; link_clicked_ffd299ecf5=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/ffd299ecf5?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Wed, 24 Jan 2018 20:13:27 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Jan 2018 15:19:25 GMT
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000 public
Connection: keep-alive
Content-Length: 316
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK all.js Show response
citrix.account-maintenance.com/assets/ 28 KB
7 KB 207ms
103ms Script
application/javascript 54.210.107.188
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://citrix.account-maintenance.com/assets/all.js?g=ffd299ecf5
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/ffd299ecf5?l=10
Protocol: HTTP/1.1
Server: 54.210.107.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-210-107-188.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: bae06f323013a94b766da34246d6439db4b57a1144e7b4f4c6a18848eb7a4cf8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Referer: http://citrix.account-maintenance.com/ffd299ecf5?l=10
Cookie: EXFILGUID=ffd299ecf5; link_clicked_ffd299ecf5=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/ffd299ecf5?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Wed, 24 Jan 2018 20:13:27 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Jan 2018 15:19:25 GMT
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000 public
Connection: keep-alive
Content-Length: 7149
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
S

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

35 KB
14 KB

6ms
5ms

Script
text/javascript

172.217.21.238
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/ffd299ecf5?l=10

Protocol

SPDY

Server

172.217.21.238 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s13-in-f238.1e100.net

Software

Golfe2 /

Resource Hash

f8ef655ef916e39713ede9c6db56d7ca5618bd82cf5ac991dcd013f05e0fdfc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://citrix.account-maintenance.com/ffd299ecf5?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 13 Nov 2017 20:19:12 GMT
server: Golfe2
age: 1093
date: Wed, 24 Jan 2018 19:55:15 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 14597
expires: Wed, 24 Jan 2018 21:55:15 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

POST
H/1.1 200
OK browser_post
dataentry.threatsim.com/secure/ 1 B
603 B 2649ms
2153ms XHR
image/gif 54.210.107.188
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://dataentry.threatsim.com/secure/browser_post
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/ffd299ecf5?l=10
Protocol: HTTP/1.1
Server: 54.210.107.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-210-107-188.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash

Request headers

Accept: */*
Referer: http://citrix.account-maintenance.com/ffd299ecf5?l=10
Origin: http://citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

X-Runtime: 2.037905
Date: Wed, 24 Jan 2018 20:13:30 GMT
Content-Encoding: gzip
X-Rack-Cache: invalidate, pass
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-014da17057e4b7cc9, ; 65eaa7a5a9338af29192b7a55a72a07754ae6cc2
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: image/gif; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: 3d864bc3126ecbead99c70c7f34b290e
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
521 B 587ms
109ms Image
text/html 54.210.107.188
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=ffd299ecf5&msg=BrowserDetect%20-%20localStorage%20%3D%20false&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/ffd299ecf5?l=10
Protocol: HTTP/1.1
Server: 54.210.107.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-210-107-188.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://citrix.account-maintenance.com/ffd299ecf5?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-Runtime: 0.002788
Date: Wed, 24 Jan 2018 20:13:28 GMT
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0b7ce03ba36e7f280, ; 65eaa7a5a9338af29192b7a55a72a07754ae6cc2
ETag: "7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 1
X-Request-Id: 89804e8c9db298a9760ad4c6f8be4ffd
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
521 B 592ms
111ms Image
text/html 54.210.107.188
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=ffd299ecf5&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/ffd299ecf5?l=10
Protocol: HTTP/1.1
Server: 54.210.107.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-210-107-188.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://citrix.account-maintenance.com/ffd299ecf5?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-Runtime: 0.002503
Date: Wed, 24 Jan 2018 20:13:28 GMT
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03d0f2c923354b318, ; 65eaa7a5a9338af29192b7a55a72a07754ae6cc2
ETag: "7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 1
X-Request-Id: 0e7e00379848c5c7c09b2bd08fca2208
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
521 B 596ms
112ms Image
text/html 54.210.107.188
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=ffd299ecf5&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/ffd299ecf5?l=10
Protocol: HTTP/1.1
Server: 54.210.107.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-210-107-188.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://citrix.account-maintenance.com/ffd299ecf5?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-Runtime: 0.002092
Date: Wed, 24 Jan 2018 20:13:28 GMT
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0b7ce03ba36e7f280, ; 65eaa7a5a9338af29192b7a55a72a07754ae6cc2
ETag: "7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 1
X-Request-Id: 98f56f5f544b4d8b74ae80649e6172c3
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
521 B 599ms
113ms Image
text/html 54.210.107.188
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=ffd299ecf5&msg=BrowserDetect%20-%20browser%20%3D%20Chrome&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/ffd299ecf5?l=10
Protocol: HTTP/1.1
Server: 54.210.107.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-210-107-188.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://citrix.account-maintenance.com/ffd299ecf5?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-Runtime: 0.002765
Date: Wed, 24 Jan 2018 20:13:28 GMT
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03d0f2c923354b318, ; 65eaa7a5a9338af29192b7a55a72a07754ae6cc2
ETag: "7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 1
X-Request-Id: 0f25a1127ee69f23fb57d4c2972ab928
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
521 B 609ms
115ms Image
text/html 54.210.107.188
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=ffd299ecf5&msg=BrowserDetect%20-%20browser_version%20%3D%2063&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/ffd299ecf5?l=10
Protocol: HTTP/1.1
Server: 54.210.107.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-210-107-188.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://citrix.account-maintenance.com/ffd299ecf5?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-Runtime: 0.002222
Date: Wed, 24 Jan 2018 20:13:28 GMT
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03d0f2c923354b318, ; 65eaa7a5a9338af29192b7a55a72a07754ae6cc2
ETag: "7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 1
X-Request-Id: abf0f4bc9d0e701118e7c7ce917da024
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
521 B 111ms
110ms Image
text/html 54.210.107.188
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=ffd299ecf5&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/ffd299ecf5?l=10
Protocol: HTTP/1.1
Server: 54.210.107.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-210-107-188.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://citrix.account-maintenance.com/ffd299ecf5?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-Runtime: 0.003317
Date: Wed, 24 Jan 2018 20:13:28 GMT
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03d0f2c923354b318, ; 65eaa7a5a9338af29192b7a55a72a07754ae6cc2
ETag: "7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 1
X-Request-Id: d226212c94f269a2eac8ec1a7e4734e3
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
521 B 112ms
112ms Image
text/html 54.210.107.188
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=ffd299ecf5&msg=BrowserDetect%20-%20os_version%20%3D%2010.12.6&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/ffd299ecf5?l=10
Protocol: HTTP/1.1
Server: 54.210.107.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-210-107-188.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://citrix.account-maintenance.com/ffd299ecf5?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-Runtime: 0.002565
Date: Wed, 24 Jan 2018 20:13:28 GMT
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03d0f2c923354b318, ; 65eaa7a5a9338af29192b7a55a72a07754ae6cc2
ETag: "7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 1
X-Request-Id: ea848b87204c8c9b3d2573a8a2098b59
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
521 B 112ms
112ms Image
text/html 54.210.107.188
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=ffd299ecf5&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/ffd299ecf5?l=10
Protocol: HTTP/1.1
Server: 54.210.107.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-210-107-188.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://citrix.account-maintenance.com/ffd299ecf5?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-Runtime: 0.002231
Date: Wed, 24 Jan 2018 20:13:28 GMT
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03d0f2c923354b318, ; 65eaa7a5a9338af29192b7a55a72a07754ae6cc2
ETag: "7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 1
X-Request-Id: 8827a192300c97a222368cf07bbbd868
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
521 B 2049ms
2049ms Image
text/html 54.210.107.188
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=ffd299ecf5&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/ffd299ecf5?l=10
Protocol: HTTP/1.1
Server: 54.210.107.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-210-107-188.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash

Request headers

Referer: http://citrix.account-maintenance.com/ffd299ecf5?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-Runtime: 0.003439
Date: Wed, 24 Jan 2018 20:13:30 GMT
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-066b7e17e3f840d95, ; 65eaa7a5a9338af29192b7a55a72a07754ae6cc2
ETag: "7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 1
X-Request-Id: 17283a40ca0446c7f4717999f01dae80
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
521 B 115ms
114ms Image
text/html 54.210.107.188
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=ffd299ecf5&msg=BrowserDetect%20-%20width%20%3D%201600&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/ffd299ecf5?l=10
Protocol: HTTP/1.1
Server: 54.210.107.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-210-107-188.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://citrix.account-maintenance.com/ffd299ecf5?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-Runtime: 0.002017
Date: Wed, 24 Jan 2018 20:13:28 GMT
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03d0f2c923354b318, ; 65eaa7a5a9338af29192b7a55a72a07754ae6cc2
ETag: "7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 1
X-Request-Id: 2a3afed582b96805b55d7c9d42b6f3ec
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
521 B 1948ms
1948ms Image
text/html 54.210.107.188
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=ffd299ecf5&msg=BrowserDetect%20-%20height%20%3D%201200&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/ffd299ecf5?l=10
Protocol: HTTP/1.1
Server: 54.210.107.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-210-107-188.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash

Request headers

Referer: http://citrix.account-maintenance.com/ffd299ecf5?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-Runtime: 0.003092
Date: Wed, 24 Jan 2018 20:13:30 GMT
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-014da17057e4b7cc9, ; 65eaa7a5a9338af29192b7a55a72a07754ae6cc2
ETag: "7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 1
X-Request-Id: 2acb3037e8fb0311cd54eb3dba05d4f9
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
521 B 112ms
112ms Image
text/html 54.210.107.188
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=ffd299ecf5&msg=Chrome%20browser%2C%20using%20more%20detailed%20version&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/ffd299ecf5?l=10
Protocol: HTTP/1.1
Server: 54.210.107.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-210-107-188.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://citrix.account-maintenance.com/ffd299ecf5?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-Runtime: 0.002856
Date: Wed, 24 Jan 2018 20:13:28 GMT
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03d0f2c923354b318, ; 65eaa7a5a9338af29192b7a55a72a07754ae6cc2
ETag: "7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 1
X-Request-Id: a25fe4b66e7146c2ca4e0177f878e330
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
521 B 113ms
112ms Image
text/html 54.210.107.188
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=ffd299ecf5&msg=Skipping%20java%20detection&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/ffd299ecf5?l=10
Protocol: HTTP/1.1
Server: 54.210.107.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-210-107-188.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://citrix.account-maintenance.com/ffd299ecf5?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-Runtime: 0.002472
Date: Wed, 24 Jan 2018 20:13:28 GMT
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03d0f2c923354b318, ; 65eaa7a5a9338af29192b7a55a72a07754ae6cc2
ETag: "7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 1
X-Request-Id: 9f2fe6ca2f225a3b24f517bb262421e8
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
521 B 115ms
115ms Image
text/html 54.210.107.188
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=ffd299ecf5&msg=Skipping%20flash%20detection&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/ffd299ecf5?l=10
Protocol: HTTP/1.1
Server: 54.210.107.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-210-107-188.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://citrix.account-maintenance.com/ffd299ecf5?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-Runtime: 0.002038
Date: Wed, 24 Jan 2018 20:13:28 GMT
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03d0f2c923354b318, ; 65eaa7a5a9338af29192b7a55a72a07754ae6cc2
ETag: "7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 1
X-Request-Id: dfe2643001429246d739c2463ad4f763
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
521 B 112ms
112ms Image
text/html 54.210.107.188
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=ffd299ecf5&msg=Skipping%20pdf%20detection&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/ffd299ecf5?l=10
Protocol: HTTP/1.1
Server: 54.210.107.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-210-107-188.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://citrix.account-maintenance.com/ffd299ecf5?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-Runtime: 0.002827
Date: Wed, 24 Jan 2018 20:13:28 GMT
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03d0f2c923354b318, ; 65eaa7a5a9338af29192b7a55a72a07754ae6cc2
ETag: "7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 1
X-Request-Id: a6de0c9f6666ff2905c74a234a5540c6
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
521 B 113ms
113ms Image
text/html 54.210.107.188
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=ffd299ecf5&msg=Skipping%20quicktime%20detection&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/ffd299ecf5?l=10
Protocol: HTTP/1.1
Server: 54.210.107.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-210-107-188.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://citrix.account-maintenance.com/ffd299ecf5?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-Runtime: 0.002790
Date: Wed, 24 Jan 2018 20:13:28 GMT
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0b7ce03ba36e7f280, ; 65eaa7a5a9338af29192b7a55a72a07754ae6cc2
ETag: "7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 1
X-Request-Id: 86a7089a060719a200e6b0df86e21c3c
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
521 B 116ms
115ms Image
text/html 54.210.107.188
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=ffd299ecf5&msg=Skipping%20RealPlayer%20detection&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/ffd299ecf5?l=10
Protocol: HTTP/1.1
Server: 54.210.107.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-210-107-188.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://citrix.account-maintenance.com/ffd299ecf5?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-Runtime: 0.002562
Date: Wed, 24 Jan 2018 20:13:28 GMT
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03d0f2c923354b318, ; 65eaa7a5a9338af29192b7a55a72a07754ae6cc2
ETag: "7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 1
X-Request-Id: 837cb07af69023cff2c40be8614b4bc3
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
521 B 112ms
111ms Image
text/html 54.210.107.188
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=ffd299ecf5&msg=Skipping%20Silverlight%20detection&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/ffd299ecf5?l=10
Protocol: HTTP/1.1
Server: 54.210.107.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-210-107-188.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash

Request headers

Referer: http://citrix.account-maintenance.com/ffd299ecf5?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-Runtime: 0.002791
Date: Wed, 24 Jan 2018 20:13:29 GMT
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0b7ce03ba36e7f280, ; 65eaa7a5a9338af29192b7a55a72a07754ae6cc2
ETag: "7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 1
X-Request-Id: 948ea372cc771e4c14e8bc7acf18ad3f
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
521 B 114ms
113ms Image
text/html 54.210.107.188
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=ffd299ecf5&msg=Skipping%20WindowsMediaPlayer%20detection&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/ffd299ecf5?l=10
Protocol: HTTP/1.1
Server: 54.210.107.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-210-107-188.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash

Request headers

Referer: http://citrix.account-maintenance.com/ffd299ecf5?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-Runtime: 0.002711
Date: Wed, 24 Jan 2018 20:13:29 GMT
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03d0f2c923354b318, ; 65eaa7a5a9338af29192b7a55a72a07754ae6cc2
ETag: "7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 1
X-Request-Id: 8e28721abcaad0bdc230d2ed698fbae7
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
521 B 115ms
115ms Image
text/html 54.210.107.188
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=ffd299ecf5&msg=redirecting%20to%20%2Fload_training%3Fguid%3Dffd299ecf5%26correlation_id%3D07761598-490a-4b00-a068-d6fd37499691&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/ffd299ecf5?l=10
Protocol: HTTP/1.1
Server: 54.210.107.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-210-107-188.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash

Request headers

Referer: http://citrix.account-maintenance.com/ffd299ecf5?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-Runtime: 0.002270
Date: Wed, 24 Jan 2018 20:13:29 GMT
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0b7ce03ba36e7f280, ; 65eaa7a5a9338af29192b7a55a72a07754ae6cc2
ETag: "7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 1
X-Request-Id: a43a6f0c1640111500b1321106ef0ded
X-UA-Compatible: IE=Edge,chrome=1

GET
S

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

http://www.google-analytics.com/r/collect?v=1&_v=j66&a=1450085378&t=pageview&_s=1&dl=http%3A%2F%2Fcitrix.account-maintenance.com%2Fffd299ecf5%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=16...
https://www.google-analytics.com/r/collect?v=1&_v=j66&a=1450085378&t=pageview&_s=1&dl=http%3A%2F%2Fcitrix.account-maintenance.com%2Fffd299ecf5%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-83403-17&cid=349102767.1516824808&jid=1641693942&_gid=1808313965.1516824808&gjid=2038718112&_v=j66&z=2108055215

35 B
102 B

14ms
13ms

Image
image/gif

173.194.76.155
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-83403-17&cid=349102767.1516824808&jid=1641693942&_gid=1808313965.1516824808&gjid=2038718112&_v=j66&z=2108055215

Requested by

Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/ffd299ecf5?l=10

Protocol

SPDY

Server

173.194.76.155 Portage, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

ws-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://citrix.account-maintenance.com/ffd299ecf5?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 24 Jan 2018 20:13:28 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Jan 2018 20:13:28 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 302
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-83403-17&cid=349102767.1516824808&jid=1641693942&_gid=1808313965.1516824808&gjid=2038718112&_v=j66&z=2108055215
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 417
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S

200

collect
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/collect?v=1&_v=j66&a=1450085378&t=pageview&_s=2&dl=http%3A%2F%2Fcitrix.account-maintenance.com%2Fffd299ecf5%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600...
https://www.google-analytics.com/collect?v=1&_v=j66&a=1450085378&t=pageview&_s=2&dl=http%3A%2F%2Fcitrix.account-maintenance.com%2Fffd299ecf5%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=160...

35 B
99 B

6ms
6ms

Image
image/gif

172.217.21.238
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j66&a=1450085378&t=pageview&_s=2&dl=http%3A%2F%2Fcitrix.account-maintenance.com%2Fffd299ecf5%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=&gjid=&cid=349102767.1516824808&uid=ffd299ecf5&tid=UA-83403-17&_gid=1808313965.1516824808&z=364867829

Requested by

Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/ffd299ecf5?l=10

Protocol

SPDY

Server

172.217.21.238 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s13-in-f238.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://citrix.account-maintenance.com/ffd299ecf5?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2018 20:27:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1035982
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/collect?v=1&_v=j66&a=1450085378&t=pageview&_s=2&dl=http%3A%2F%2Fcitrix.account-maintenance.com%2Fffd299ecf5%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=&gjid=&cid=349102767.1516824808&uid=ffd299ecf5&tid=UA-83403-17&_gid=1808313965.1516824808&z=364867829
Non-Authoritative-Reason: HSTS

GET trace
dataentry.threatsim.com/ 0
0

GET
H/1.1 200
OK Primary Request load_training Show response
citrix.account-maintenance.com/ 18 KB
19 KB 1652ms
1652ms Document
text/html 54.210.107.188
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/assets/all.js?g=ffd299ecf5
Protocol: HTTP/1.1
Server: 54.210.107.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-210-107-188.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: fc73eb4e6d8c53fe4d06c62da63f130a173410c5973009b66ca08dd0444718bc

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://citrix.account-maintenance.com/ffd299ecf5?l=10
Cookie: EXFILGUID=ffd299ecf5; link_clicked_ffd299ecf5=2; _ga=GA1.2.349102767.1516824808; _gid=GA1.2.1808313965.1516824808; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
Referer: http://citrix.account-maintenance.com/ffd299ecf5?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-Runtime: 1.546030
Date: Wed, 24 Jan 2018 20:13:30 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03d0f2c923354b318 ; 65eaa7a5a9338af29192b7a55a72a07754ae6cc2
ETag: W/"7102b7161637fff488fa9132676c95ca"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 6864
X-Request-Id: 7e15052839da9192431204919738e1e3
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK bugsnag-2.min.js Show response
d2wy8f7a9ursnm.cloudfront.net/ 6 KB
3 KB 47ms
46ms Script
application/javascript 52.85.173.114
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Protocol: HTTP/1.1
Server: 52.85.173.114 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-85-173-114.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc

Request headers

Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Mon, 10 Jul 2017 01:37:12 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Aug 2016 00:30:49 GMT
Server: AmazonS3
Age: 246715
ETag: "6103bb5e4ec6141e19e1100caafc780c"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 d0c574ed517101bf0c21ed5df9b18342.cloudfront.net (CloudFront)
Cache-Control: public, max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2962
X-Amz-Cf-Id: TvfWk3yKAOYrlBKS6y63QGClemgHgR4CD4wmYX2liATQohiYLsRK-A==

GET
S 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 94 KB
33 KB 23ms
6ms Script
text/javascript 172.217.23.170
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Requested by

Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691

Protocol

SPDY

Server

172.217.23.170 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s22-in-f10.1e100.net

Software

sffe /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Sun, 10 Dec 2017 02:55:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3950282
status: 200
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 33576
x-xss-protection: 1; mode=block
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 10 Dec 2018 02:55:28 GMT

GET
H/1.1 200
OK plugin_detect.js Show response
tslp.s3.amazonaws.com/detect/ 49 KB
49 KB 114ms
113ms Script
text/javascript 52.216.20.235
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Protocol: HTTP/1.1
Server: 52.216.20.235 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a

Request headers

Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Wed, 24 Jan 2018 20:13:31 GMT
Last-Modified: Wed, 15 Feb 2017 17:56:07 GMT
Server: AmazonS3
x-amz-request-id: 31B9F5D4497F623A
ETag: "00a513f07603df01e3b99be00f370754"
Content-Type: text/javascript
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 50085
x-amz-id-2: lOLGFELWZ1xFqpI3JE0Hs8W6u5nGaEhFrinLKR4TAPzTxmnmFBx8PJzjnXnNfmm2fVkJLOfab9w=

GET
H/1.1 200
OK phishing-link-data-entry-f7509e.PNG
ts-uploads.s3.amazonaws.com/training/production/1529/ 148 KB
149 KB 543ms
218ms Image
image/png 52.216.96.163
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ts-uploads.s3.amazonaws.com/training/production/1529/phishing-link-data-entry-f7509e.PNG
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Protocol: HTTP/1.1
Server: 52.216.96.163 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 23d8f47b88c063cb47bf331d91b0cc7ee1e4eb598cc6e4f38eeef0cc23ebd6a8

Request headers

Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Wed, 24 Jan 2018 20:13:32 GMT
Last-Modified: Tue, 18 Oct 2016 21:10:03 GMT
Server: AmazonS3
x-amz-request-id: C6BC8CB995F65739
ETag: "84ffe3d4facae83f05851e342ef1a966"
Content-Type: image/png
x-amz-version-id: cM5t3QDXiPyB9AUR7kMpCRPV6CBYjqTv
Accept-Ranges: bytes
Content-Length: 152016
x-amz-id-2: 8JTntCFLrimdRk+KrD0WsS0JYO9wSYtQu1fhlQz3kTVyDCQ6JX8n/AOWzgRjP5/E/JKDlfyCueQ=

GET
H/1.1 200
OK google-tracking.js Show response
citrix.account-maintenance.com/assets/ 455 B
707 B 103ms
103ms Script
application/javascript 54.210.107.188
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://citrix.account-maintenance.com/assets/google-tracking.js?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Protocol: HTTP/1.1
Server: 54.210.107.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-210-107-188.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: fce517e48a56b76d45fd456264b90c82aa6e9ddb578f9f36d844ace5816d9841

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Cookie: EXFILGUID=ffd299ecf5; link_clicked_ffd299ecf5=2; _ga=GA1.2.349102767.1516824808; _gid=GA1.2.1808313965.1516824808; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Wed, 24 Jan 2018 20:13:30 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Jan 2018 15:19:25 GMT
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000 public
Connection: keep-alive
Content-Length: 316
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK all.js Show response
citrix.account-maintenance.com/assets/ 28 KB
7 KB 103ms
103ms Script
application/javascript 54.210.107.188
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://citrix.account-maintenance.com/assets/all.js?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Protocol: HTTP/1.1
Server: 54.210.107.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-210-107-188.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: bae06f323013a94b766da34246d6439db4b57a1144e7b4f4c6a18848eb7a4cf8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Cookie: EXFILGUID=ffd299ecf5; link_clicked_ffd299ecf5=2; _ga=GA1.2.349102767.1516824808; _gid=GA1.2.1808313965.1516824808; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Wed, 24 Jan 2018 20:13:30 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Jan 2018 15:19:25 GMT
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000 public
Connection: keep-alive
Content-Length: 7149
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
S

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

35 KB
14 KB

6ms
6ms

Script
text/javascript

172.217.21.238
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691

Protocol

SPDY

Server

172.217.21.238 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s13-in-f238.1e100.net

Software

Golfe2 /

Resource Hash

f8ef655ef916e39713ede9c6db56d7ca5618bd82cf5ac991dcd013f05e0fdfc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 13 Nov 2017 20:19:12 GMT
server: Golfe2
age: 1096
date: Wed, 24 Jan 2018 19:55:15 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 14597
expires: Wed, 24 Jan 2018 21:55:15 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK trace
citrix.account-maintenance.com/ 1 B
521 B 109ms
108ms Image
text/html 54.210.107.188
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://citrix.account-maintenance.com/trace?id=undefined&msg=window.tracking_id%20is%20not%20set%2C%20let%27s%20get%20it&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Protocol: HTTP/1.1
Server: 54.210.107.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-210-107-188.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Cookie: EXFILGUID=ffd299ecf5; link_clicked_ffd299ecf5=2; _ga=GA1.2.349102767.1516824808; _gid=GA1.2.1808313965.1516824808; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-Runtime: 0.003047
Date: Wed, 24 Jan 2018 20:13:31 GMT
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-014da17057e4b7cc9 ; 65eaa7a5a9338af29192b7a55a72a07754ae6cc2
ETag: "7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 1
X-Request-Id: 342938f9ecd01abfabfd79b77c35dee2
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
citrix.account-maintenance.com/ 1 B
521 B 117ms
116ms Image
text/html 54.210.107.188
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://citrix.account-maintenance.com/trace?id=unknown&msg=get-id%20is%20undefined&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Protocol: HTTP/1.1
Server: 54.210.107.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-210-107-188.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Cookie: EXFILGUID=ffd299ecf5; link_clicked_ffd299ecf5=2; _ga=GA1.2.349102767.1516824808; _gid=GA1.2.1808313965.1516824808; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-Runtime: 0.002907
Date: Wed, 24 Jan 2018 20:13:31 GMT
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-066b7e17e3f840d95 ; 65eaa7a5a9338af29192b7a55a72a07754ae6cc2
ETag: "7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 1
X-Request-Id: 20bb4687daf7fdf2b792874f69a7e97b
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
citrix.account-maintenance.com/ 1 B
521 B 216ms
109ms Image
text/html 54.210.107.188
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://citrix.account-maintenance.com/trace?id=unknown&msg=did%20not%20find%20guid%20in%20last%20part%20of%20location&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Protocol: HTTP/1.1
Server: 54.210.107.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-210-107-188.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Cookie: EXFILGUID=ffd299ecf5; link_clicked_ffd299ecf5=2; _ga=GA1.2.349102767.1516824808; _gid=GA1.2.1808313965.1516824808; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-Runtime: 0.003233
Date: Wed, 24 Jan 2018 20:13:31 GMT
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-014da17057e4b7cc9 ; 65eaa7a5a9338af29192b7a55a72a07754ae6cc2
ETag: "7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 1
X-Request-Id: 2031d0886db3746b4d198e09f919490b
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
citrix.account-maintenance.com/ 1 B
521 B 216ms
111ms Image
text/html 54.210.107.188
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://citrix.account-maintenance.com/trace?id=ffd299ecf5&msg=BrowserDetect%20-%20localStorage%20%3D%20false&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Protocol: HTTP/1.1
Server: 54.210.107.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-210-107-188.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Cookie: EXFILGUID=ffd299ecf5; link_clicked_ffd299ecf5=2; _ga=GA1.2.349102767.1516824808; _gid=GA1.2.1808313965.1516824808; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-Runtime: 0.004076
Date: Wed, 24 Jan 2018 20:13:31 GMT
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0b7ce03ba36e7f280 ; 65eaa7a5a9338af29192b7a55a72a07754ae6cc2
ETag: "7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 1
X-Request-Id: 773dc75823f0412100c6e3e448a1a9a1
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
citrix.account-maintenance.com/ 1 B
521 B 213ms
107ms Image
text/html 54.210.107.188
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://citrix.account-maintenance.com/trace?id=ffd299ecf5&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Protocol: HTTP/1.1
Server: 54.210.107.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-210-107-188.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Cookie: EXFILGUID=ffd299ecf5; link_clicked_ffd299ecf5=2; _ga=GA1.2.349102767.1516824808; _gid=GA1.2.1808313965.1516824808; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-Runtime: 0.002609
Date: Wed, 24 Jan 2018 20:13:31 GMT
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-066b7e17e3f840d95 ; 65eaa7a5a9338af29192b7a55a72a07754ae6cc2
ETag: "7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 1
X-Request-Id: 5848c73d58ab1ea2c0140d0fb6455436
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
citrix.account-maintenance.com/ 1 B
521 B 217ms
111ms Image
text/html 54.210.107.188
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://citrix.account-maintenance.com/trace?id=ffd299ecf5&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Protocol: HTTP/1.1
Server: 54.210.107.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-210-107-188.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Cookie: EXFILGUID=ffd299ecf5; link_clicked_ffd299ecf5=2; _ga=GA1.2.349102767.1516824808; _gid=GA1.2.1808313965.1516824808; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-Runtime: 0.002332
Date: Wed, 24 Jan 2018 20:13:31 GMT
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-014da17057e4b7cc9 ; 65eaa7a5a9338af29192b7a55a72a07754ae6cc2
ETag: "7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 1
X-Request-Id: 917be8bf76cbc541e7f3851809d9feb2
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
citrix.account-maintenance.com/ 1 B
521 B 118ms
115ms Image
text/html 34.206.124.153
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://citrix.account-maintenance.com/trace?id=ffd299ecf5&msg=BrowserDetect%20-%20browser%20%3D%20Chrome&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Protocol: HTTP/1.1
Server: 34.206.124.153 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-206-124-153.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Cookie: EXFILGUID=ffd299ecf5; link_clicked_ffd299ecf5=2; _ga=GA1.2.349102767.1516824808; _gid=GA1.2.1808313965.1516824808; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-Runtime: 0.003119
Date: Wed, 24 Jan 2018 20:13:31 GMT
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-066b7e17e3f840d95 ; 65eaa7a5a9338af29192b7a55a72a07754ae6cc2
ETag: "7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 1
X-Request-Id: 9906140e32dddbb9726abe6878e9d263
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
citrix.account-maintenance.com/ 1 B
521 B 115ms
115ms Image
text/html 54.210.107.188
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://citrix.account-maintenance.com/trace?id=ffd299ecf5&msg=BrowserDetect%20-%20browser_version%20%3D%2063&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Protocol: HTTP/1.1
Server: 54.210.107.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-210-107-188.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Cookie: EXFILGUID=ffd299ecf5; link_clicked_ffd299ecf5=2; _ga=GA1.2.349102767.1516824808; _gid=GA1.2.1808313965.1516824808; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-Runtime: 0.002229
Date: Wed, 24 Jan 2018 20:13:31 GMT
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-066b7e17e3f840d95 ; 65eaa7a5a9338af29192b7a55a72a07754ae6cc2
ETag: "7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 1
X-Request-Id: 2355c1e39477e6ccaa192b315b92366e
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
citrix.account-maintenance.com/ 1 B
521 B 108ms
108ms Image
text/html 54.210.107.188
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://citrix.account-maintenance.com/trace?id=ffd299ecf5&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Protocol: HTTP/1.1
Server: 54.210.107.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-210-107-188.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Cookie: EXFILGUID=ffd299ecf5; link_clicked_ffd299ecf5=2; _ga=GA1.2.349102767.1516824808; _gid=GA1.2.1808313965.1516824808; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-Runtime: 0.002847
Date: Wed, 24 Jan 2018 20:13:31 GMT
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-014da17057e4b7cc9 ; 65eaa7a5a9338af29192b7a55a72a07754ae6cc2
ETag: "7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 1
X-Request-Id: 3324d8592f9102713c17b75d17777651
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
citrix.account-maintenance.com/ 1 B
521 B 107ms
107ms Image
text/html 54.210.107.188
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://citrix.account-maintenance.com/trace?id=ffd299ecf5&msg=BrowserDetect%20-%20os_version%20%3D%2010.12.6&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Protocol: HTTP/1.1
Server: 54.210.107.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-210-107-188.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Cookie: EXFILGUID=ffd299ecf5; link_clicked_ffd299ecf5=2; _ga=GA1.2.349102767.1516824808; _gid=GA1.2.1808313965.1516824808; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-Runtime: 0.002404
Date: Wed, 24 Jan 2018 20:13:31 GMT
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-066b7e17e3f840d95 ; 65eaa7a5a9338af29192b7a55a72a07754ae6cc2
ETag: "7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 1
X-Request-Id: 1fa847e9daa69d62cdb51281e2596164
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
citrix.account-maintenance.com/ 1 B
521 B 108ms
108ms Image
text/html 54.210.107.188
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://citrix.account-maintenance.com/trace?id=ffd299ecf5&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Protocol: HTTP/1.1
Server: 54.210.107.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-210-107-188.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Cookie: EXFILGUID=ffd299ecf5; link_clicked_ffd299ecf5=2; _ga=GA1.2.349102767.1516824808; _gid=GA1.2.1808313965.1516824808; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-Runtime: 0.002631
Date: Wed, 24 Jan 2018 20:13:31 GMT
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0b7ce03ba36e7f280 ; 65eaa7a5a9338af29192b7a55a72a07754ae6cc2
ETag: "7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 1
X-Request-Id: 1216c518d0c92c713b8abb5584a37680
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
citrix.account-maintenance.com/ 1 B
521 B 111ms
111ms Image
text/html 54.210.107.188
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://citrix.account-maintenance.com/trace?id=ffd299ecf5&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Protocol: HTTP/1.1
Server: 54.210.107.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-210-107-188.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Cookie: EXFILGUID=ffd299ecf5; link_clicked_ffd299ecf5=2; _ga=GA1.2.349102767.1516824808; _gid=GA1.2.1808313965.1516824808; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-Runtime: 0.002366
Date: Wed, 24 Jan 2018 20:13:31 GMT
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-014da17057e4b7cc9 ; 65eaa7a5a9338af29192b7a55a72a07754ae6cc2
ETag: "7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 1
X-Request-Id: f564632e1c477889e629744a79199407
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
citrix.account-maintenance.com/ 1 B
521 B 114ms
114ms Image
text/html 34.206.124.153
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://citrix.account-maintenance.com/trace?id=ffd299ecf5&msg=BrowserDetect%20-%20width%20%3D%201600&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Protocol: HTTP/1.1
Server: 34.206.124.153 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-206-124-153.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Cookie: EXFILGUID=ffd299ecf5; link_clicked_ffd299ecf5=2; _ga=GA1.2.349102767.1516824808; _gid=GA1.2.1808313965.1516824808; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-Runtime: 0.003077
Date: Wed, 24 Jan 2018 20:13:31 GMT
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0b7ce03ba36e7f280 ; 65eaa7a5a9338af29192b7a55a72a07754ae6cc2
ETag: "7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 1
X-Request-Id: 7bcd536d89eaa9f5e4d93a8e8243d340
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
citrix.account-maintenance.com/ 1 B
521 B 122ms
122ms Image
text/html 54.210.107.188
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://citrix.account-maintenance.com/trace?id=ffd299ecf5&msg=BrowserDetect%20-%20height%20%3D%201200&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Protocol: HTTP/1.1
Server: 54.210.107.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-210-107-188.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Cookie: EXFILGUID=ffd299ecf5; link_clicked_ffd299ecf5=2; _ga=GA1.2.349102767.1516824808; _gid=GA1.2.1808313965.1516824808; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-Runtime: 0.003024
Date: Wed, 24 Jan 2018 20:13:31 GMT
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-014da17057e4b7cc9 ; 65eaa7a5a9338af29192b7a55a72a07754ae6cc2
ETag: "7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 1
X-Request-Id: c5249853a19abec70da0c98c5c1beba8
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
citrix.account-maintenance.com/ 1 B
521 B 109ms
109ms Image
text/html 54.210.107.188
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://citrix.account-maintenance.com/trace?id=ffd299ecf5&msg=Chrome%20browser%2C%20using%20more%20detailed%20version&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Protocol: HTTP/1.1
Server: 54.210.107.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-210-107-188.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Cookie: EXFILGUID=ffd299ecf5; link_clicked_ffd299ecf5=2; _ga=GA1.2.349102767.1516824808; _gid=GA1.2.1808313965.1516824808; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-Runtime: 0.002831
Date: Wed, 24 Jan 2018 20:13:31 GMT
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-014da17057e4b7cc9 ; 65eaa7a5a9338af29192b7a55a72a07754ae6cc2
ETag: "7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 1
X-Request-Id: 7b18e8860badd334d03ee2721ffbb5ea
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
citrix.account-maintenance.com/ 1 B
521 B 108ms
108ms Image
text/html 54.210.107.188
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://citrix.account-maintenance.com/trace?id=ffd299ecf5&msg=Skipping%20java%20detection&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Protocol: HTTP/1.1
Server: 54.210.107.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-210-107-188.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Cookie: EXFILGUID=ffd299ecf5; link_clicked_ffd299ecf5=2; _ga=GA1.2.349102767.1516824808; _gid=GA1.2.1808313965.1516824808; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-Runtime: 0.003308
Date: Wed, 24 Jan 2018 20:13:31 GMT
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03d0f2c923354b318 ; 65eaa7a5a9338af29192b7a55a72a07754ae6cc2
ETag: "7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 1
X-Request-Id: 1d3ec36acb14a0526728526fbdc2ac8e
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
citrix.account-maintenance.com/ 1 B
521 B 108ms
108ms Image
text/html 54.210.107.188
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://citrix.account-maintenance.com/trace?id=ffd299ecf5&msg=Skipping%20flash%20detection&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Protocol: HTTP/1.1
Server: 54.210.107.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-210-107-188.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Cookie: EXFILGUID=ffd299ecf5; link_clicked_ffd299ecf5=2; _ga=GA1.2.349102767.1516824808; _gid=GA1.2.1808313965.1516824808; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-Runtime: 0.002514
Date: Wed, 24 Jan 2018 20:13:31 GMT
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0b7ce03ba36e7f280 ; 65eaa7a5a9338af29192b7a55a72a07754ae6cc2
ETag: "7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 1
X-Request-Id: 1879f476014da56b0957e56f1c557a4c
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
citrix.account-maintenance.com/ 1 B
521 B 111ms
111ms Image
text/html 54.210.107.188
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://citrix.account-maintenance.com/trace?id=ffd299ecf5&msg=Skipping%20pdf%20detection&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Protocol: HTTP/1.1
Server: 54.210.107.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-210-107-188.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Cookie: EXFILGUID=ffd299ecf5; link_clicked_ffd299ecf5=2; _ga=GA1.2.349102767.1516824808; _gid=GA1.2.1808313965.1516824808; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-Runtime: 0.002433
Date: Wed, 24 Jan 2018 20:13:31 GMT
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03d0f2c923354b318 ; 65eaa7a5a9338af29192b7a55a72a07754ae6cc2
ETag: "7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 1
X-Request-Id: 3ff7b6bade58fea35dbb33a7e5f9d666
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
citrix.account-maintenance.com/ 1 B
521 B 114ms
114ms Image
text/html 34.206.124.153
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://citrix.account-maintenance.com/trace?id=ffd299ecf5&msg=Skipping%20quicktime%20detection&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Protocol: HTTP/1.1
Server: 34.206.124.153 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-206-124-153.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Cookie: EXFILGUID=ffd299ecf5; link_clicked_ffd299ecf5=2; _ga=GA1.2.349102767.1516824808; _gid=GA1.2.1808313965.1516824808; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-Runtime: 0.002835
Date: Wed, 24 Jan 2018 20:13:31 GMT
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-066b7e17e3f840d95 ; 65eaa7a5a9338af29192b7a55a72a07754ae6cc2
ETag: "7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 1
X-Request-Id: 024bf360393c16e0b36744a420e45260
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
citrix.account-maintenance.com/ 1 B
521 B 117ms
117ms Image
text/html 54.210.107.188
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://citrix.account-maintenance.com/trace?id=ffd299ecf5&msg=Skipping%20RealPlayer%20detection&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Protocol: HTTP/1.1
Server: 54.210.107.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-210-107-188.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Cookie: EXFILGUID=ffd299ecf5; link_clicked_ffd299ecf5=2; _ga=GA1.2.349102767.1516824808; _gid=GA1.2.1808313965.1516824808; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-Runtime: 0.003017
Date: Wed, 24 Jan 2018 20:13:31 GMT
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-014da17057e4b7cc9 ; 65eaa7a5a9338af29192b7a55a72a07754ae6cc2
ETag: "7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 1
X-Request-Id: 6759e67a7aa9de808f5d7a8bb65b946b
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
citrix.account-maintenance.com/ 1 B
521 B 108ms
107ms Image
text/html 54.210.107.188
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://citrix.account-maintenance.com/trace?id=ffd299ecf5&msg=Skipping%20Silverlight%20detection&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Protocol: HTTP/1.1
Server: 54.210.107.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-210-107-188.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Cookie: EXFILGUID=ffd299ecf5; link_clicked_ffd299ecf5=2; _ga=GA1.2.349102767.1516824808; _gid=GA1.2.1808313965.1516824808; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-Runtime: 0.002704
Date: Wed, 24 Jan 2018 20:13:31 GMT
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0b7ce03ba36e7f280 ; 65eaa7a5a9338af29192b7a55a72a07754ae6cc2
ETag: "7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 1
X-Request-Id: 45883b7dbb0c05f43d958997556e9c6b
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
citrix.account-maintenance.com/ 1 B
521 B 108ms
108ms Image
text/html 54.210.107.188
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://citrix.account-maintenance.com/trace?id=ffd299ecf5&msg=Skipping%20WindowsMediaPlayer%20detection&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Protocol: HTTP/1.1
Server: 54.210.107.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-210-107-188.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Cookie: EXFILGUID=ffd299ecf5; link_clicked_ffd299ecf5=2; _ga=GA1.2.349102767.1516824808; _gid=GA1.2.1808313965.1516824808; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-Runtime: 0.003445
Date: Wed, 24 Jan 2018 20:13:31 GMT
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03d0f2c923354b318 ; 65eaa7a5a9338af29192b7a55a72a07754ae6cc2
ETag: "7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 1
X-Request-Id: 5b04c166434822401e05f1f468d02c7c
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
citrix.account-maintenance.com/ 1 B
521 B 110ms
110ms Image
text/html 54.210.107.188
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://citrix.account-maintenance.com/trace?id=ffd299ecf5&msg=training_page_no_browser_post&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Protocol: HTTP/1.1
Server: 54.210.107.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-210-107-188.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Cookie: EXFILGUID=ffd299ecf5; link_clicked_ffd299ecf5=2; _ga=GA1.2.349102767.1516824808; _gid=GA1.2.1808313965.1516824808; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-Runtime: 0.002819
Date: Wed, 24 Jan 2018 20:13:31 GMT
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-014da17057e4b7cc9 ; 65eaa7a5a9338af29192b7a55a72a07754ae6cc2
ETag: "7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 1
X-Request-Id: 35bfc6a8a39c7c44431ef017c9a0b01f
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
citrix.account-maintenance.com/ 1 B
521 B 111ms
111ms Image
text/html 54.210.107.188
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://citrix.account-maintenance.com/trace?id=ffd299ecf5&msg=redirect_url%20is%20undefined&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Protocol: HTTP/1.1
Server: 54.210.107.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-210-107-188.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: citrix.account-maintenance.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Cookie: EXFILGUID=ffd299ecf5; link_clicked_ffd299ecf5=2; _ga=GA1.2.349102767.1516824808; _gid=GA1.2.1808313965.1516824808; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-Runtime: 0.002193
Date: Wed, 24 Jan 2018 20:13:31 GMT
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0b7ce03ba36e7f280 ; 65eaa7a5a9338af29192b7a55a72a07754ae6cc2
ETag: "7215ee9c7d9dc229d2921a40e899ec5f"
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 1
X-Request-Id: 3735d1396cc6ef9deb8ab9166a91b985
X-UA-Compatible: IE=Edge,chrome=1

GET
S

200

collect
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/collect?v=1&_v=j66&a=101456168&t=pageview&_s=1&dl=http%3A%2F%2Fcitrix.account-maintenance.com%2Fload_training%3Fguid%3Dffd299ecf5%26correlation_id%3D07761598-490a-4b...
https://www.google-analytics.com/collect?v=1&_v=j66&a=101456168&t=pageview&_s=1&dl=http%3A%2F%2Fcitrix.account-maintenance.com%2Fload_training%3Fguid%3Dffd299ecf5%26correlation_id%3D07761598-490a-4...

35 B
99 B

6ms
5ms

Image
image/gif

172.217.21.238
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j66&a=101456168&t=pageview&_s=1&dl=http%3A%2F%2Fcitrix.account-maintenance.com%2Fload_training%3Fguid%3Dffd299ecf5%26correlation_id%3D07761598-490a-4b00-a068-d6fd37499691&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=AACAAEAB~&jid=&gjid=&cid=349102767.1516824808&tid=UA-83403-17&_gid=1808313965.1516824808&z=1817965064

Requested by

Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691

Protocol

SPDY

Server

172.217.21.238 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s13-in-f238.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2018 20:27:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1035985
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/collect?v=1&_v=j66&a=101456168&t=pageview&_s=1&dl=http%3A%2F%2Fcitrix.account-maintenance.com%2Fload_training%3Fguid%3Dffd299ecf5%26correlation_id%3D07761598-490a-4b00-a068-d6fd37499691&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=AACAAEAB~&jid=&gjid=&cid=349102767.1516824808&tid=UA-83403-17&_gid=1808313965.1516824808&z=1817965064
Non-Authoritative-Reason: HSTS

GET
S

200

collect
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/collect?v=1&_v=j66&a=101456168&t=pageview&_s=2&dl=http%3A%2F%2Fcitrix.account-maintenance.com%2Fload_training%3Fguid%3Dffd299ecf5%26correlation_id%3D07761598-490a-4b...
https://www.google-analytics.com/collect?v=1&_v=j66&a=101456168&t=pageview&_s=2&dl=http%3A%2F%2Fcitrix.account-maintenance.com%2Fload_training%3Fguid%3Dffd299ecf5%26correlation_id%3D07761598-490a-4...

35 B
93 B

7ms
7ms

Image
image/gif

172.217.21.238
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j66&a=101456168&t=pageview&_s=2&dl=http%3A%2F%2Fcitrix.account-maintenance.com%2Fload_training%3Fguid%3Dffd299ecf5%26correlation_id%3D07761598-490a-4b00-a068-d6fd37499691&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAEAB~&jid=&gjid=&cid=349102767.1516824808&tid=UA-83403-17&_gid=1808313965.1516824808&z=466893793

Requested by

Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691

Protocol

SPDY

Server

172.217.21.238 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s13-in-f238.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2018 20:27:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1035985
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/collect?v=1&_v=j66&a=101456168&t=pageview&_s=2&dl=http%3A%2F%2Fcitrix.account-maintenance.com%2Fload_training%3Fguid%3Dffd299ecf5%26correlation_id%3D07761598-490a-4b00-a068-d6fd37499691&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAEAB~&jid=&gjid=&cid=349102767.1516824808&tid=UA-83403-17&_gid=1808313965.1516824808&z=466893793
Non-Authoritative-Reason: HSTS

GET
S 200 nr-1071.min.js Show response
js-agent.newrelic.com/ 23 KB
9 KB 6ms
5ms Script
application/javascript 151.101.114.110
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1071.min.js
Requested by: Host: citrix.account-maintenance.com
URL: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
Protocol: SPDY
Server: 151.101.114.110 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 56097e8b7ceb27db42a5e102af6d11dfdcaee13d8716477a8e242b4957d7a280

Request headers

Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Wed, 24 Jan 2018 20:13:31 GMT
content-encoding: gzip
x-amz-request-id: 5EA69B9E407DB8D1
x-cache: HIT
status: 200
content-length: 9086
x-amz-id-2: UmIzaBjWpP1dp8unLzp1UKU8AKexnFQRjzIBXsOEawuxNZTvApIKl37QGTZIrusQacKN80XwG98=
x-served-by: cache-hhn1530-HHN
last-modified: Tue, 14 Nov 2017 18:09:22 GMT
server: AmazonS3
x-timer: S1516824812.998375,VS0,VE0
etag: "a1a545c95f313a230157b47dca555c25"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 599195

GET
H/1.1 200
OK 1eb02dae32 Show response
bam.nr-data.net/1/ 57 B
260 B 459ms
114ms Script
text/javascript 162.247.242.20
New Relic

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/1eb02dae32?a=16828251&v=1071.385e752&to=J1oIRBZeWVQHSxwVFwVcCFkKVhpLClZE&rst=2986&ref=http://citrix.account-maintenance.com/load_training&ap=1547&be=1658&fe=2975&dc=1991&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1516824809020,%22n%22:0,%22u%22:1653,%22ue%22:1654,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22ce%22:0,%22rq%22:0,%22rp%22:1652,%22rpe%22:1653,%22dl%22:1655,%22di%22:1990,%22ds%22:1990,%22de%22:1996,%22dc%22:2974,%22l%22:2974,%22le%22:2975%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1071.min.js
Protocol: HTTP/1.1
Server: 162.247.242.20 , United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US),
Reverse DNS: bam-8.nr-data.net
Software: /
Resource Hash: 33c3bf91a25c2b7a355ab82043af5b30efd739892586c6fef51a740c1429265d

Request headers

Referer: http://citrix.account-maintenance.com/load_training?guid=ffd299ecf5&correlation_id=07761598-490a-4b00-a068-d6fd37499691
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 57
Content-Type: text/javascript;charset=ISO-8859-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dataentry.threatsim.com
URL: https://dataentry.threatsim.com/trace?id=ffd299ecf5&msg=browser_post_successful&correlation_id=07761598-490a-4b00-a068-d6fd37499691

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.account-maintenance.com/	1970-01-18 13:20:24	Name: _gat Value: 1
.account-maintenance.com/	1970-01-19 06:51:36	Name: _ga Value: GA1.2.349102767.1516824808
.account-maintenance.com/	1970-01-18 13:21:51	Name: _gid Value: GA1.2.1808313965.1516824808
citrix.account-maintenance.com/	1970-01-01 00:00:00	Name: link_clicked_ffd299ecf5 Value: 2
citrix.account-maintenance.com/	1970-01-01 00:00:00	Name: EXFILGUID Value: ffd299ecf5

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bam.nr-data.net
citrix.account-maintenance.com
d2wy8f7a9ursnm.cloudfront.net
dataentry.threatsim.com
js-agent.newrelic.com
stats.g.doubleclick.net
ts-uploads.s3.amazonaws.com
tslp.s3.amazonaws.com
www.google-analytics.com
dataentry.threatsim.com
151.101.114.110
162.247.242.20
172.217.21.238
172.217.23.138
172.217.23.170
173.194.76.155
34.206.124.153
52.216.20.235
52.216.96.163
52.85.173.114
54.210.107.188
23d8f47b88c063cb47bf331d91b0cc7ee1e4eb598cc6e4f38eeef0cc23ebd6a8
298de8902f19e3185bd0a2f2aacbc1953fc0054ccf584995e560b779eb3597fa
33c3bf91a25c2b7a355ab82043af5b30efd739892586c6fef51a740c1429265d
4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a
56097e8b7ceb27db42a5e102af6d11dfdcaee13d8716477a8e242b4957d7a280
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
bae06f323013a94b766da34246d6439db4b57a1144e7b4f4c6a18848eb7a4cf8
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f8ef655ef916e39713ede9c6db56d7ca5618bd82cf5ac991dcd013f05e0fdfc7
fc73eb4e6d8c53fe4d06c62da63f130a173410c5973009b66ca08dd0444718bc
fce517e48a56b76d45fd456264b90c82aa6e9ddb578f9f36d844ace5816d9841

citrix.account-maintenance.com Open in urlscan Pro 54.210.107.188 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

68 Requests

0 %HTTPS

0 %IPv6

9 Domains

10 Subdomains

12 IPs

1 Countries

436 kBTransfer

630 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

68 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

citrix.account-maintenance.com Open in urlscan Pro
54.210.107.188 Public Scan

Screenshot
Live screenshot

Full Image

68
Requests

0 %
HTTPS

0 %
IPv6

9
Domains

10
Subdomains

12
IPs

1
Countries

436 kB
Transfer

630 kB
Size

5
Cookies

68 HTTP transactions
0 data transactions