msft.onlinedocshare.com Open in urlscan Pro
34.197.248.101 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://msft.onlinedocshare.com/c19bad5358c76cec?l=40
Effective URL:
http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50
Submission: On January 13 via manual (January 13th 2022, 5:32:45 pm UTC) from US — Scanned from DE

Summary HTTP 86 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 13 IPs in 2 countries across 10 domains to perform 86 HTTP transactions. The main IP is 34.197.248.101, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is msft.onlinedocshare.com.

This is the only time msft.onlinedocshare.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
58	34.197.248.101 34.197.248.101	14618 (AMAZON-AES) (AMAZON-AES)
3	54.231.200.225 54.231.200.225	16509 (AMAZON-02) (AMAZON-02)
2	18.66.242.103 18.66.242.103	16509 (AMAZON-02) (AMAZON-02)
1	52.217.79.148 52.217.79.148	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
8	2a04:4e42:200... 2a04:4e42:200::622	54113 (FASTLY) (FASTLY)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1	162.247.243.146 162.247.243.146	() ()
1	2.16.186.18 2.16.186.18	() ()
2	34.192.199.150 34.192.199.150	() ()
1	54.86.117.43 54.86.117.43	() ()
1	92.123.194.65 92.123.194.65	() ()
86	13

58 34.197.248.101 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-248-101.compute-1.amazonaws.com

msft.onlinedocshare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.231.200.225 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

tslp.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.242.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-242-103.dus51.r.cloudfront.net

d2wy8f7a9ursnm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.79.148 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

ts-uploads.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a04:4e42:200::622 (United States)

ASN54113 (FASTLY, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.146 (None, )

ASN- ()

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.18 (None, )

ASN- ()

embedwistia-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.192.199.150 (None, )

ASN- ()

fg8vvsvnieiv3ej16jby.litix.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.86.117.43 (None, )

ASN- ()

distillery.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.194.65 (None, )

ASN- ()

embed.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
58	onlinedocshare.com msft.onlinedocshare.com	142 KB
10	wistia.com fast.wistia.com — Cisco Umbrella Rank: 4558 distillery.wistia.com embed.wistia.com	1 MB
4	amazonaws.com tslp.s3.amazonaws.com — Cisco Umbrella Rank: 374351 ts-uploads.s3.amazonaws.com — Cisco Umbrella Rank: 589506	179 KB
2	litix.io fg8vvsvnieiv3ej16jby.litix.io	172 B
2	cloudfront.net d2wy8f7a9ursnm.cloudfront.net	7 KB
1	akamaihd.net embedwistia-a.akamaihd.net
1	nr-data.net bam-cell.nr-data.net	725 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 320	17 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 258	30 KB
0	wistia.net Failed fast.wistia.net Failed
86	10

	Domain	Requested by
58	msft.onlinedocshare.com	msft.onlinedocshare.com
8	fast.wistia.com	msft.onlinedocshare.com
3	tslp.s3.amazonaws.com	msft.onlinedocshare.com
2	fg8vvsvnieiv3ej16jby.litix.io	msft.onlinedocshare.com
2	d2wy8f7a9ursnm.cloudfront.net	msft.onlinedocshare.com
1	embed.wistia.com	msft.onlinedocshare.com
1	distillery.wistia.com	msft.onlinedocshare.com
1	embedwistia-a.akamaihd.net
1	bam-cell.nr-data.net	msft.onlinedocshare.com
1	js-agent.newrelic.com	msft.onlinedocshare.com
1	ajax.googleapis.com	msft.onlinedocshare.com
1	ts-uploads.s3.amazonaws.com	msft.onlinedocshare.com
0	fast.wistia.net Failed
86	13

This site contains links to these domains. Also see Links.

Domain
www.wombatsecurity.com

Subject Issuer	Validity	Valid
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-01-11` - `2022-02-11`	a year	crt.sh
fast.wistia.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-12-24` - `2023-01-25`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.litix.io Amazon	`2021-10-28` - `2022-11-25`	a year	crt.sh
*.wistia.com Amazon	`2021-04-01` - `2022-04-30`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50
Frame ID: A78EC80BEAE68664748E355854309F10
Requests: 86 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

You've been phished!

Page URL History Show full URLs

http://msft.onlinedocshare.com/c19bad5358c76cec?l=40 Page URL
http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-c... Page URL

Detected technologies

BugSnag (Analytics) Expand

Overall confidence: 100%
Detected patterns

/bugsnag.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

86
Requests

19 %
HTTPS

17 %
IPv6

10
Domains

13
Subdomains

13
IPs

2
Countries

1598 kB
Transfer

6202 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.wombatsecurity.com/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://msft.onlinedocshare.com/c19bad5358c76cec?l=40 Page URL
http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

86 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK c19bad5358c76cec Show response
msft.onlinedocshare.com/ 34 KB
12 KB 226ms
107ms Document
text/html 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

http://msft.onlinedocshare.com/c19bad5358c76cec?l=40

Protocol

HTTP/1.1

Server

34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-248-101.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

7309653cb90703f1aa876d08153fbbcc20983add63c05844016bfc1a79b01b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Thu, 13 Jan 2022 17:32:39 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
ETag: W/"7309653cb90703f1aa876d08153fbbcc"
Cache-Control: max-age=0, private, must-revalidate
X-Request-Id: c8388358-07e3-4102-bbf6-19f67b342eac
X-Runtime: 0.012185
X-Host-Info: lw-prod-us-i-017d27842a5451d1c ; 28c9528f0de5d5cc9ec334d615f20024e81c8778
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

GET alt_pixel_click_9bad58c76c.gif
msft.onlinedocshare.com/ 0
0

GET
H/1.1 200
OK plugin_detect.js Show response
tslp.s3.amazonaws.com/detect/ 49 KB
49 KB 412ms
126ms Script
text/javascript 54.231.200.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=9bad58c76c&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50
Requested by: Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/c19bad5358c76cec?l=40
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.200.225 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:41 GMT
Last-Modified: Wed, 15 Feb 2017 17:56:07 GMT
Server: AmazonS3
x-amz-request-id: Z1KPV9A2SF436CXZ
ETag: "00a513f07603df01e3b99be00f370754"
Content-Type: text/javascript
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 50085
x-amz-id-2: 4nZFLchtBaW3SyWTwDOvj3A6MVR3wTSnObFVEJ/UWEX1sRmVb91TXw6n0yXdYWiOVlYyJeLGnl4=

GET
H/1.1 200
OK bugsnag-2.min.js Show response
d2wy8f7a9ursnm.cloudfront.net/ 6 KB
3 KB 26ms
9ms Script
application/javascript 18.66.242.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
Requested by: Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/c19bad5358c76cec?l=40
Protocol: HTTP/1.1
Server: 18.66.242.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-242-103.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 00:17:08 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 10 Aug 2016 00:30:49 GMT
Server: AmazonS3
Age: 62133
ETag: "6103bb5e4ec6141e19e1100caafc780c"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 31f1d6f9a4e05bd522db88334d37b9c2.cloudfront.net (CloudFront)
Cache-Control: public, max-age=604800
X-Amz-Cf-Pop: DUS51-P1
Accept-Ranges: bytes
Content-Length: 2962
X-Amz-Cf-Id: Hs5zBbMDMltcUQWtfscX641OoLha3ok9OgWopEy1WjJozlDhGqJoqA==

GET
H/1.1 200
OK jquery.min.js Show response
msft.onlinedocshare.com/assets/ajax/libs/jquery/1.9.1/ 90 KB
32 KB 97ms
97ms Script
application/javascript 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://msft.onlinedocshare.com/assets/ajax/libs/jquery/1.9.1/jquery.min.js
Requested by: Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/c19bad5358c76cec?l=40
Protocol: HTTP/1.1
Server: 34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-248-101.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/c19bad5358c76cec?l=40
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:40 GMT
Content-Encoding: gzip
Last-Modified: Thu, 11 Nov 2021 14:01:50 GMT
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK all.js Show response
msft.onlinedocshare.com/assets/ 28 KB
7 KB 184ms
92ms Script
application/javascript 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://msft.onlinedocshare.com/assets/all.js?g=9bad58c76c
Requested by: Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/c19bad5358c76cec?l=40
Protocol: HTTP/1.1
Server: 34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-248-101.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: 39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/c19bad5358c76cec?l=40
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:40 GMT
Content-Encoding: gzip
Last-Modified: Thu, 11 Nov 2021 14:01:51 GMT
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Content-Length: 7191
Expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H/1.1 200
OK browser_post Show response
msft.onlinedocshare.com/secure/ 0
702 B 103ms
103ms XHR
image/gif 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

http://msft.onlinedocshare.com/secure/browser_post

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/c19bad5358c76cec?l=40

Protocol

HTTP/1.1

Server

34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-248-101.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: XQ4GVVFACQAAU1dSDgQCVA==
tracestate: 1506924@nr=0-1-98147-1307613366-e3ece4fb10a00f3c----1642095160649
traceparent: 00-7c837e81b718fe68983aef412accdad0-e3ece4fb10a00f3c-01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6Ijk4MTQ3IiwiYXAiOiIxMzA3NjEzMzY2IiwiaWQiOiJlM2VjZTRmYjEwYTAwZjNjIiwidHIiOiI3YzgzN2U4MWI3MThmZTY4OTgzYWVmNDEyYWNjZGFkMCIsInRpIjoxNjQyMDk1MTYwNjQ5LCJ0ayI6IjE1MDY5MjQifX0=
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: */*
Referer: http://msft.onlinedocshare.com/c19bad5358c76cec?l=40
X-Requested-With: XMLHttpRequest

Response headers

Date: Thu, 13 Jan 2022 17:32:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: aa994454-7826-455d-a396-8fdb4244bf1e
X-Runtime: 0.009394
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-us-i-03316c79afb810348, ; 28c9528f0de5d5cc9ec334d615f20024e81c8778
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: image/gif; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
msft.onlinedocshare.com/ 0
687 B 96ms
96ms Image
text/html 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://msft.onlinedocshare.com/trace?id=9bad58c76c&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/c19bad5358c76cec?l=40

Protocol

HTTP/1.1

Server

34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-248-101.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/c19bad5358c76cec?l=40
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: b907e776-c716-4193-8c9a-9b96eeb7c9d2
X-Runtime: 0.002624
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-us-i-03316c79afb810348, ; 28c9528f0de5d5cc9ec334d615f20024e81c8778
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
msft.onlinedocshare.com/ 0
687 B 188ms
96ms Image
text/html 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://msft.onlinedocshare.com/trace?id=9bad58c76c&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/c19bad5358c76cec?l=40

Protocol

HTTP/1.1

Server

34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-248-101.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/c19bad5358c76cec?l=40
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 6b4e8163-47f2-4f02-a506-530215cdab4e
X-Runtime: 0.002216
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-us-i-057750f9bcea7a013, ; 28c9528f0de5d5cc9ec334d615f20024e81c8778
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
msft.onlinedocshare.com/ 0
687 B 187ms
95ms Image
text/html 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://msft.onlinedocshare.com/trace?id=9bad58c76c&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/c19bad5358c76cec?l=40

Protocol

HTTP/1.1

Server

34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-248-101.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/c19bad5358c76cec?l=40
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 958b8436-167d-4ae0-83dd-f3f0dab185d4
X-Runtime: 0.002078
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-us-i-017d27842a5451d1c, ; 28c9528f0de5d5cc9ec334d615f20024e81c8778
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
msft.onlinedocshare.com/ 0
687 B 189ms
98ms Image
text/html 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://msft.onlinedocshare.com/trace?id=9bad58c76c&msg=BrowserDetect%20-%20browser%20%3D%20Chrome&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/c19bad5358c76cec?l=40

Protocol

HTTP/1.1

Server

34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-248-101.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/c19bad5358c76cec?l=40
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 576dab36-d0bc-449a-9e24-e17277d5f761
X-Runtime: 0.003544
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-us-i-05d5b2445958f1882, ; 28c9528f0de5d5cc9ec334d615f20024e81c8778
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
msft.onlinedocshare.com/ 0
687 B 191ms
99ms Image
text/html 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://msft.onlinedocshare.com/trace?id=9bad58c76c&msg=BrowserDetect%20-%20browser_version%20%3D%2097&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/c19bad5358c76cec?l=40

Protocol

HTTP/1.1

Server

34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-248-101.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/c19bad5358c76cec?l=40
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 0984816b-dcd3-4ce4-abb9-101abc7bc134
X-Runtime: 0.003712
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-us-i-05d5b2445958f1882, ; 28c9528f0de5d5cc9ec334d615f20024e81c8778
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
msft.onlinedocshare.com/ 0
687 B 95ms
95ms Image
text/html 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://msft.onlinedocshare.com/trace?id=9bad58c76c&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/c19bad5358c76cec?l=40

Protocol

HTTP/1.1

Server

34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-248-101.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/c19bad5358c76cec?l=40
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: dfa43fe0-bf09-49bb-b15a-d0cab5dc77bd
X-Runtime: 0.001784
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-us-i-057750f9bcea7a013, ; 28c9528f0de5d5cc9ec334d615f20024e81c8778
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
msft.onlinedocshare.com/ 0
687 B 96ms
96ms Image
text/html 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://msft.onlinedocshare.com/trace?id=9bad58c76c&msg=BrowserDetect%20-%20os_version%20%3D%2010&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/c19bad5358c76cec?l=40

Protocol

HTTP/1.1

Server

34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-248-101.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/c19bad5358c76cec?l=40
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: e98fc594-ddd9-4372-9e0e-1ce72e25835f
X-Runtime: 0.002323
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-us-i-03316c79afb810348, ; 28c9528f0de5d5cc9ec334d615f20024e81c8778
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
msft.onlinedocshare.com/ 0
687 B 97ms
96ms Image
text/html 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://msft.onlinedocshare.com/trace?id=9bad58c76c&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/c19bad5358c76cec?l=40

Protocol

HTTP/1.1

Server

34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-248-101.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/c19bad5358c76cec?l=40
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: fcdfdee5-6336-447d-b197-c82b43e02a45
X-Runtime: 0.002170
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-us-i-057750f9bcea7a013, ; 28c9528f0de5d5cc9ec334d615f20024e81c8778
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
msft.onlinedocshare.com/ 0
687 B 97ms
97ms Image
text/html 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://msft.onlinedocshare.com/trace?id=9bad58c76c&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/c19bad5358c76cec?l=40

Protocol

HTTP/1.1

Server

34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-248-101.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/c19bad5358c76cec?l=40
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: abb2fc43-9c82-4f9b-9fc1-d6609d156007
X-Runtime: 0.003018
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-us-i-03316c79afb810348, ; 28c9528f0de5d5cc9ec334d615f20024e81c8778
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
msft.onlinedocshare.com/ 0
687 B 96ms
96ms Image
text/html 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://msft.onlinedocshare.com/trace?id=9bad58c76c&msg=BrowserDetect%20-%20width%20%3D%201600&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/c19bad5358c76cec?l=40

Protocol

HTTP/1.1

Server

34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-248-101.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/c19bad5358c76cec?l=40
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 0d7fd706-7d90-4fb1-ac41-b184e33d5cf8
X-Runtime: 0.002916
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-us-i-03316c79afb810348, ; 28c9528f0de5d5cc9ec334d615f20024e81c8778
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
msft.onlinedocshare.com/ 0
687 B 95ms
95ms Image
text/html 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://msft.onlinedocshare.com/trace?id=9bad58c76c&msg=BrowserDetect%20-%20height%20%3D%201200&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/c19bad5358c76cec?l=40

Protocol

HTTP/1.1

Server

34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-248-101.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/c19bad5358c76cec?l=40
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: cb980879-cdc8-4fb5-9686-d740a6978e64
X-Runtime: 0.001786
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-us-i-057750f9bcea7a013, ; 28c9528f0de5d5cc9ec334d615f20024e81c8778
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
msft.onlinedocshare.com/ 0
687 B 96ms
96ms Image
text/html 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://msft.onlinedocshare.com/trace?id=9bad58c76c&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Plugin&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/c19bad5358c76cec?l=40

Protocol

HTTP/1.1

Server

34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-248-101.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/c19bad5358c76cec?l=40
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 726e3b99-b9c6-4a88-a237-2d7c16102261
X-Runtime: 0.002328
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-us-i-05d5b2445958f1882, ; 28c9528f0de5d5cc9ec334d615f20024e81c8778
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
msft.onlinedocshare.com/ 0
687 B 96ms
95ms Image
text/html 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://msft.onlinedocshare.com/trace?id=9bad58c76c&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Viewer&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/c19bad5358c76cec?l=40

Protocol

HTTP/1.1

Server

34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-248-101.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/c19bad5358c76cec?l=40
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 4ae98363-cab5-400e-8997-874fc7c3c41b
X-Runtime: 0.002074
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-us-i-017d27842a5451d1c, ; 28c9528f0de5d5cc9ec334d615f20024e81c8778
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
msft.onlinedocshare.com/ 0
687 B 102ms
101ms Image
text/html 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://msft.onlinedocshare.com/trace?id=9bad58c76c&msg=BrowserDetect%20-%20plugin%20Native%20Client&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/c19bad5358c76cec?l=40

Protocol

HTTP/1.1

Server

34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-248-101.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/c19bad5358c76cec?l=40
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 09b42331-3c7a-49ee-b143-22b84a89fa5c
X-Runtime: 0.006411
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-us-i-03316c79afb810348, ; 28c9528f0de5d5cc9ec334d615f20024e81c8778
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
msft.onlinedocshare.com/ 0
687 B 102ms
101ms Image
text/html 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://msft.onlinedocshare.com/trace?id=9bad58c76c&msg=Chrome%20browser%2C%20using%20more%20detailed%20version&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/c19bad5358c76cec?l=40

Protocol

HTTP/1.1

Server

34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-248-101.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/c19bad5358c76cec?l=40
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 47dc853f-f93a-46cc-ad41-db9b8a350872
X-Runtime: 0.006270
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-us-i-03316c79afb810348, ; 28c9528f0de5d5cc9ec334d615f20024e81c8778
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
msft.onlinedocshare.com/ 0
687 B 97ms
96ms Image
text/html 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://msft.onlinedocshare.com/trace?id=9bad58c76c&msg=Skipping%20java%20detection&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/c19bad5358c76cec?l=40

Protocol

HTTP/1.1

Server

34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-248-101.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/c19bad5358c76cec?l=40
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 21bbbf0b-a5b3-47fb-a53e-beeca79b316e
X-Runtime: 0.002155
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-us-i-05d5b2445958f1882, ; 28c9528f0de5d5cc9ec334d615f20024e81c8778
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
msft.onlinedocshare.com/ 0
687 B 98ms
97ms Image
text/html 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://msft.onlinedocshare.com/trace?id=9bad58c76c&msg=Skipping%20flash%20detection&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/c19bad5358c76cec?l=40

Protocol

HTTP/1.1

Server

34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-248-101.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/c19bad5358c76cec?l=40
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: a26db216-e527-4efa-8d3a-b01603bbc3a8
X-Runtime: 0.003044
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-us-i-017d27842a5451d1c, ; 28c9528f0de5d5cc9ec334d615f20024e81c8778
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
msft.onlinedocshare.com/ 0
687 B 97ms
96ms Image
text/html 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://msft.onlinedocshare.com/trace?id=9bad58c76c&msg=Skipping%20pdf%20detection&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/c19bad5358c76cec?l=40

Protocol

HTTP/1.1

Server

34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-248-101.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/c19bad5358c76cec?l=40
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 4f9f382e-0896-4330-aa92-929d4b55bee0
X-Runtime: 0.002930
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-us-i-017d27842a5451d1c, ; 28c9528f0de5d5cc9ec334d615f20024e81c8778
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
msft.onlinedocshare.com/ 0
687 B 96ms
96ms Image
text/html 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://msft.onlinedocshare.com/trace?id=9bad58c76c&msg=Skipping%20quicktime%20detection&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/c19bad5358c76cec?l=40

Protocol

HTTP/1.1

Server

34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-248-101.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/c19bad5358c76cec?l=40
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: ec1b7d4b-a469-4f90-b38f-72297444c281
X-Runtime: 0.002092
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-us-i-05d5b2445958f1882, ; 28c9528f0de5d5cc9ec334d615f20024e81c8778
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
msft.onlinedocshare.com/ 0
687 B 102ms
99ms Image
text/html 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://msft.onlinedocshare.com/trace?id=9bad58c76c&msg=Skipping%20RealPlayer%20detection&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/c19bad5358c76cec?l=40

Protocol

HTTP/1.1

Server

34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-248-101.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/c19bad5358c76cec?l=40
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 2dd92621-4974-48a8-a619-d429f9b5e62c
X-Runtime: 0.001915
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-us-i-057750f9bcea7a013, ; 28c9528f0de5d5cc9ec334d615f20024e81c8778
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
msft.onlinedocshare.com/ 0
687 B 102ms
100ms Image
text/html 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://msft.onlinedocshare.com/trace?id=9bad58c76c&msg=Skipping%20Silverlight%20detection&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/c19bad5358c76cec?l=40

Protocol

HTTP/1.1

Server

34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-248-101.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/c19bad5358c76cec?l=40
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 4b3efa19-b4a0-4bfb-b307-506a70527764
X-Runtime: 0.001865
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-us-i-03316c79afb810348, ; 28c9528f0de5d5cc9ec334d615f20024e81c8778
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
msft.onlinedocshare.com/ 0
687 B 98ms
96ms Image
text/html 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://msft.onlinedocshare.com/trace?id=9bad58c76c&msg=Skipping%20WindowsMediaPlayer%20detection&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/c19bad5358c76cec?l=40

Protocol

HTTP/1.1

Server

34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-248-101.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/c19bad5358c76cec?l=40
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: c32feb9a-247b-4d48-90bc-3e2d3c42f3be
X-Runtime: 0.002367
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-us-i-03316c79afb810348, ; 28c9528f0de5d5cc9ec334d615f20024e81c8778
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
msft.onlinedocshare.com/ 0
687 B 101ms
98ms Image
text/html 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://msft.onlinedocshare.com/trace?id=9bad58c76c&msg=redirecting%20to%20%2Fload_training%3Fguid%3D879bad59a8c76cee%26correlation_id%3D6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/c19bad5358c76cec?l=40

Protocol

HTTP/1.1

Server

34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-248-101.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/c19bad5358c76cec?l=40
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 887ece64-c345-4a24-bf62-ce4510d44225
X-Runtime: 0.002815
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-us-i-057750f9bcea7a013, ; 28c9528f0de5d5cc9ec334d615f20024e81c8778
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
msft.onlinedocshare.com/ 0
687 B 97ms
96ms Image
text/html 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://msft.onlinedocshare.com/trace?id=9bad58c76c&msg=browser_post_successful&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/c19bad5358c76cec?l=40

Protocol

HTTP/1.1

Server

34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-248-101.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/c19bad5358c76cec?l=40
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: b4fbd1a7-1298-4297-9fe3-4b0784babc5b
X-Runtime: 0.002322
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-us-i-017d27842a5451d1c, ; 28c9528f0de5d5cc9ec334d615f20024e81c8778
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK Primary Request load_training Show response
msft.onlinedocshare.com/ 70 KB
15 KB 116ms
115ms Document
text/html 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/assets/all.js?g=9bad58c76c

Protocol

HTTP/1.1

Server

34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-248-101.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

aa22340cd42534ee6e940859dc844f028d3bffde46a6314a426290be918c9a6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/c19bad5358c76cec?l=40

Response headers

Date: Thu, 13 Jan 2022 17:32:41 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
ETag: W/"aa22340cd42534ee6e940859dc844f02"
Cache-Control: max-age=0, private, must-revalidate
X-Request-Id: 8ede8d55-1f52-4eda-9e41-efa72ef47fd0
X-Runtime: 0.017507
X-Host-Info: lw-prod-us-i-05d5b2445958f1882 ; 28c9528f0de5d5cc9ec334d615f20024e81c8778
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

GET
H/1.1 200
OK bugsnag-2.min.js Show response
d2wy8f7a9ursnm.cloudfront.net/ 6 KB
3 KB 9ms
9ms Script
application/javascript 18.66.242.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
Requested by: Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50
Protocol: HTTP/1.1
Server: 18.66.242.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-242-103.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 00:17:08 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 10 Aug 2016 00:30:49 GMT
Server: AmazonS3
Age: 62134
ETag: "6103bb5e4ec6141e19e1100caafc780c"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 31f1d6f9a4e05bd522db88334d37b9c2.cloudfront.net (CloudFront)
Cache-Control: public, max-age=604800
X-Amz-Cf-Pop: DUS51-P1
Accept-Ranges: bytes
Content-Length: 2962
X-Amz-Cf-Id: ltRMzHAR7tKDwKRXIwz6spoVRTbM_NjGMhkidfnB8uRH4bW2plf0lQ==

GET
H/1.1 200
OK jquery.min.js Show response
msft.onlinedocshare.com/assets/ajax/libs/jquery/1.11.0/ 94 KB
33 KB 97ms
97ms Script
application/javascript 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://msft.onlinedocshare.com/assets/ajax/libs/jquery/1.11.0/jquery.min.js
Requested by: Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50
Protocol: HTTP/1.1
Server: 34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-248-101.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:41 GMT
Content-Encoding: gzip
Last-Modified: Thu, 11 Nov 2021 14:01:51 GMT
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK plugin_detect.js Show response
tslp.s3.amazonaws.com/detect/ 49 KB
49 KB 108ms
108ms Script
text/javascript 54.231.200.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=9bad58c76c&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50
Requested by: Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.200.225 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:42 GMT
Last-Modified: Wed, 15 Feb 2017 17:56:07 GMT
Server: AmazonS3
x-amz-request-id: QD6N3AWZMZNWWW31
ETag: "00a513f07603df01e3b99be00f370754"
Content-Type: text/javascript
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 50085
x-amz-id-2: lWFUOtyIXCv30B+utaXZ2zgMG56RV6jFQED1/tDOaeBmmXuGvKc1+qbIDO1HEDQ2p3GZjlkTJx0=

GET
H/1.1 200
OK image-20220104163638-1-bad974.jpeg
ts-uploads.s3.amazonaws.com/training/production/14924/ 79 KB
79 KB 652ms
164ms Image
image/jpeg 52.217.79.148
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ts-uploads.s3.amazonaws.com/training/production/14924/image-20220104163638-1-bad974.jpeg
Requested by: Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.79.148 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d63accaad55dae79041250f707b830a1b9981ec67df8cf7734627a22f6168df0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:43 GMT
Last-Modified: Tue, 04 Jan 2022 22:36:41 GMT
Server: AmazonS3
x-amz-request-id: CT0NBBKTJ4CYXH12
ETag: "6e7a3766eeb453d2a62790591eb91712"
Content-Type: image/jpeg
x-amz-version-id: Jlm1_AcqfHfaWAsJkA8K_p1Jq0WivD9C
Accept-Ranges: bytes
Content-Length: 80765
x-amz-id-2: LGLoyBKmLX7nKftZQn/fUr5PXCnVV8JAC3arWsRkZF8jNsSSYT/xRrq7jODTps/VIQ1Jh8gHooA=

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.4/ 82 KB
30 KB 14ms
7ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Protocol

HTTP/1.1

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 12:04:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 19681
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 29725
X-XSS-Protection: 0
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Vary: Accept-Encoding
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Fri, 13 Jan 2023 12:04:40 GMT

GET
H2 200 E-v1.js Show response
fast.wistia.com/assets/external/ 623 KB
118 KB 787ms
260ms Script
application/javascript 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/E-v1.js

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4168c01e4290fad38b641a114fc6e0400b06f52437ef046ea53e55392b72f691

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 17:32:42 GMT
content-encoding: br
vary: Accept-Encoding
age: 3190
x-cache: HIT, HIT
content-length: 120776
x-served-by: cache-iad-kcgs7200134-IAD, cache-icn1450085-ICN
access-control-allow-origin: *
x-browser-version: 97
last-modified: Mon, 10 Jan 2022 16:39:23 GMT
x-timer: S1642095163.650248,VS0,VE0
etag: "61dc613b-1d7c8"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2, 104

GET
H/1.1 200
OK training.js Show response
tslp.s3.amazonaws.com/assets/js/ 352 B
773 B 216ms
123ms Script
application/ecmascript 54.231.200.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://tslp.s3.amazonaws.com/assets/js/training.js
Requested by: Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50
Protocol: HTTP/1.1
Server: 54.231.200.225 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8a1170223599205267c6ee3a3072855f1727461d9dd1066bb94f39180f963af9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:43 GMT
Last-Modified: Thu, 14 Nov 2019 18:45:04 GMT
Server: AmazonS3
x-amz-request-id: CT0VQKDMHNMH92PK
ETag: "029ab28ca3c245dc425e3f3f6599d480"
Content-Type: application/ecmascript
x-amz-version-id: oPMJQR4dr8a8GRwpJLphOcsbzTKMfWQa
Accept-Ranges: bytes
Content-Length: 352
x-amz-id-2: /2kju82QKJuFuaTTPPwEWdC9SMb9F9BEH4zRHs1R4E7V/1EVUDqrNN9e9IL7MZlUhRA7ilDNRpo=

GET
H/1.1 200
OK all.js Show response
msft.onlinedocshare.com/assets/ 28 KB
7 KB 92ms
92ms Script
application/javascript 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://msft.onlinedocshare.com/assets/all.js?guid=9bad58c76c&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50
Requested by: Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50
Protocol: HTTP/1.1
Server: 34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-248-101.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: 39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:42 GMT
Content-Encoding: gzip
Last-Modified: Thu, 11 Nov 2021 14:01:51 GMT
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Content-Length: 7191
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK p2ig2icx0p.json Show response
fast.wistia.com/embed/medias/ 34 KB
17 KB 739ms
480ms Script
text/javascript 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

http://fast.wistia.com/embed/medias/p2ig2icx0p.json?callback=wistiajson1

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Protocol

HTTP/1.1

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c58322bd4a454c09602f589e57d1518b58c2793eb6a93b8750d8494e154d45f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Age: 25628
X-Cache: HIT, MISS
P3P: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
Connection: keep-alive
Content-Length: 16167
X-Request-Id: ebce02f055a8aaf59d93b6ff0379dee6
X-Served-By: cache-iad-kjyo7100056-IAD, cache-icn1450088-ICN
X-Runtime: 0.057277
Access-Control-Allow-Origin: *
Referrer-Policy: strict-origin-when-cross-origin
X-Timer: S1642095164.795484,VS0,VE216
ETag: W/"c58322bd4a454c09602f589e57d1518b"
X-Download-Options: noopen
Vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
Strict-Transport-Security: max-age=0
Content-Type: text/javascript; charset=utf-8
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
Cache-Control: public, no-cache
X-Browser: chrome
X-Browser-Version: 97
X-ECMA-V: modern
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Cache-Hits: 1, 0

GET
H2 200 wistia-mux.js Show response
fast.wistia.com/assets/external/ 92 KB
24 KB 273ms
273ms Script
application/javascript 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/wistia-mux.js

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b124a7160aee08a8396ae675ae07e78d9b2c9d9ea11ac62015f4de33c2e8297f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 17:32:43 GMT
content-encoding: br
vary: Accept-Encoding
age: 3189
x-cache: HIT, HIT
content-length: 24770
x-served-by: cache-iad-kiad7000021-IAD, cache-icn1450085-ICN
access-control-allow-origin: *
x-browser-version: 97
last-modified: Mon, 10 Jan 2022 16:39:23 GMT
x-timer: S1642095164.529545,VS0,VE0
etag: "61dc613b-60c2"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 61

GET
H/1.1 200
OK trace
msft.onlinedocshare.com/ 0
687 B 97ms
96ms Image
text/html 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://msft.onlinedocshare.com/trace?id=undefined&msg=window.tracking_id%20is%20not%20set%2C%20let%27s%20get%20it&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Protocol

HTTP/1.1

Server

34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-248-101.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: c5819e71-3b61-4f04-9fc0-5b44eafacb5b
X-Runtime: 0.002379
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-us-i-05d5b2445958f1882, ; 28c9528f0de5d5cc9ec334d615f20024e81c8778
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
msft.onlinedocshare.com/ 0
687 B 98ms
98ms Image
text/html 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://msft.onlinedocshare.com/trace?id=unknown&msg=get-id%20is%20undefined&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Protocol

HTTP/1.1

Server

34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-248-101.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: b985f7ac-9db6-4fb1-bc6f-f6457e6ae317
X-Runtime: 0.003031
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-us-i-017d27842a5451d1c, ; 28c9528f0de5d5cc9ec334d615f20024e81c8778
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
msft.onlinedocshare.com/ 0
687 B 98ms
97ms Image
text/html 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://msft.onlinedocshare.com/trace?id=unknown&msg=did%20not%20find%20guid%20in%20last%20part%20of%20location&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Protocol

HTTP/1.1

Server

34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-248-101.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 6c825710-5af0-4afd-8301-fdbf19712f06
X-Runtime: 0.003834
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-us-i-017d27842a5451d1c, ; 28c9528f0de5d5cc9ec334d615f20024e81c8778
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
msft.onlinedocshare.com/ 0
687 B 97ms
97ms Image
text/html 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://msft.onlinedocshare.com/trace?id=879bad59a8c76cee&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Protocol

HTTP/1.1

Server

34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-248-101.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 6bf88c5c-d7f4-4e12-b3ab-ec3790c31c17
X-Runtime: 0.003135
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-us-i-057750f9bcea7a013, ; 28c9528f0de5d5cc9ec334d615f20024e81c8778
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
msft.onlinedocshare.com/ 0
687 B 96ms
95ms Image
text/html 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://msft.onlinedocshare.com/trace?id=879bad59a8c76cee&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Protocol

HTTP/1.1

Server

34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-248-101.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 6be962c9-5a00-4ef6-a49d-4d61d7ade089
X-Runtime: 0.002043
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-us-i-05d5b2445958f1882, ; 28c9528f0de5d5cc9ec334d615f20024e81c8778
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
msft.onlinedocshare.com/ 0
687 B 97ms
96ms Image
text/html 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://msft.onlinedocshare.com/trace?id=879bad59a8c76cee&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Protocol

HTTP/1.1

Server

34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-248-101.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 23580a5e-c775-4498-93ab-ad9ebb175ae7
X-Runtime: 0.003075
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-us-i-057750f9bcea7a013, ; 28c9528f0de5d5cc9ec334d615f20024e81c8778
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
msft.onlinedocshare.com/ 0
687 B 112ms
112ms Image
text/html 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://msft.onlinedocshare.com/trace?id=879bad59a8c76cee&msg=BrowserDetect%20-%20browser%20%3D%20Chrome&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Protocol

HTTP/1.1

Server

34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-248-101.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: a706c63e-c173-45f6-b5fa-a994a47f24d4
X-Runtime: 0.003033
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-us-i-03316c79afb810348, ; 28c9528f0de5d5cc9ec334d615f20024e81c8778
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
msft.onlinedocshare.com/ 0
687 B 98ms
98ms Image
text/html 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://msft.onlinedocshare.com/trace?id=879bad59a8c76cee&msg=BrowserDetect%20-%20browser_version%20%3D%2097&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Protocol

HTTP/1.1

Server

34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-248-101.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: cadad89e-3cca-43c9-b0af-9c45a9d65f06
X-Runtime: 0.003169
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-us-i-03316c79afb810348, ; 28c9528f0de5d5cc9ec334d615f20024e81c8778
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
msft.onlinedocshare.com/ 0
687 B 96ms
96ms Image
text/html 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://msft.onlinedocshare.com/trace?id=879bad59a8c76cee&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Protocol

HTTP/1.1

Server

34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-248-101.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 6bd40b02-07c8-4e0e-9c9c-dfb23736f1b0
X-Runtime: 0.002379
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-us-i-017d27842a5451d1c, ; 28c9528f0de5d5cc9ec334d615f20024e81c8778
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
msft.onlinedocshare.com/ 0
687 B 96ms
96ms Image
text/html 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://msft.onlinedocshare.com/trace?id=879bad59a8c76cee&msg=BrowserDetect%20-%20os_version%20%3D%2010&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Protocol

HTTP/1.1

Server

34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-248-101.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 11f6a005-e398-41e5-bee7-c4432f9d5be5
X-Runtime: 0.002402
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-us-i-017d27842a5451d1c, ; 28c9528f0de5d5cc9ec334d615f20024e81c8778
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
msft.onlinedocshare.com/ 0
687 B 97ms
97ms Image
text/html 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://msft.onlinedocshare.com/trace?id=879bad59a8c76cee&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Protocol

HTTP/1.1

Server

34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-248-101.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: fe853331-9297-45ac-90c4-4e00af3740de
X-Runtime: 0.002821
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-us-i-05d5b2445958f1882, ; 28c9528f0de5d5cc9ec334d615f20024e81c8778
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
msft.onlinedocshare.com/ 0
687 B 99ms
98ms Image
text/html 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://msft.onlinedocshare.com/trace?id=879bad59a8c76cee&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Protocol

HTTP/1.1

Server

34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-248-101.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: c8ae83b8-2d75-48e9-96df-6e8bade87530
X-Runtime: 0.002762
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-us-i-05d5b2445958f1882, ; 28c9528f0de5d5cc9ec334d615f20024e81c8778
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
msft.onlinedocshare.com/ 0
687 B 100ms
98ms Image
text/html 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://msft.onlinedocshare.com/trace?id=879bad59a8c76cee&msg=BrowserDetect%20-%20width%20%3D%201600&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Protocol

HTTP/1.1

Server

34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-248-101.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 253ae325-c419-49c4-9d46-1be1b137ebf3
X-Runtime: 0.002769
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-us-i-057750f9bcea7a013, ; 28c9528f0de5d5cc9ec334d615f20024e81c8778
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
msft.onlinedocshare.com/ 0
687 B 96ms
96ms Image
text/html 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://msft.onlinedocshare.com/trace?id=879bad59a8c76cee&msg=BrowserDetect%20-%20height%20%3D%201200&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Protocol

HTTP/1.1

Server

34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-248-101.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 0b308174-df86-411b-ad32-9e5e349f6b84
X-Runtime: 0.002524
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-us-i-057750f9bcea7a013, ; 28c9528f0de5d5cc9ec334d615f20024e81c8778
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
msft.onlinedocshare.com/ 0
687 B 98ms
98ms Image
text/html 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://msft.onlinedocshare.com/trace?id=879bad59a8c76cee&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Plugin&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Protocol

HTTP/1.1

Server

34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-248-101.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 2ae6c5f8-3d76-455d-bd63-c4fd5b8505cb
X-Runtime: 0.004211
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-us-i-03316c79afb810348, ; 28c9528f0de5d5cc9ec334d615f20024e81c8778
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
msft.onlinedocshare.com/ 0
687 B 98ms
98ms Image
text/html 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://msft.onlinedocshare.com/trace?id=879bad59a8c76cee&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Viewer&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Protocol

HTTP/1.1

Server

34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-248-101.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 6c7b36d7-7405-4cce-9f4a-1abfc7d070d3
X-Runtime: 0.003115
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-us-i-03316c79afb810348, ; 28c9528f0de5d5cc9ec334d615f20024e81c8778
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
msft.onlinedocshare.com/ 0
687 B 96ms
96ms Image
text/html 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://msft.onlinedocshare.com/trace?id=879bad59a8c76cee&msg=BrowserDetect%20-%20plugin%20Native%20Client&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Protocol

HTTP/1.1

Server

34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-248-101.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: b4b66a44-847f-4f1c-955f-71d9e370d7ef
X-Runtime: 0.002353
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-us-i-017d27842a5451d1c, ; 28c9528f0de5d5cc9ec334d615f20024e81c8778
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
msft.onlinedocshare.com/ 0
687 B 96ms
95ms Image
text/html 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://msft.onlinedocshare.com/trace?id=879bad59a8c76cee&msg=Chrome%20browser%2C%20using%20more%20detailed%20version&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Protocol

HTTP/1.1

Server

34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-248-101.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 8ebb86f6-0099-4c7a-b9ff-e27770606b10
X-Runtime: 0.002187
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-us-i-017d27842a5451d1c, ; 28c9528f0de5d5cc9ec334d615f20024e81c8778
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
msft.onlinedocshare.com/ 0
687 B 97ms
96ms Image
text/html 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://msft.onlinedocshare.com/trace?id=879bad59a8c76cee&msg=Skipping%20java%20detection&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Protocol

HTTP/1.1

Server

34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-248-101.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 54c156c9-a39c-4ec1-b1e8-be9f19d53041
X-Runtime: 0.002822
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-us-i-05d5b2445958f1882, ; 28c9528f0de5d5cc9ec334d615f20024e81c8778
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
msft.onlinedocshare.com/ 0
687 B 97ms
96ms Image
text/html 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://msft.onlinedocshare.com/trace?id=879bad59a8c76cee&msg=Skipping%20flash%20detection&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Protocol

HTTP/1.1

Server

34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-248-101.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: abf73d06-f0cf-4918-86f5-b535840df37c
X-Runtime: 0.002679
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-us-i-05d5b2445958f1882, ; 28c9528f0de5d5cc9ec334d615f20024e81c8778
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
msft.onlinedocshare.com/ 0
687 B 95ms
95ms Image
text/html 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://msft.onlinedocshare.com/trace?id=879bad59a8c76cee&msg=Skipping%20pdf%20detection&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Protocol

HTTP/1.1

Server

34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-248-101.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 4ad07ba3-2285-4284-9774-f39b8dcb3b18
X-Runtime: 0.002172
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-us-i-057750f9bcea7a013, ; 28c9528f0de5d5cc9ec334d615f20024e81c8778
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
msft.onlinedocshare.com/ 0
687 B 97ms
96ms Image
text/html 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://msft.onlinedocshare.com/trace?id=879bad59a8c76cee&msg=Skipping%20quicktime%20detection&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Protocol

HTTP/1.1

Server

34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-248-101.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 67c19f26-5e9b-469f-be64-db81f0de6d79
X-Runtime: 0.002391
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-us-i-03316c79afb810348, ; 28c9528f0de5d5cc9ec334d615f20024e81c8778
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
msft.onlinedocshare.com/ 0
687 B 96ms
96ms Image
text/html 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://msft.onlinedocshare.com/trace?id=879bad59a8c76cee&msg=Skipping%20RealPlayer%20detection&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Protocol

HTTP/1.1

Server

34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-248-101.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 889652a9-a54d-4bc6-9102-35576c0ee4a5
X-Runtime: 0.002387
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-us-i-057750f9bcea7a013, ; 28c9528f0de5d5cc9ec334d615f20024e81c8778
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
msft.onlinedocshare.com/ 0
687 B 96ms
96ms Image
text/html 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://msft.onlinedocshare.com/trace?id=879bad59a8c76cee&msg=Skipping%20Silverlight%20detection&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Protocol

HTTP/1.1

Server

34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-248-101.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 69849d13-7413-45f4-8104-ddcd0aba4c46
X-Runtime: 0.002116
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-us-i-03316c79afb810348, ; 28c9528f0de5d5cc9ec334d615f20024e81c8778
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
msft.onlinedocshare.com/ 0
687 B 97ms
97ms Image
text/html 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://msft.onlinedocshare.com/trace?id=879bad59a8c76cee&msg=Skipping%20WindowsMediaPlayer%20detection&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Protocol

HTTP/1.1

Server

34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-248-101.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: ec14a52d-10ba-4a8c-b568-1c3325a5c0b3
X-Runtime: 0.003034
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-us-i-017d27842a5451d1c, ; 28c9528f0de5d5cc9ec334d615f20024e81c8778
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
msft.onlinedocshare.com/ 0
687 B 98ms
97ms Image
text/html 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://msft.onlinedocshare.com/trace?id=879bad59a8c76cee&msg=training_page_no_browser_post&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Protocol

HTTP/1.1

Server

34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-248-101.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: c78f3655-9030-4fed-9c66-820caafb1968
X-Runtime: 0.002882
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-us-i-05d5b2445958f1882, ; 28c9528f0de5d5cc9ec334d615f20024e81c8778
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H/1.1 200
OK trace
msft.onlinedocshare.com/ 0
687 B 97ms
96ms Image
text/html 34.197.248.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://msft.onlinedocshare.com/trace?id=879bad59a8c76cee&msg=redirect_url%20is%20undefined&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Protocol

HTTP/1.1

Server

34.197.248.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-248-101.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: fc397cdc-60e4-4ebc-83af-e0fa1c18facb
X-Runtime: 0.003042
Referrer-Policy: strict-origin-when-cross-origin
Server: ThreatSim-Web-Server
X-Host-Info: lw-prod-us-i-017d27842a5451d1c, ; 28c9528f0de5d5cc9ec334d615f20024e81c8778
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache

GET
H2 200 captions.js Show response
fast.wistia.com/assets/external/ 162 KB
27 KB 274ms
273ms Script
application/javascript 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/captions.js

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d71e1771160de4d35dd7d5362bb322301ee61aa1da7754b4ba0e401679558aa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 17:32:44 GMT
content-encoding: br
vary: Accept-Encoding
age: 3190
x-cache: HIT, HIT
content-length: 27308
x-served-by: cache-iad-kjyo7100062-IAD, cache-icn1450085-ICN
access-control-allow-origin: *
x-browser-version: 97
last-modified: Mon, 10 Jan 2022 16:39:23 GMT
x-timer: S1642095164.305272,VS0,VE0
etag: "61dc613b-6aac"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 26

GET
H2 200 nr-spa-1212.min.js Show response
js-agent.newrelic.com/ 44 KB
17 KB 24ms
7ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1212.min.js
Requested by: Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ebfe453394ff1be6ef75d380ab7c5535aea0b51832d045f0d5d0ef7e6535969c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: wY72Ah.NJX5KzzqRFK3uhSo3Jh07tDe4
content-encoding: gzip
etag: "8bd93bf0ecb2f4e971a2055a41402bb6"
x-amz-request-id: ANVX8WPYJ9NM99FD
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 16636
x-amz-id-2: //pISD16Bm7/1PDlW0ghswvgTyyOyXNw/emHSr2czJPEUE1eLcqp61M3L9P610qmdidTDtCabTk=
x-served-by: cache-hhn4039-HHN
last-modified: Thu, 04 Nov 2021 21:16:16 GMT
server: AmazonS3
x-timer: S1642095164.495587,VS0,VE0
date: Thu, 13 Jan 2022 17:32:44 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 8436

GET
H2 200 playPauseLoadingControl.js Show response
fast.wistia.com/assets/external/ 59 KB
12 KB 269ms
269ms Script
application/javascript 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/playPauseLoadingControl.js

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

63307cf64a272b092de4bcf1103d2a1f1803ea22d27aaf2bfe3b25471b255178

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 17:32:44 GMT
content-encoding: br
vary: Accept-Encoding
age: 3191
x-cache: HIT, HIT
content-length: 12640
x-served-by: cache-iad-kcgs7200127-IAD, cache-icn1450085-ICN
access-control-allow-origin: *
x-browser-version: 97
last-modified: Mon, 10 Jan 2022 16:39:23 GMT
x-timer: S1642095165.609543,VS0,VE0
etag: "61dc613b-3160"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 63

GET
H2 200 p2ig2icx0p.json Show response
fast.wistia.com/embed/captions/ 48 KB
16 KB 508ms
508ms Script
text/javascript 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/captions/p2ig2icx0p.json?callback=wistiajson2

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

da7a7d216b136d547f9365ba7f080b9e8a5463dc655d4b297b05883bc9725efc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 17:32:44 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 0
x-cache: MISS, MISS
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
vary: Accept-Encoding,X-Forwarded-Proto,Accept-Language
content-length: 16089
x-request-id: aaba1c7d17f3128ffaff0988931555ca
x-served-by: cache-iad-kjyo7100059-IAD, cache-icn1450085-ICN
x-runtime: 0.030990
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-timer: S1642095165.613490,VS0,VE235
etag: W/"da7a7d216b136d547f9365ba7f080b9e"
x-download-options: noopen
strict-transport-security: max-age=0
content-type: text/javascript; charset=utf-8
via: 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
cache-control: public, no-cache
x-browser: chrome
x-browser-version: 97
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 0

GET
H/1.1 200
OK 4b7a74eb40 Show response
bam-cell.nr-data.net/1/ 49 B
725 B 905ms
884ms Script
text/javascript 162.247.243.146

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/4b7a74eb40?a=1307577515&v=1212.e95d35c&to=dVtXQkUKCFpTQxtYFF8bTURWDApfWFZrTR1GUUoZRA0LQQ%3D%3D&rst=2871&ck=1&ref=http://msft.onlinedocshare.com/load_training&ap=15&be=138&fe=2824&dc=1752&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1642095161651,%22n%22:0,%22u%22:120,%22ue%22:120,%22f%22:1,%22dn%22:1,%22dne%22:1,%22c%22:1,%22ce%22:1,%22rq%22:2,%22rp%22:117,%22rpe%22:209,%22dl%22:121,%22di%22:1752,%22ds%22:1752,%22de%22:1760,%22dc%22:2823,%22l%22:2824,%22le%22:2825%7D,%22navigation%22:%7B%7D%7D&fp=446&fcp=446&jsonp=NREUM.setToken
Requested by: Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.146 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 17:32:45 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 6cd05d9a6abe5cb0-FRA

GET
H2 200 manual_quality_video.js Show response
fast.wistia.com/assets/external/engines/ 104 KB
19 KB 273ms
273ms Script
application/javascript 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/engines/manual_quality_video.js

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c4200f8aa22096fa2a7cec46b7f2f87d57fced2ce462a0fec00441237e1f27fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 17:32:44 GMT
content-encoding: br
vary: Accept-Encoding
age: 3191
x-cache: HIT, HIT
content-length: 19490
x-served-by: cache-iad-kiad7000021-IAD, cache-icn1450085-ICN
access-control-allow-origin: *
x-browser-version: 97
last-modified: Mon, 10 Jan 2022 16:39:23 GMT
x-timer: S1642095165.653705,VS0,VE0
etag: "61dc613b-4c22"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 7

GET blank.gif
fast.wistia.com/assets/images/ 0
0

GET
H/1.1 206
Partial Content file.mp4
embedwistia-a.akamaihd.net/deliveries/b691a0ca222f63561be863b0d3bcc245eb08be82/ 3 MB
0 306ms
21ms Media
video/mp4 2.16.186.18

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/b691a0ca222f63561be863b0d3bcc245eb08be82/file.mp4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.18 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://msft.onlinedocshare.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range: bytes=0-

Response headers

Date: Thu, 13 Jan 2022 17:32:45 GMT
Access-Control-Request-Method: *
Last-Modified: Wed, 30 Sep 2015 15:54:56 GMT
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Cache-Control: max-age=10348102
Content-Range: bytes 0-9362109/9362110
Content-Disposition: inline
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9362110

POST
H/1.1 200
OK / Show response
fg8vvsvnieiv3ej16jby.litix.io/ 0
172 B 93ms
92ms XHR
text/plain 34.192.199.150

General

Check archive.org

Show headers Download Go to

Full URL: https://fg8vvsvnieiv3ej16jby.litix.io/
Requested by: Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.199.150 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://msft.onlinedocshare.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 13 Jan 2022 17:32:45 GMT
Connection: keep-alive
Content-Length: 0
Access-Control-Allow-Methods: POST, GET

POST
H2 204 x Show response
distillery.wistia.com/ 0
96 B 327ms
96ms XHR
text/plain 54.86.117.43

General

Check archive.org

Show headers Download Go to

Full URL: https://distillery.wistia.com/x
Requested by: Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.86.117.43 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://msft.onlinedocshare.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Thu, 13 Jan 2022 17:32:45 GMT
cache-control: max-age=0, private, must-revalidate

OPTIONS
H/1.1 200
OK /
fg8vvsvnieiv3ej16jby.litix.io/ 0
0 467ms
93ms Preflight 34.192.199.150

General

Check archive.org

Show headers Download Go to

Full URL: https://fg8vvsvnieiv3ej16jby.litix.io/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.199.150 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://msft.onlinedocshare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: POST, GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Date: Thu, 13 Jan 2022 17:32:45 GMT
Content-Length: 0
Connection: keep-alive

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe2d7250cc0730dc655721c5fa4bf5236dcabdf57f8593e8fe2096a42c0c8baf

Request headers

Referer: http://msft.onlinedocshare.com/
Origin: http://msft.onlinedocshare.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H/1.1 206
Partial Content 76a57ca47a1978a834d82dcf7eeb03a6.bin Show response
embed.wistia.com/deliveries/ 977 KB
977 KB 88ms
41ms XHR
image/png 92.123.194.65

General

Check archive.org

Show headers Download Go to

Full URL: http://embed.wistia.com/deliveries/76a57ca47a1978a834d82dcf7eeb03a6.bin?bust=2015-12-29a
Requested by: Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50
Protocol: HTTP/1.1
Server: 92.123.194.65 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05a0cfecd5fcf1ffb884a21e3f2f4544628fb99636a0541d8343c2acdcba4f5b

Request headers

Referer: http://msft.onlinedocshare.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range: bytes=96000000-96999999

Response headers

Date: Thu, 13 Jan 2022 17:32:45 GMT
Access-Control-Request-Method: *
Last-Modified: Fri, 25 Sep 2020 12:11:57 GMT
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=10350324
Content-Range: bytes 96000000-96999999/100000000
Content-Disposition: inline
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1000000

GET
H2 200 interFontFace.js Show response
fast.wistia.com/assets/external/ 31 KB
11 KB 269ms
269ms Script
application/javascript 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/interFontFace.js

Requested by

Host: msft.onlinedocshare.com
URL: http://msft.onlinedocshare.com/load_training?guid=879bad59a8c76cee&correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

663ce2c6ec8a7ffae0b7f7bf396266729d6b3a5f45b68f8340b416b000628cb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://msft.onlinedocshare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 17:32:45 GMT
content-encoding: br
vary: Accept-Encoding
age: 3193
x-cache: HIT, HIT
content-length: 10451
x-served-by: cache-iad-kiad7000152-IAD, cache-icn1450085-ICN
access-control-allow-origin: *
x-browser-version: 97
last-modified: Mon, 10 Jan 2022 16:39:23 GMT
x-timer: S1642095165.299287,VS0,VE0
etag: "61dc613b-28d3"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2, 4

GET p2ig2icx0p.vtt
fast.wistia.net/embed/captions/ 0
0

POST 4b7a74eb40
bam-cell.nr-data.net/events/1/ 0
0

GET allIntegrations.js
fast.wistia.com/assets/external/ 0
0

POST x
distillery.wistia.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: msft.onlinedocshare.com
URL: https://msft.onlinedocshare.com:49153/alt_pixel_click_9bad58c76c.gif?correlation_id=6d2fd8b7-3965-4a77-8096-ccbeb6ee5d50

Domain: fast.wistia.com
URL: https://fast.wistia.com/assets/images/blank.gif

Domain: fast.wistia.net
URL: http://fast.wistia.net/embed/captions/p2ig2icx0p.vtt?language=ger

Domain: bam-cell.nr-data.net
URL: https://bam-cell.nr-data.net/events/1/4b7a74eb40?a=1307577515&v=1212.e95d35c&to=dVtXQkUKCFpTQxtYFF8bTURWDApfWFZrTR1GUUoZRA0LQQ%3D%3D&rst=3799&ck=1&ref=http://msft.onlinedocshare.com/load_training

Domain: fast.wistia.com
URL: https://fast.wistia.com/assets/external/allIntegrations.js

Domain: distillery.wistia.com
URL: https://distillery.wistia.com/x

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			msft.onlinedocshare.com/	1969-12-31 23:59:59	Name: EXFILGUID Value: 9bad58c76c
			msft.onlinedocshare.com/	1969-12-31 23:59:59	Name: link_clicked_9bad58c76c Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bam-cell.nr-data.net
d2wy8f7a9ursnm.cloudfront.net
distillery.wistia.com
embed.wistia.com
embedwistia-a.akamaihd.net
fast.wistia.com
fast.wistia.net
fg8vvsvnieiv3ej16jby.litix.io
js-agent.newrelic.com
msft.onlinedocshare.com
ts-uploads.s3.amazonaws.com
tslp.s3.amazonaws.com
bam-cell.nr-data.net
distillery.wistia.com
fast.wistia.com
fast.wistia.net
msft.onlinedocshare.com
151.101.2.137
162.247.243.146
18.66.242.103
2.16.186.18
2a00:1450:4001:828::200a
2a04:4e42:200::622
34.192.199.150
34.197.248.101
52.217.79.148
54.231.200.225
54.86.117.43
92.123.194.65
05a0cfecd5fcf1ffb884a21e3f2f4544628fb99636a0541d8343c2acdcba4f5b
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9
4168c01e4290fad38b641a114fc6e0400b06f52437ef046ea53e55392b72f691
4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a
63307cf64a272b092de4bcf1103d2a1f1803ea22d27aaf2bfe3b25471b255178
663ce2c6ec8a7ffae0b7f7bf396266729d6b3a5f45b68f8340b416b000628cb8
7309653cb90703f1aa876d08153fbbcc20983add63c05844016bfc1a79b01b4b
8a1170223599205267c6ee3a3072855f1727461d9dd1066bb94f39180f963af9
9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc
aa22340cd42534ee6e940859dc844f028d3bffde46a6314a426290be918c9a6e
b124a7160aee08a8396ae675ae07e78d9b2c9d9ea11ac62015f4de33c2e8297f
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c4200f8aa22096fa2a7cec46b7f2f87d57fced2ce462a0fec00441237e1f27fc
c58322bd4a454c09602f589e57d1518b58c2793eb6a93b8750d8494e154d45f5
d63accaad55dae79041250f707b830a1b9981ec67df8cf7734627a22f6168df0
d71e1771160de4d35dd7d5362bb322301ee61aa1da7754b4ba0e401679558aa0
da7a7d216b136d547f9365ba7f080b9e8a5463dc655d4b297b05883bc9725efc
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebfe453394ff1be6ef75d380ab7c5535aea0b51832d045f0d5d0ef7e6535969c
fe2d7250cc0730dc655721c5fa4bf5236dcabdf57f8593e8fe2096a42c0c8baf

msft.onlinedocshare.com Open in urlscan Pro 34.197.248.101 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

86 Requests

19 %HTTPS

17 %IPv6

10 Domains

13 Subdomains

13 IPs

2 Countries

1598 kBTransfer

6202 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

86 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

msft.onlinedocshare.com Open in urlscan Pro
34.197.248.101 Public Scan

Screenshot
Live screenshot

Full Image

86
Requests

19 %
HTTPS

17 %
IPv6

10
Domains

13
Subdomains

13
IPs

2
Countries

1598 kB
Transfer

6202 kB
Size

2
Cookies

86 HTTP transactions
1 data transactions