corp-internal.com Open in urlscan Pro
52.72.186.102 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://corp-internal.com/8c95e40e3a?l=66
Effective URL:
http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Submission: On April 18 via manual (April 18th 2018, 3:52:04 pm UTC) from US

Summary HTTP 66 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 1 countries across 7 domains to perform 66 HTTP transactions. The main IP is 52.72.186.102, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is corp-internal.com.

This is the only time corp-internal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
52	52.72.186.102 52.72.186.102	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
2	54.231.49.56 54.231.49.56	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	52.85.182.18 52.85.182.18	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	216.58.207.42 216.58.207.42	15169 (GOOGLE) (GOOGLE - Google LLC)
2 6	172.217.22.46 172.217.22.46	15169 (GOOGLE) (GOOGLE - Google LLC)
2	74.125.71.155 74.125.71.155	15169 (GOOGLE) (GOOGLE - Google LLC)
1	172.217.22.42 172.217.22.42	15169 (GOOGLE) (GOOGLE - Google LLC)
1	52.216.82.208 52.216.82.208	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
66	9

52 52.72.186.102 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-72-186-102.compute-1.amazonaws.com

corp-internal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dataentry.threatsim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.231.49.56 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1-w.amazonaws.com

tslp.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.85.182.18 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-85-182-18.fra50.r.cloudfront.net

d2wy8f7a9ursnm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.207.42 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s24-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.22.46 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s16-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.71.155 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: wn-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.42 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s16-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.82.208 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

ts-uploads.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	corp-internal.com corp-internal.com	34 KB
21	threatsim.com dataentry.threatsim.com	12 KB
6	google-analytics.com 2 redirects www.google-analytics.com	29 KB
3	amazonaws.com tslp.s3.amazonaws.com ts-uploads.s3.amazonaws.com	255 KB
2	doubleclick.net stats.g.doubleclick.net	204 B
2	googleapis.com ajax.googleapis.com	66 KB
2	cloudfront.net d2wy8f7a9ursnm.cloudfront.net	7 KB
66	7

	Domain	Requested by
31	corp-internal.com	corp-internal.com
21	dataentry.threatsim.com	ajax.googleapis.com corp-internal.com
6	www.google-analytics.com	2 redirects corp-internal.com
2	stats.g.doubleclick.net	corp-internal.com
2	ajax.googleapis.com	corp-internal.com
2	d2wy8f7a9ursnm.cloudfront.net	corp-internal.com
2	tslp.s3.amazonaws.com	corp-internal.com
1	ts-uploads.s3.amazonaws.com	corp-internal.com
66	8

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Frame ID: 985A16E0B80A4AD5D7C1ABC9CCC8E2B
Requests: 66 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://corp-internal.com/8c95e40e3a?l=66 Page URL
http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe1... Page URL

Detected technologies

Apache Traffic Server (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /ATS\/?([\d.]+)?/i

BugSnag (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^BugSnag$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^gaGlobal$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Page Statistics

66
Requests

0 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

9
IPs

1
Countries

402 kB
Transfer

583 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://corp-internal.com/8c95e40e3a?l=66 Page URL
http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 29

http://www.google-analytics.com/r/collect?v=1&_v=j67&a=530317744&t=pageview&_s=1&dl=http%3A%2F%2Fcorp-internal.com%2F8c95e40e3a%3Fl%3D66&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1933847264&gjid=2111398860&cid=1886354993.1524066711&tid=UA-83403-17&_gid=956498158.1524066711&_r=1&z=42593848 HTTP 307
https://www.google-analytics.com/r/collect?v=1&_v=j67&a=530317744&t=pageview&_s=1&dl=http%3A%2F%2Fcorp-internal.com%2F8c95e40e3a%3Fl%3D66&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1933847264&gjid=2111398860&cid=1886354993.1524066711&tid=UA-83403-17&_gid=956498158.1524066711&_r=1&z=42593848 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-83403-17&cid=1886354993.1524066711&jid=1933847264&_gid=956498158.1524066711&gjid=2111398860&_v=j67&z=42593848

Request Chain 30

http://www.google-analytics.com/collect?v=1&_v=j67&a=530317744&t=pageview&_s=2&dl=http%3A%2F%2Fcorp-internal.com%2F8c95e40e3a%3Fl%3D66&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=&gjid=&cid=1886354993.1524066711&uid=8c95e40e3a&tid=UA-83403-17&_gid=956498158.1524066711&z=831489406 HTTP 307
https://www.google-analytics.com/collect?v=1&_v=j67&a=530317744&t=pageview&_s=2&dl=http%3A%2F%2Fcorp-internal.com%2F8c95e40e3a%3Fl%3D66&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=&gjid=&cid=1886354993.1524066711&uid=8c95e40e3a&tid=UA-83403-17&_gid=956498158.1524066711&z=831489406

Request Chain 38

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 63

http://www.google-analytics.com/r/collect?v=1&_v=j67&a=1450749479&t=pageview&_s=1&dl=http%3A%2F%2Fcorp-internal.com%2Fload_training%3Fguid%3D8c95e40e3a%26correlation_id%3D92fa3f18-3a6e-4486-8f79-e821fe134ccb&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=547855088&gjid=220730741&cid=153846912.1524066714&tid=UA-83403-17&_gid=1021289689.1524066714&_r=1&z=1034975292 HTTP 307
https://www.google-analytics.com/r/collect?v=1&_v=j67&a=1450749479&t=pageview&_s=1&dl=http%3A%2F%2Fcorp-internal.com%2Fload_training%3Fguid%3D8c95e40e3a%26correlation_id%3D92fa3f18-3a6e-4486-8f79-e821fe134ccb&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=547855088&gjid=220730741&cid=153846912.1524066714&tid=UA-83403-17&_gid=1021289689.1524066714&_r=1&z=1034975292 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-83403-17&cid=153846912.1524066714&jid=547855088&_gid=1021289689.1524066714&gjid=220730741&_v=j67&z=1034975292

Request Chain 64

http://www.google-analytics.com/collect?v=1&_v=j67&a=1450749479&t=pageview&_s=2&dl=http%3A%2F%2Fcorp-internal.com%2Fload_training%3Fguid%3D8c95e40e3a%26correlation_id%3D92fa3f18-3a6e-4486-8f79-e821fe134ccb&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=&gjid=&cid=153846912.1524066714&tid=UA-83403-17&_gid=1021289689.1524066714&z=372317242 HTTP 307
https://www.google-analytics.com/collect?v=1&_v=j67&a=1450749479&t=pageview&_s=2&dl=http%3A%2F%2Fcorp-internal.com%2Fload_training%3Fguid%3D8c95e40e3a%26correlation_id%3D92fa3f18-3a6e-4486-8f79-e821fe134ccb&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=&gjid=&cid=153846912.1524066714&tid=UA-83403-17&_gid=1021289689.1524066714&z=372317242

66 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set 8c95e40e3a Show response
corp-internal.com/ 3 KB
2 KB 523ms
115ms Document
text/html 52.72.186.102
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://corp-internal.com/8c95e40e3a?l=66
Protocol: HTTP/1.1
Server: 52.72.186.102 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-186-102.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: 15ef0a4772469d282eae48e2b96cc4af0d20731d8670ad3b76ecf21beea99b5e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control: no-cache
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date: Wed, 18 Apr 2018 15:51:49 GMT
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 922
X-Request-Id: 9314575a7e08b24377e8dfde4a68d8ee
X-UA-Compatible: IE=Edge,chrome=1
X-Runtime: 0.011022
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-06864642018929853 ; 3bb6623096637f0d84387a485ea4eb7640710fd8
ETag: W/"014b06e1eb12f6bbfd37144150cb08ab"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Set-Cookie: EXFILGUID=8c95e40e3a; path=/ link_clicked_8c95e40e3a=1; path=/
X-Rack-Cache: miss

GET
H/1.1 200
OK Cookie set alt_pixel_click_8c95e40e3a.gif
corp-internal.com/ 1 B
680 B 221ms
113ms Image
image/gif 52.72.186.102
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://corp-internal.com:49152/alt_pixel_click_8c95e40e3a.gif?correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/8c95e40e3a?l=66
Protocol: HTTP/1.1
Server: 52.72.186.102 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-186-102.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com:49152
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://corp-internal.com/8c95e40e3a?l=66
Cookie: EXFILGUID=8c95e40e3a; link_clicked_8c95e40e3a=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/8c95e40e3a?l=66
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date: Wed, 18 Apr 2018 15:51:50 GMT
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 21
X-Request-Id: 1708e85273a5190b6a792d7d67e32fda
X-UA-Compatible: IE=Edge,chrome=1
X-Runtime: 0.004126
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03bfceb77bda81c3b ; 3bb6623096637f0d84387a485ea4eb7640710fd8
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: image/gif; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Set-Cookie: EXFILGUID=8c95e40e3a; path=/ link_clicked_8c95e40e3a=2; path=/
X-Rack-Cache: miss

GET
H/1.1 200
OK plugin_detect.js Show response
tslp.s3.amazonaws.com/detect/ 49 KB
49 KB 491ms
151ms Script
text/javascript 54.231.49.56
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/8c95e40e3a?l=66
Protocol: HTTP/1.1
Server: 54.231.49.56 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a

Request headers

Referer: http://corp-internal.com/8c95e40e3a?l=66
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date: Wed, 18 Apr 2018 15:51:51 GMT
Last-Modified: Wed, 15 Feb 2017 17:56:07 GMT
Server: AmazonS3
x-amz-request-id: 8E69C0D8A0C2E722
ETag: "00a513f07603df01e3b99be00f370754"
Content-Type: text/javascript
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 50085
x-amz-id-2: 7sWZuQKa3gs9SuqDa0t8cm5KYHJ7ncpjgzCcbdANG6cQpj2NgaEY3MW5c65m6I8BGztvaNUXQP8=

GET
H/1.1 200
OK bugsnag-2.min.js Show response
d2wy8f7a9ursnm.cloudfront.net/ 6 KB
3 KB 14ms
7ms Script
application/javascript 52.85.182.18
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/8c95e40e3a?l=66
Protocol: HTTP/1.1
Server: 52.85.182.18 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-85-182-18.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc

Request headers

Referer: http://corp-internal.com/8c95e40e3a?l=66
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date: Sat, 29 Jul 2017 12:27:37 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Aug 2016 00:30:49 GMT
Server: AmazonS3
Age: 551874
ETag: "6103bb5e4ec6141e19e1100caafc780c"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 017ee4b2e5ba6b7a7dd1443f39b6e832.cloudfront.net (CloudFront)
Cache-Control: public, max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2962
X-Amz-Cf-Id: 9XbI9v0PB93vC9GOyz3HzsUaa3K2Du9E72YH0W4Jr_zQl-kdeFB4Tw==

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ 90 KB
33 KB 12ms
5ms Script
text/javascript 216.58.207.42
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

Requested by

Host: corp-internal.com
URL: http://corp-internal.com/8c95e40e3a?l=66

Protocol

HTTP/1.1

Server

216.58.207.42 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s24-in-f10.1e100.net

Software

sffe /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://corp-internal.com/8c95e40e3a?l=66
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date: Mon, 12 Feb 2018 21:00:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
Server: sffe
Age: 5597489
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 33018
X-XSS-Protection: 1; mode=block
Expires: Tue, 12 Feb 2019 21:00:20 GMT

GET
H/1.1 200
OK google-tracking.js Show response
corp-internal.com/assets/ 455 B
707 B 103ms
102ms Script
application/javascript 52.72.186.102
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://corp-internal.com/assets/google-tracking.js?g=8c95e40e3a
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/8c95e40e3a?l=66
Protocol: HTTP/1.1
Server: 52.72.186.102 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-186-102.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: fce517e48a56b76d45fd456264b90c82aa6e9ddb578f9f36d844ace5816d9841

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept: */*
Referer: http://corp-internal.com/8c95e40e3a?l=66
Cookie: EXFILGUID=8c95e40e3a; link_clicked_8c95e40e3a=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/8c95e40e3a?l=66
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date: Wed, 18 Apr 2018 15:51:49 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Mar 2018 16:02:03 GMT
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000 public
Connection: keep-alive
Content-Length: 316
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK all.js Show response
corp-internal.com/assets/ 28 KB
7 KB 206ms
103ms Script
application/javascript 52.72.186.102
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://corp-internal.com/assets/all.js?g=8c95e40e3a
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/8c95e40e3a?l=66
Protocol: HTTP/1.1
Server: 52.72.186.102 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-186-102.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: bae06f323013a94b766da34246d6439db4b57a1144e7b4f4c6a18848eb7a4cf8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept: */*
Referer: http://corp-internal.com/8c95e40e3a?l=66
Cookie: EXFILGUID=8c95e40e3a; link_clicked_8c95e40e3a=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/8c95e40e3a?l=66
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date: Wed, 18 Apr 2018 15:51:50 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Mar 2018 16:02:03 GMT
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000 public
Connection: keep-alive
Content-Length: 7149
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
S

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

34 KB
14 KB

6ms
6ms

Script
text/javascript

172.217.22.46
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: corp-internal.com
URL: http://corp-internal.com/8c95e40e3a?l=66

Protocol

SPDY

Server

172.217.22.46 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s16-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

2218bbf47b340278b7b696dbe3af4eed89edffa709c19abd6747b18147c3a675

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://corp-internal.com/8c95e40e3a?l=66
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 12 Apr 2018 18:13:11 GMT
server: Golfe2
age: 3468
date: Wed, 18 Apr 2018 14:54:02 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 14353
expires: Wed, 18 Apr 2018 16:54:02 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

POST
H/1.1 200
OK browser_post Show response
dataentry.threatsim.com/secure/ 1 B
603 B 725ms
109ms XHR
image/gif 52.72.186.102
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://dataentry.threatsim.com/secure/browser_post
Requested by: Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
Protocol: HTTP/1.1
Server: 52.72.186.102 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-186-102.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Accept: */*
Referer: http://corp-internal.com/8c95e40e3a?l=66
Origin: http://corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

X-Runtime: 0.007819
Date: Wed, 18 Apr 2018 15:51:51 GMT
Content-Encoding: gzip
X-Rack-Cache: invalidate, pass
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0cf246e42aaaa42b7, ; 3bb6623096637f0d84387a485ea4eb7640710fd8
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: image/gif; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: 6029e915be224eb8d735ac06b5b027c9
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 731ms
107ms Image
text/html 52.72.186.102
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=8c95e40e3a&msg=BrowserDetect%20-%20localStorage%20%3D%20false&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/8c95e40e3a?l=66
Protocol: HTTP/1.1
Server: 52.72.186.102 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-186-102.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://corp-internal.com/8c95e40e3a?l=66
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

X-Runtime: 0.002197
Date: Wed, 18 Apr 2018 15:51:51 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-06864642018929853, ; 3bb6623096637f0d84387a485ea4eb7640710fd8
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: ea0116849ac848412acf894ca92a85a0
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 736ms
111ms Image
text/html 52.72.186.102
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=8c95e40e3a&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/8c95e40e3a?l=66
Protocol: HTTP/1.1
Server: 52.72.186.102 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-186-102.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://corp-internal.com/8c95e40e3a?l=66
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

X-Runtime: 0.002276
Date: Wed, 18 Apr 2018 15:51:51 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03bfceb77bda81c3b, ; 3bb6623096637f0d84387a485ea4eb7640710fd8
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: 3b570354e1fd6d281dda8e0f1332a62b
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 735ms
108ms Image
text/html 52.72.186.102
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=8c95e40e3a&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/8c95e40e3a?l=66
Protocol: HTTP/1.1
Server: 52.72.186.102 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-186-102.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://corp-internal.com/8c95e40e3a?l=66
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

X-Runtime: 0.002516
Date: Wed, 18 Apr 2018 15:51:51 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0b2ea3fc545a0a577, ; 3bb6623096637f0d84387a485ea4eb7640710fd8
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: 28b12fb223cd0979fb2b0e27697fdd9d
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 747ms
111ms Image
text/html 52.72.186.102
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=8c95e40e3a&msg=BrowserDetect%20-%20browser%20%3D%20Chrome&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/8c95e40e3a?l=66
Protocol: HTTP/1.1
Server: 52.72.186.102 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-186-102.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://corp-internal.com/8c95e40e3a?l=66
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

X-Runtime: 0.002099
Date: Wed, 18 Apr 2018 15:51:51 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-06864642018929853, ; 3bb6623096637f0d84387a485ea4eb7640710fd8
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: bd20dbc360312bc7115da570aea1a0e1
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 749ms
112ms Image
text/html 52.72.186.102
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=8c95e40e3a&msg=BrowserDetect%20-%20browser_version%20%3D%2065&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/8c95e40e3a?l=66
Protocol: HTTP/1.1
Server: 52.72.186.102 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-186-102.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://corp-internal.com/8c95e40e3a?l=66
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

X-Runtime: 0.002436
Date: Wed, 18 Apr 2018 15:51:51 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0b2ea3fc545a0a577, ; 3bb6623096637f0d84387a485ea4eb7640710fd8
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: 1aebb7d8142aa16130e7240cf3382a0a
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 117ms
109ms Image
text/html 52.72.186.102
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=8c95e40e3a&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/8c95e40e3a?l=66
Protocol: HTTP/1.1
Server: 52.72.186.102 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-186-102.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://corp-internal.com/8c95e40e3a?l=66
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

X-Runtime: 0.001699
Date: Wed, 18 Apr 2018 15:51:51 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03bfceb77bda81c3b, ; 3bb6623096637f0d84387a485ea4eb7640710fd8
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: b30461a75ef6de4fbe2fc1523b5c5554
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 114ms
110ms Image
text/html 52.72.186.102
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=8c95e40e3a&msg=BrowserDetect%20-%20os_version%20%3D%20&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/8c95e40e3a?l=66
Protocol: HTTP/1.1
Server: 52.72.186.102 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-186-102.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://corp-internal.com/8c95e40e3a?l=66
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

X-Runtime: 0.002208
Date: Wed, 18 Apr 2018 15:51:51 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0b2ea3fc545a0a577, ; 3bb6623096637f0d84387a485ea4eb7640710fd8
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: 444e071e0a09675a297f65c8aac03a3b
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 110ms
109ms Image
text/html 52.72.186.102
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=8c95e40e3a&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/8c95e40e3a?l=66
Protocol: HTTP/1.1
Server: 52.72.186.102 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-186-102.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://corp-internal.com/8c95e40e3a?l=66
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

X-Runtime: 0.001869
Date: Wed, 18 Apr 2018 15:51:51 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-06864642018929853, ; 3bb6623096637f0d84387a485ea4eb7640710fd8
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: eabf4fa355cdcdb74dfb37bca4204ff6
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 127ms
116ms Image
text/html 52.72.186.102
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=8c95e40e3a&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/8c95e40e3a?l=66
Protocol: HTTP/1.1
Server: 52.72.186.102 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-186-102.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://corp-internal.com/8c95e40e3a?l=66
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

X-Runtime: 0.001573
Date: Wed, 18 Apr 2018 15:51:51 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03bfceb77bda81c3b, ; 3bb6623096637f0d84387a485ea4eb7640710fd8
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: 639fe1f6651a025efc8d50b175c4cda8
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 117ms
114ms Image
text/html 52.72.186.102
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=8c95e40e3a&msg=BrowserDetect%20-%20width%20%3D%201600&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/8c95e40e3a?l=66
Protocol: HTTP/1.1
Server: 52.72.186.102 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-186-102.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://corp-internal.com/8c95e40e3a?l=66
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

X-Runtime: 0.001754
Date: Wed, 18 Apr 2018 15:51:51 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0b2ea3fc545a0a577, ; 3bb6623096637f0d84387a485ea4eb7640710fd8
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: 28d10c6d3f87b4ff6110f53f08e8348b
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 200ms
109ms Image
text/html 52.72.186.102
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=8c95e40e3a&msg=BrowserDetect%20-%20height%20%3D%201200&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/8c95e40e3a?l=66
Protocol: HTTP/1.1
Server: 52.72.186.102 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-186-102.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://corp-internal.com/8c95e40e3a?l=66
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

X-Runtime: 0.001990
Date: Wed, 18 Apr 2018 15:51:51 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0b2ea3fc545a0a577, ; 3bb6623096637f0d84387a485ea4eb7640710fd8
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: d48e99bcb3368ef83c4472f6f08c3125
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 114ms
109ms Image
text/html 52.72.186.102
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=8c95e40e3a&msg=Chrome%20browser%2C%20using%20more%20detailed%20version&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/8c95e40e3a?l=66
Protocol: HTTP/1.1
Server: 52.72.186.102 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-186-102.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://corp-internal.com/8c95e40e3a?l=66
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

X-Runtime: 0.002172
Date: Wed, 18 Apr 2018 15:51:51 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-06864642018929853, ; 3bb6623096637f0d84387a485ea4eb7640710fd8
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: 2df47480d48003c465d0fd6974650a6c
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 110ms
109ms Image
text/html 52.72.186.102
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=8c95e40e3a&msg=Skipping%20java%20detection&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/8c95e40e3a?l=66
Protocol: HTTP/1.1
Server: 52.72.186.102 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-186-102.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://corp-internal.com/8c95e40e3a?l=66
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

X-Runtime: 0.002126
Date: Wed, 18 Apr 2018 15:51:51 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0cf246e42aaaa42b7, ; 3bb6623096637f0d84387a485ea4eb7640710fd8
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: 51eabe64056e6bd1f6054055a4c86030
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 130ms
111ms Image
text/html 52.72.186.102
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=8c95e40e3a&msg=Skipping%20flash%20detection&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/8c95e40e3a?l=66
Protocol: HTTP/1.1
Server: 52.72.186.102 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-186-102.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://corp-internal.com/8c95e40e3a?l=66
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

X-Runtime: 0.001848
Date: Wed, 18 Apr 2018 15:51:51 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0b2ea3fc545a0a577, ; 3bb6623096637f0d84387a485ea4eb7640710fd8
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: 7ae042ee0857e0fb47712bc062edb6d6
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 112ms
111ms Image
text/html 52.72.186.102
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=8c95e40e3a&msg=Skipping%20pdf%20detection&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/8c95e40e3a?l=66
Protocol: HTTP/1.1
Server: 52.72.186.102 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-186-102.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://corp-internal.com/8c95e40e3a?l=66
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

X-Runtime: 0.001988
Date: Wed, 18 Apr 2018 15:51:51 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-06864642018929853, ; 3bb6623096637f0d84387a485ea4eb7640710fd8
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: f65ac43c6008511b087013c056d03e7c
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 193ms
107ms Image
text/html 52.72.186.102
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=8c95e40e3a&msg=Skipping%20quicktime%20detection&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/8c95e40e3a?l=66
Protocol: HTTP/1.1
Server: 52.72.186.102 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-186-102.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash

Request headers

Referer: http://corp-internal.com/8c95e40e3a?l=66
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

X-Runtime: 0.002139
Date: Wed, 18 Apr 2018 15:51:51 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0b2ea3fc545a0a577, ; 3bb6623096637f0d84387a485ea4eb7640710fd8
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: d53c51c6e3059d803d8f0ec29dbaa35b
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 113ms
108ms Image
text/html 52.72.186.102
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=8c95e40e3a&msg=Skipping%20RealPlayer%20detection&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/8c95e40e3a?l=66
Protocol: HTTP/1.1
Server: 52.72.186.102 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-186-102.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash

Request headers

Referer: http://corp-internal.com/8c95e40e3a?l=66
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

X-Runtime: 0.002470
Date: Wed, 18 Apr 2018 15:51:51 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-06864642018929853, ; 3bb6623096637f0d84387a485ea4eb7640710fd8
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: 92d8450bc949c9e302ec6b420b5afaff
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 109ms
108ms Image
text/html 52.72.186.102
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=8c95e40e3a&msg=Skipping%20Silverlight%20detection&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/8c95e40e3a?l=66
Protocol: HTTP/1.1
Server: 52.72.186.102 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-186-102.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash

Request headers

Referer: http://corp-internal.com/8c95e40e3a?l=66
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

X-Runtime: 0.002145
Date: Wed, 18 Apr 2018 15:51:51 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0b2ea3fc545a0a577, ; 3bb6623096637f0d84387a485ea4eb7640710fd8
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: 2c2ff93c445551f1de520b8c65f4ab11
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 133ms
112ms Image
text/html 52.72.186.102
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=8c95e40e3a&msg=Skipping%20WindowsMediaPlayer%20detection&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/8c95e40e3a?l=66
Protocol: HTTP/1.1
Server: 52.72.186.102 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-186-102.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash

Request headers

Referer: http://corp-internal.com/8c95e40e3a?l=66
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

X-Runtime: 0.001979
Date: Wed, 18 Apr 2018 15:51:51 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-06864642018929853, ; 3bb6623096637f0d84387a485ea4eb7640710fd8
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: dd9b13146c12047e111873161c4a66cb
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
dataentry.threatsim.com/ 1 B
591 B 113ms
112ms Image
text/html 52.72.186.102
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.threatsim.com/trace?id=8c95e40e3a&msg=redirecting%20to%20%2Fload_training%3Fguid%3D8c95e40e3a%26correlation_id%3D92fa3f18-3a6e-4486-8f79-e821fe134ccb&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/8c95e40e3a?l=66
Protocol: HTTP/1.1
Server: 52.72.186.102 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-186-102.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash

Request headers

Referer: http://corp-internal.com/8c95e40e3a?l=66
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

X-Runtime: 0.001805
Date: Wed, 18 Apr 2018 15:51:51 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0b2ea3fc545a0a577, ; 3bb6623096637f0d84387a485ea4eb7640710fd8
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 21
X-Request-Id: 07c2c616027f9b81cf99722ac4c517c1
X-UA-Compatible: IE=Edge,chrome=1

GET
S

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

http://www.google-analytics.com/r/collect?v=1&_v=j67&a=530317744&t=pageview&_s=1&dl=http%3A%2F%2Fcorp-internal.com%2F8c95e40e3a%3Fl%3D66&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_...
https://www.google-analytics.com/r/collect?v=1&_v=j67&a=530317744&t=pageview&_s=1&dl=http%3A%2F%2Fcorp-internal.com%2F8c95e40e3a%3Fl%3D66&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-83403-17&cid=1886354993.1524066711&jid=1933847264&_gid=956498158.1524066711&gjid=2111398860&_v=j67&z=42593848

35 B
102 B

15ms
15ms

Image
image/gif

74.125.71.155
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-83403-17&cid=1886354993.1524066711&jid=1933847264&_gid=956498158.1524066711&gjid=2111398860&_v=j67&z=42593848

Requested by

Host: corp-internal.com
URL: http://corp-internal.com/8c95e40e3a?l=66

Protocol

SPDY

Server

74.125.71.155 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wn-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://corp-internal.com/8c95e40e3a?l=66
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 18 Apr 2018 15:51:50 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: hq=":443"; ma=2592000; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="42,41,39,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 18 Apr 2018 15:51:50 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 302
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-83403-17&cid=1886354993.1524066711&jid=1933847264&_gid=956498158.1524066711&gjid=2111398860&_v=j67&z=42593848
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 415
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S

200

collect
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/collect?v=1&_v=j67&a=530317744&t=pageview&_s=2&dl=http%3A%2F%2Fcorp-internal.com%2F8c95e40e3a%3Fl%3D66&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=...
https://www.google-analytics.com/collect?v=1&_v=j67&a=530317744&t=pageview&_s=2&dl=http%3A%2F%2Fcorp-internal.com%2F8c95e40e3a%3Fl%3D66&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u...

35 B
109 B

6ms
6ms

Image
image/gif

172.217.22.46
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j67&a=530317744&t=pageview&_s=2&dl=http%3A%2F%2Fcorp-internal.com%2F8c95e40e3a%3Fl%3D66&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=&gjid=&cid=1886354993.1524066711&uid=8c95e40e3a&tid=UA-83403-17&_gid=956498158.1524066711&z=831489406

Requested by

Host: corp-internal.com
URL: http://corp-internal.com/8c95e40e3a?l=66

Protocol

SPDY

Server

172.217.22.46 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s16-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://corp-internal.com/8c95e40e3a?l=66
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Apr 2018 17:54:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 165451
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/collect?v=1&_v=j67&a=530317744&t=pageview&_s=2&dl=http%3A%2F%2Fcorp-internal.com%2F8c95e40e3a%3Fl%3D66&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=&gjid=&cid=1886354993.1524066711&uid=8c95e40e3a&tid=UA-83403-17&_gid=956498158.1524066711&z=831489406
Non-Authoritative-Reason: HSTS

GET trace
dataentry.threatsim.com/ 0
0

GET
H/1.1 200
OK Primary Request Cookie set load_training Show response
corp-internal.com/ 3 KB
2 KB 118ms
118ms Document
text/html 52.72.186.102
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/assets/all.js?g=8c95e40e3a
Protocol: HTTP/1.1
Server: 52.72.186.102 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-186-102.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: 31964322b90e3cd683be506942019fed9fa4a89bdcf19f14dd057df1b6f0ed7b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://corp-internal.com/8c95e40e3a?l=66
Connection: keep-alive
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
Referer: http://corp-internal.com/8c95e40e3a?l=66
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date: Wed, 18 Apr 2018 15:51:51 GMT
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 1039
X-Request-Id: f585c2c3e640089392a54926be06bfd9
X-UA-Compatible: IE=Edge,chrome=1
X-Runtime: 0.014319
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-06864642018929853 ; 3bb6623096637f0d84387a485ea4eb7640710fd8
ETag: W/"7114acd279b734208add01f86b42227a"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Set-Cookie: EXFILGUID=8c95e40e3a; path=/
X-Rack-Cache: miss

GET
H/1.1 200
OK bugsnag-2.min.js Show response
d2wy8f7a9ursnm.cloudfront.net/ 6 KB
3 KB 8ms
7ms Script
application/javascript 52.85.182.18
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Protocol: HTTP/1.1
Server: 52.85.182.18 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-85-182-18.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc

Request headers

Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date: Sat, 29 Jul 2017 12:27:37 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Aug 2016 00:30:49 GMT
Server: AmazonS3
Age: 551876
ETag: "6103bb5e4ec6141e19e1100caafc780c"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 017ee4b2e5ba6b7a7dd1443f39b6e832.cloudfront.net (CloudFront)
Cache-Control: public, max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2962
X-Amz-Cf-Id: Fu7SjkXNAlpoZ-cYqQWN4v7Jzldq9iu2kA3sJk9F41QscdhP0vUecQ==

GET
S 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 94 KB
33 KB 7ms
6ms Script
text/javascript 172.217.22.42
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Requested by

Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb

Protocol

SPDY

Server

172.217.22.42 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s16-in-f10.1e100.net

Software

sffe /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date: Mon, 12 Feb 2018 15:33:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5617088
status: 200
alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 33576
x-xss-protection: 1; mode=block
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Feb 2019 15:33:43 GMT

GET
H/1.1 200
OK plugin_detect.js Show response
tslp.s3.amazonaws.com/detect/ 49 KB
49 KB 1327ms
1326ms Script
text/javascript 54.231.49.56
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Protocol: HTTP/1.1
Server: 54.231.49.56 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a

Request headers

Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date: Wed, 18 Apr 2018 15:51:53 GMT
Last-Modified: Wed, 15 Feb 2017 17:56:07 GMT
Server: AmazonS3
x-amz-request-id: E955E714E442E02D
ETag: "00a513f07603df01e3b99be00f370754"
Content-Type: text/javascript
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 50085
x-amz-id-2: LWxrLyCJ8zXkHxDuxh3RrXnyA1XXDrW534Y9vH5EOiZB4EcOOv0AXbzE29z6bqusXdSzbE59BmY=

GET
H/1.1 200
OK attachment-link-6b3f15.PNG
ts-uploads.s3.amazonaws.com/training/production/1529/ 156 KB
156 KB 505ms
185ms Image
image/png 52.216.82.208
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ts-uploads.s3.amazonaws.com/training/production/1529/attachment-link-6b3f15.PNG
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Protocol: HTTP/1.1
Server: 52.216.82.208 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 155189205fb0f3f2b814039179ba67b3d8cedb9e5e6de92af955c5283f6e8aab

Request headers

Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date: Wed, 18 Apr 2018 15:51:53 GMT
Last-Modified: Tue, 18 Oct 2016 21:09:35 GMT
Server: AmazonS3
x-amz-request-id: 0012BAE23694A67B
ETag: "84baa2e6d108747a6ff7aa0e7fd4696d"
Content-Type: image/png
x-amz-version-id: 6GXQwDfCV00W63MOvcZrTVV5tseVk_BJ
Accept-Ranges: bytes
Content-Length: 159418
x-amz-id-2: DBFfyA0Kd2v//CW1k1qWmjcmpiDg8ML13buUYPZwLBgfkZCZSgmstTDlvUKk48FUXKpd0M3ep/A=

GET
H/1.1 200
OK google-tracking.js Show response
corp-internal.com/assets/ 455 B
707 B 102ms
102ms Script
application/javascript 52.72.186.102
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://corp-internal.com/assets/google-tracking.js?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Protocol: HTTP/1.1
Server: 52.72.186.102 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-186-102.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: fce517e48a56b76d45fd456264b90c82aa6e9ddb578f9f36d844ace5816d9841

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept: */*
Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Cookie: EXFILGUID=8c95e40e3a
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date: Wed, 18 Apr 2018 15:51:51 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Mar 2018 16:02:03 GMT
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000 public
Connection: keep-alive
Content-Length: 316
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK all.js Show response
corp-internal.com/assets/ 28 KB
7 KB 103ms
102ms Script
application/javascript 52.72.186.102
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://corp-internal.com/assets/all.js?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Protocol: HTTP/1.1
Server: 52.72.186.102 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-186-102.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: bae06f323013a94b766da34246d6439db4b57a1144e7b4f4c6a18848eb7a4cf8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept: */*
Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Cookie: EXFILGUID=8c95e40e3a
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date: Wed, 18 Apr 2018 15:51:51 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Mar 2018 16:02:03 GMT
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000 public
Connection: keep-alive
Content-Length: 7149
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
S

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

34 KB
14 KB

6ms
6ms

Script
text/javascript

172.217.22.46
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb

Protocol

SPDY

Server

172.217.22.46 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s16-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

2218bbf47b340278b7b696dbe3af4eed89edffa709c19abd6747b18147c3a675

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 12 Apr 2018 18:13:11 GMT
server: Golfe2
age: 3471
date: Wed, 18 Apr 2018 14:54:02 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 14353
expires: Wed, 18 Apr 2018 16:54:02 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK trace
corp-internal.com/ 1 B
591 B 106ms
105ms Image
text/html 52.72.186.102
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://corp-internal.com/trace?id=undefined&msg=window.tracking_id%20is%20not%20set%2C%20let%27s%20get%20it&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Protocol: HTTP/1.1
Server: 52.72.186.102 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-186-102.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Cookie: EXFILGUID=8c95e40e3a
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

X-Runtime: 0.001948
Date: Wed, 18 Apr 2018 15:51:53 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03bfceb77bda81c3b ; 3bb6623096637f0d84387a485ea4eb7640710fd8
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: a2906d1c7fdc7c5bc5d982e9c6b12d50
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
corp-internal.com/ 1 B
591 B 111ms
111ms Image
text/html 52.72.186.102
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://corp-internal.com/trace?id=unknown&msg=get-id%20is%20undefined&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Protocol: HTTP/1.1
Server: 52.72.186.102 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-186-102.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Cookie: EXFILGUID=8c95e40e3a
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

X-Runtime: 0.002156
Date: Wed, 18 Apr 2018 15:51:53 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-06864642018929853 ; 3bb6623096637f0d84387a485ea4eb7640710fd8
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: 02e233b1636b5dee2552db4af3e1e710
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
corp-internal.com/ 1 B
591 B 251ms
145ms Image
text/html 52.72.186.102
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://corp-internal.com/trace?id=unknown&msg=did%20not%20find%20guid%20in%20last%20part%20of%20location&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Protocol: HTTP/1.1
Server: 52.72.186.102 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-186-102.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Cookie: EXFILGUID=8c95e40e3a
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

X-Runtime: 0.002381
Date: Wed, 18 Apr 2018 15:51:53 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03bfceb77bda81c3b ; 3bb6623096637f0d84387a485ea4eb7640710fd8
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: 1b98dadad4f8bcac5d734a7e8fe0a11b
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
corp-internal.com/ 1 B
591 B 253ms
150ms Image
text/html 52.72.186.102
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://corp-internal.com/trace?id=8c95e40e3a&msg=BrowserDetect%20-%20localStorage%20%3D%20false&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Protocol: HTTP/1.1
Server: 52.72.186.102 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-186-102.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Cookie: EXFILGUID=8c95e40e3a
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

X-Runtime: 0.001743
Date: Wed, 18 Apr 2018 15:51:53 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0b2ea3fc545a0a577 ; 3bb6623096637f0d84387a485ea4eb7640710fd8
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: 3f4defa3ca5d45c4eff5b9d9aa3f827c
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
corp-internal.com/ 1 B
591 B 255ms
149ms Image
text/html 52.72.186.102
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://corp-internal.com/trace?id=8c95e40e3a&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Protocol: HTTP/1.1
Server: 52.72.186.102 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-186-102.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Cookie: EXFILGUID=8c95e40e3a
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

X-Runtime: 0.002185
Date: Wed, 18 Apr 2018 15:51:53 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0cf246e42aaaa42b7 ; 3bb6623096637f0d84387a485ea4eb7640710fd8
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: 3fc345dc1f6d6476735036fdff5d7f19
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
corp-internal.com/ 1 B
591 B 254ms
147ms Image
text/html 52.72.186.102
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://corp-internal.com/trace?id=8c95e40e3a&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Protocol: HTTP/1.1
Server: 52.72.186.102 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-186-102.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Cookie: EXFILGUID=8c95e40e3a
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

X-Runtime: 0.001897
Date: Wed, 18 Apr 2018 15:51:53 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03bfceb77bda81c3b ; 3bb6623096637f0d84387a485ea4eb7640710fd8
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: d9a8eedfbdf6b97af4eff506fc320a8a
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
corp-internal.com/ 1 B
591 B 151ms
147ms Image
text/html 52.72.186.102
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://corp-internal.com/trace?id=8c95e40e3a&msg=BrowserDetect%20-%20browser%20%3D%20Chrome&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Protocol: HTTP/1.1
Server: 52.72.186.102 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-186-102.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Cookie: EXFILGUID=8c95e40e3a; _ga=GA1.2.153846912.1524066714; _gid=GA1.2.1021289689.1524066714; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

X-Runtime: 0.002836
Date: Wed, 18 Apr 2018 15:51:53 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-06864642018929853 ; 3bb6623096637f0d84387a485ea4eb7640710fd8
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: 405f870bbd459f028634c9c39b8597a9
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
corp-internal.com/ 1 B
591 B 145ms
145ms Image
text/html 52.72.186.102
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://corp-internal.com/trace?id=8c95e40e3a&msg=BrowserDetect%20-%20browser_version%20%3D%2065&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Protocol: HTTP/1.1
Server: 52.72.186.102 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-186-102.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Cookie: EXFILGUID=8c95e40e3a; _ga=GA1.2.153846912.1524066714; _gid=GA1.2.1021289689.1524066714; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

X-Runtime: 0.002872
Date: Wed, 18 Apr 2018 15:51:53 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-06864642018929853 ; 3bb6623096637f0d84387a485ea4eb7640710fd8
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: e97e574f5b63ad8b943144d35aef02b9
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
corp-internal.com/ 1 B
591 B 106ms
106ms Image
text/html 52.72.186.102
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://corp-internal.com/trace?id=8c95e40e3a&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Protocol: HTTP/1.1
Server: 52.72.186.102 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-186-102.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Cookie: EXFILGUID=8c95e40e3a; _ga=GA1.2.153846912.1524066714; _gid=GA1.2.1021289689.1524066714; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

X-Runtime: 0.002243
Date: Wed, 18 Apr 2018 15:51:53 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0b2ea3fc545a0a577 ; 3bb6623096637f0d84387a485ea4eb7640710fd8
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: 2229ed5f163f391b834d09dd2c21d504
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
corp-internal.com/ 1 B
591 B 113ms
111ms Image
text/html 52.72.186.102
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://corp-internal.com/trace?id=8c95e40e3a&msg=BrowserDetect%20-%20os_version%20%3D%20&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Protocol: HTTP/1.1
Server: 52.72.186.102 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-186-102.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Cookie: EXFILGUID=8c95e40e3a; _ga=GA1.2.153846912.1524066714; _gid=GA1.2.1021289689.1524066714; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

X-Runtime: 0.001797
Date: Wed, 18 Apr 2018 15:51:53 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0b2ea3fc545a0a577 ; 3bb6623096637f0d84387a485ea4eb7640710fd8
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: 598d37c0e3738f00014d27801ce366e1
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
corp-internal.com/ 1 B
591 B 112ms
111ms Image
text/html 52.72.186.102
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://corp-internal.com/trace?id=8c95e40e3a&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Protocol: HTTP/1.1
Server: 52.72.186.102 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-186-102.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Cookie: EXFILGUID=8c95e40e3a; _ga=GA1.2.153846912.1524066714; _gid=GA1.2.1021289689.1524066714; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

X-Runtime: 0.001867
Date: Wed, 18 Apr 2018 15:51:53 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0cf246e42aaaa42b7 ; 3bb6623096637f0d84387a485ea4eb7640710fd8
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: 3cba7280acb0ef3eb9e0fe97ae6e6422
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
corp-internal.com/ 1 B
591 B 141ms
140ms Image
text/html 52.72.186.102
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://corp-internal.com/trace?id=8c95e40e3a&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Protocol: HTTP/1.1
Server: 52.72.186.102 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-186-102.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Cookie: EXFILGUID=8c95e40e3a; _ga=GA1.2.153846912.1524066714; _gid=GA1.2.1021289689.1524066714; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

X-Runtime: 0.002348
Date: Wed, 18 Apr 2018 15:51:53 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03bfceb77bda81c3b ; 3bb6623096637f0d84387a485ea4eb7640710fd8
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: e8f8a301f9b33a4b19a3229b5ecb4c46
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
corp-internal.com/ 1 B
591 B 140ms
140ms Image
text/html 52.72.186.102
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://corp-internal.com/trace?id=8c95e40e3a&msg=BrowserDetect%20-%20width%20%3D%201600&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Protocol: HTTP/1.1
Server: 52.72.186.102 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-186-102.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Cookie: EXFILGUID=8c95e40e3a; _ga=GA1.2.153846912.1524066714; _gid=GA1.2.1021289689.1524066714; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

X-Runtime: 0.001706
Date: Wed, 18 Apr 2018 15:51:53 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-06864642018929853 ; 3bb6623096637f0d84387a485ea4eb7640710fd8
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: 49bef24b19aae9d66d000ed19b02d148
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
corp-internal.com/ 1 B
591 B 110ms
109ms Image
text/html 52.72.186.102
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://corp-internal.com/trace?id=8c95e40e3a&msg=BrowserDetect%20-%20height%20%3D%201200&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Protocol: HTTP/1.1
Server: 52.72.186.102 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-186-102.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Cookie: EXFILGUID=8c95e40e3a; _ga=GA1.2.153846912.1524066714; _gid=GA1.2.1021289689.1524066714; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

X-Runtime: 0.002307
Date: Wed, 18 Apr 2018 15:51:53 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-06864642018929853 ; 3bb6623096637f0d84387a485ea4eb7640710fd8
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: 8caca3dcff9d4a471a19cb17b799e635
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
corp-internal.com/ 1 B
591 B 108ms
107ms Image
text/html 52.72.186.102
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://corp-internal.com/trace?id=8c95e40e3a&msg=Chrome%20browser%2C%20using%20more%20detailed%20version&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Protocol: HTTP/1.1
Server: 52.72.186.102 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-186-102.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Cookie: EXFILGUID=8c95e40e3a; _ga=GA1.2.153846912.1524066714; _gid=GA1.2.1021289689.1524066714; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

X-Runtime: 0.002166
Date: Wed, 18 Apr 2018 15:51:53 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-06864642018929853 ; 3bb6623096637f0d84387a485ea4eb7640710fd8
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: 7a85843b97a54ca563889a26a0154e0a
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
corp-internal.com/ 1 B
591 B 108ms
108ms Image
text/html 52.72.186.102
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://corp-internal.com/trace?id=8c95e40e3a&msg=Skipping%20java%20detection&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Protocol: HTTP/1.1
Server: 52.72.186.102 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-186-102.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Cookie: EXFILGUID=8c95e40e3a; _ga=GA1.2.153846912.1524066714; _gid=GA1.2.1021289689.1524066714; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

X-Runtime: 0.002261
Date: Wed, 18 Apr 2018 15:51:54 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0b2ea3fc545a0a577 ; 3bb6623096637f0d84387a485ea4eb7640710fd8
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: 23e62afbc676e812d05d2f6ae50dc2bb
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
corp-internal.com/ 1 B
591 B 112ms
112ms Image
text/html 52.72.186.102
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://corp-internal.com/trace?id=8c95e40e3a&msg=Skipping%20flash%20detection&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Protocol: HTTP/1.1
Server: 52.72.186.102 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-186-102.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Cookie: EXFILGUID=8c95e40e3a; _ga=GA1.2.153846912.1524066714; _gid=GA1.2.1021289689.1524066714; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

X-Runtime: 0.001818
Date: Wed, 18 Apr 2018 15:51:54 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0cf246e42aaaa42b7 ; 3bb6623096637f0d84387a485ea4eb7640710fd8
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: 36e9e106453026792f141aebfd5190e6
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
corp-internal.com/ 1 B
591 B 113ms
112ms Image
text/html 52.72.186.102
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://corp-internal.com/trace?id=8c95e40e3a&msg=Skipping%20pdf%20detection&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Protocol: HTTP/1.1
Server: 52.72.186.102 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-186-102.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Cookie: EXFILGUID=8c95e40e3a; _ga=GA1.2.153846912.1524066714; _gid=GA1.2.1021289689.1524066714; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

X-Runtime: 0.001737
Date: Wed, 18 Apr 2018 15:51:54 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-06864642018929853 ; 3bb6623096637f0d84387a485ea4eb7640710fd8
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: e34c66387d125ee1b2777f92f43c318a
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
corp-internal.com/ 1 B
591 B 111ms
111ms Image
text/html 52.72.186.102
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://corp-internal.com/trace?id=8c95e40e3a&msg=Skipping%20quicktime%20detection&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Protocol: HTTP/1.1
Server: 52.72.186.102 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-186-102.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Cookie: EXFILGUID=8c95e40e3a; _ga=GA1.2.153846912.1524066714; _gid=GA1.2.1021289689.1524066714; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

X-Runtime: 0.001832
Date: Wed, 18 Apr 2018 15:51:54 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0cf246e42aaaa42b7 ; 3bb6623096637f0d84387a485ea4eb7640710fd8
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: b59c1cc169f09449d47fb3efe5bcd036
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
corp-internal.com/ 1 B
591 B 111ms
111ms Image
text/html 52.72.186.102
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://corp-internal.com/trace?id=8c95e40e3a&msg=Skipping%20RealPlayer%20detection&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Protocol: HTTP/1.1
Server: 52.72.186.102 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-186-102.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Cookie: EXFILGUID=8c95e40e3a; _ga=GA1.2.153846912.1524066714; _gid=GA1.2.1021289689.1524066714; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

X-Runtime: 0.001740
Date: Wed, 18 Apr 2018 15:51:54 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-06864642018929853 ; 3bb6623096637f0d84387a485ea4eb7640710fd8
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: 999c13b9ae732969fa41a1a35e8b7f56
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
corp-internal.com/ 1 B
591 B 107ms
107ms Image
text/html 52.72.186.102
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://corp-internal.com/trace?id=8c95e40e3a&msg=Skipping%20Silverlight%20detection&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Protocol: HTTP/1.1
Server: 52.72.186.102 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-186-102.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Cookie: EXFILGUID=8c95e40e3a; _ga=GA1.2.153846912.1524066714; _gid=GA1.2.1021289689.1524066714; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

X-Runtime: 0.002760
Date: Wed, 18 Apr 2018 15:51:54 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03bfceb77bda81c3b ; 3bb6623096637f0d84387a485ea4eb7640710fd8
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: c77fa8bd4cdc020cdb20b286c35dcbeb
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
corp-internal.com/ 1 B
591 B 107ms
107ms Image
text/html 52.72.186.102
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://corp-internal.com/trace?id=8c95e40e3a&msg=Skipping%20WindowsMediaPlayer%20detection&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Protocol: HTTP/1.1
Server: 52.72.186.102 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-186-102.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Cookie: EXFILGUID=8c95e40e3a; _ga=GA1.2.153846912.1524066714; _gid=GA1.2.1021289689.1524066714; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

X-Runtime: 0.002121
Date: Wed, 18 Apr 2018 15:51:54 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-06864642018929853 ; 3bb6623096637f0d84387a485ea4eb7640710fd8
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: 868ac93295aa81a73751a78c3e7a13f8
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
corp-internal.com/ 1 B
591 B 111ms
111ms Image
text/html 52.72.186.102
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://corp-internal.com/trace?id=8c95e40e3a&msg=training_page_no_browser_post&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Protocol: HTTP/1.1
Server: 52.72.186.102 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-186-102.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Cookie: EXFILGUID=8c95e40e3a; _ga=GA1.2.153846912.1524066714; _gid=GA1.2.1021289689.1524066714; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

X-Runtime: 0.001885
Date: Wed, 18 Apr 2018 15:51:54 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-0cf246e42aaaa42b7 ; 3bb6623096637f0d84387a485ea4eb7640710fd8
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: 784e109b0ed57daddd1d8e8bc0522be7
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK trace
corp-internal.com/ 1 B
591 B 112ms
111ms Image
text/html 52.72.186.102
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://corp-internal.com/trace?id=8c95e40e3a&msg=redirect_url%20is%20undefined&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Requested by: Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Protocol: HTTP/1.1
Server: 52.72.186.102 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-72-186-102.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: corp-internal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
Cookie: EXFILGUID=8c95e40e3a; _ga=GA1.2.153846912.1524066714; _gid=GA1.2.1021289689.1524066714; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

X-Runtime: 0.002275
Date: Wed, 18 Apr 2018 15:51:54 GMT
Content-Encoding: gzip
X-Rack-Cache: miss
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-us-i-03bfceb77bda81c3b ; 3bb6623096637f0d84387a485ea4eb7640710fd8
ETag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 21
X-Request-Id: 0e9de133a46130df9266ca08fd69506e
X-UA-Compatible: IE=Edge,chrome=1

GET
S

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

http://www.google-analytics.com/r/collect?v=1&_v=j67&a=1450749479&t=pageview&_s=1&dl=http%3A%2F%2Fcorp-internal.com%2Fload_training%3Fguid%3D8c95e40e3a%26correlation_id%3D92fa3f18-3a6e-4486-8f79-e8...
https://www.google-analytics.com/r/collect?v=1&_v=j67&a=1450749479&t=pageview&_s=1&dl=http%3A%2F%2Fcorp-internal.com%2Fload_training%3Fguid%3D8c95e40e3a%26correlation_id%3D92fa3f18-3a6e-4486-8f79-e...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-83403-17&cid=153846912.1524066714&jid=547855088&_gid=1021289689.1524066714&gjid=220730741&_v=j67&z=1034975292

35 B
102 B

15ms
15ms

Image
image/gif

74.125.71.155
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-83403-17&cid=153846912.1524066714&jid=547855088&_gid=1021289689.1524066714&gjid=220730741&_v=j67&z=1034975292

Requested by

Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb

Protocol

SPDY

Server

74.125.71.155 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wn-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 18 Apr 2018 15:51:53 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: hq=":443"; ma=2592000; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="42,41,39,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 18 Apr 2018 15:51:53 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 302
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-83403-17&cid=153846912.1524066714&jid=547855088&_gid=1021289689.1524066714&gjid=220730741&_v=j67&z=1034975292
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 415
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S

200

collect
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/collect?v=1&_v=j67&a=1450749479&t=pageview&_s=2&dl=http%3A%2F%2Fcorp-internal.com%2Fload_training%3Fguid%3D8c95e40e3a%26correlation_id%3D92fa3f18-3a6e-4486-8f79-e821...
https://www.google-analytics.com/collect?v=1&_v=j67&a=1450749479&t=pageview&_s=2&dl=http%3A%2F%2Fcorp-internal.com%2Fload_training%3Fguid%3D8c95e40e3a%26correlation_id%3D92fa3f18-3a6e-4486-8f79-e82...

35 B
109 B

6ms
6ms

Image
image/gif

172.217.22.46
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j67&a=1450749479&t=pageview&_s=2&dl=http%3A%2F%2Fcorp-internal.com%2Fload_training%3Fguid%3D8c95e40e3a%26correlation_id%3D92fa3f18-3a6e-4486-8f79-e821fe134ccb&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=&gjid=&cid=153846912.1524066714&tid=UA-83403-17&_gid=1021289689.1524066714&z=372317242

Requested by

Host: corp-internal.com
URL: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb

Protocol

SPDY

Server

172.217.22.46 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s16-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://corp-internal.com/load_training?guid=8c95e40e3a&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Apr 2018 17:54:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 165454
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/collect?v=1&_v=j67&a=1450749479&t=pageview&_s=2&dl=http%3A%2F%2Fcorp-internal.com%2Fload_training%3Fguid%3D8c95e40e3a%26correlation_id%3D92fa3f18-3a6e-4486-8f79-e821fe134ccb&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=&gjid=&cid=153846912.1524066714&tid=UA-83403-17&_gid=1021289689.1524066714&z=372317242
Non-Authoritative-Reason: HSTS

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dataentry.threatsim.com
URL: https://dataentry.threatsim.com/trace?id=8c95e40e3a&msg=browser_post_successful&correlation_id=92fa3f18-3a6e-4486-8f79-e821fe134ccb

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.corp-internal.com/	1970-01-18 15:21:06	Name: _gat Value: 1
.corp-internal.com/	1970-01-18 15:22:33	Name: _gid Value: GA1.2.1021289689.1524066714
.corp-internal.com/	1970-01-19 08:52:18	Name: _ga Value: GA1.2.153846912.1524066714
corp-internal.com/	1969-12-31 23:59:59	Name: EXFILGUID Value: 8c95e40e3a

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
corp-internal.com
d2wy8f7a9ursnm.cloudfront.net
dataentry.threatsim.com
stats.g.doubleclick.net
ts-uploads.s3.amazonaws.com
tslp.s3.amazonaws.com
www.google-analytics.com
dataentry.threatsim.com
172.217.22.42
172.217.22.46
216.58.207.42
52.216.82.208
52.72.186.102
52.85.182.18
54.231.49.56
74.125.71.155
155189205fb0f3f2b814039179ba67b3d8cedb9e5e6de92af955c5283f6e8aab
15ef0a4772469d282eae48e2b96cc4af0d20731d8670ad3b76ecf21beea99b5e
2218bbf47b340278b7b696dbe3af4eed89edffa709c19abd6747b18147c3a675
31964322b90e3cd683be506942019fed9fa4a89bdcf19f14dd057df1b6f0ed7b
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
bae06f323013a94b766da34246d6439db4b57a1144e7b4f4c6a18848eb7a4cf8
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fce517e48a56b76d45fd456264b90c82aa6e9ddb578f9f36d844ace5816d9841

corp-internal.com Open in urlscan Pro 52.72.186.102 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

66 Requests

0 %HTTPS

0 %IPv6

7 Domains

8 Subdomains

9 IPs

1 Countries

402 kBTransfer

583 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

corp-internal.com Open in urlscan Pro
52.72.186.102 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

0 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

9
IPs

1
Countries

402 kB
Transfer

583 kB
Size

4
Cookies

66 HTTP transactions
0 data transactions