banking.firstfedtrust.com Open in urlscan Pro
23.23.167.42 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://banking.firstfedtrust.com/7b819de490?l=56
Effective URL:
https://banking.firstfedtrust.com/7b819de490?l=56
Submission: On May 20 via api (May 20th 2024, 9:16:31 pm UTC) from US — Scanned from DE

Summary HTTP 43 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 43 HTTP transactions. The main IP is 23.23.167.42, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is banking.firstfedtrust.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on January 7th 2024. Valid for: a year.

This is the only time banking.firstfedtrust.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
40	23.23.167.42 23.23.167.42	14618 (AMAZON-AES) (AMAZON-AES)
3	18.245.60.109 18.245.60.109	16509 (AMAZON-02) (AMAZON-02)
43	2

40 23.23.167.42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-167-42.compute-1.amazonaws.com

banking.firstfedtrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.245.60.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-109.fra60.r.cloudfront.net

ef64bc6981db.c8065ebc.us-east-1.token.awswaf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	firstfedtrust.com banking.firstfedtrust.com	61 KB
3	awswaf.com ef64bc6981db.c8065ebc.us-east-1.token.awswaf.com — Cisco Umbrella Rank: 603049	287 KB
43	2

	Domain	Requested by
40	banking.firstfedtrust.com	banking.firstfedtrust.com
3	ef64bc6981db.c8065ebc.us-east-1.token.awswaf.com	banking.firstfedtrust.com ef64bc6981db.c8065ebc.us-east-1.token.awswaf.com
43	2

This site contains no links.

Subject Issuer	Validity	Valid
cyber-sale.net Amazon RSA 2048 M02	`2024-01-07` - `2025-02-05`	a year	crt.sh
*.c8065ebc.us-east-1.token.awswaf.com Amazon RSA 2048 M02	`2024-05-05` - `2025-06-03`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://banking.firstfedtrust.com/7b819de490?l=56
Frame ID: EC6D5C3DE523515E798A05AD01848E37
Requests: 43 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The page cannot be found

Page URL History Show full URLs

http://banking.firstfedtrust.com/7b819de490?l=56 HTTP 307
https://banking.firstfedtrust.com/7b819de490?l=56 Page URL
https://banking.firstfedtrust.com/7b819de490?l=56 Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

43
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

347 kB
Transfer

1192 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://banking.firstfedtrust.com/7b819de490?l=56 HTTP 307
https://banking.firstfedtrust.com/7b819de490?l=56 Page URL
https://banking.firstfedtrust.com/7b819de490?l=56 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://banking.firstfedtrust.com/7b819de490?l=56 HTTP 307
https://banking.firstfedtrust.com/7b819de490?l=56

43 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

202

7b819de490 Show response
banking.firstfedtrust.com/
Redirect Chain

http://banking.firstfedtrust.com/7b819de490?l=56
https://banking.firstfedtrust.com/7b819de490?l=56

2 KB
2 KB

359ms
115ms

Document
text/html

23.23.167.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://banking.firstfedtrust.com/7b819de490?l=56
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.167.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-23-167-42.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: ce494974d0af3af6bfb388ec2c88e395dd4007f436feaa387cf392ff356c8939

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-methods: OPTIONS,GET,POST
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-store, max-age=0
content-length: 2009
content-type: text/html; charset=UTF-8
date: Mon, 20 May 2024 21:16:26 GMT
server: awselb/2.0
x-amzn-waf-action: challenge

Redirect headers

Location: https://banking.firstfedtrust.com/7b819de490?l=56
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 challenge.js Show response
ef64bc6981db.c8065ebc.us-east-1.token.awswaf.com/ef64bc6981db/740c86c9aa24/04273f930fa9/ 1 MB
285 KB 579ms
295ms Script
text/javascript 18.245.60.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ef64bc6981db.c8065ebc.us-east-1.token.awswaf.com/ef64bc6981db/740c86c9aa24/04273f930fa9/challenge.js
Requested by: Host: banking.firstfedtrust.com
URL: https://banking.firstfedtrust.com/7b819de490?l=56
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-109.fra60.r.cloudfront.net
Software: /
Resource Hash: bb007dc5d4c0ce1175ed5932750f49d615f1756341d90e82e1979a9ff97cf422

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://banking.firstfedtrust.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 20 May 2024 21:16:26 GMT
content-encoding: gzip
via: 1.1 72500140cb63ff2dee8b57e4476902e6.cloudfront.net (CloudFront)
last-modified: Mon, 20 May 2024 21:16:26 +0000
x-amz-cf-pop: FRA60-P5
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amzn-waf-challenge-id: Root=1-664bbdaa-0c094fa26dd359380348da78
content-type: text/javascript
cache-control: private, max-age=86400, stale-while-revalidate=604800
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: GkMw29vXmOhoJB0RT_KmtcpHpA0wYtVQx-F2Kvwzm7tpwRj3hhlOGA==
expires: 0

GET
H2 202 favicon.ico
banking.firstfedtrust.com/ 0
212 B 115ms
115ms Other
text/html 23.23.167.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://banking.firstfedtrust.com/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.167.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-23-167-42.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://banking.firstfedtrust.com/7b819de490?l=56
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 21:16:27 GMT
server: awselb/2.0
x-amzn-waf-action: challenge
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,GET,POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, max-age=0
content-length: 0

POST
H3 200 verify Show response
ef64bc6981db.c8065ebc.us-east-1.token.awswaf.com/ef64bc6981db/740c86c9aa24/04273f930fa9/ 312 B
658 B 342ms
319ms Fetch
application/json 18.245.60.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ef64bc6981db.c8065ebc.us-east-1.token.awswaf.com/ef64bc6981db/740c86c9aa24/04273f930fa9/verify
Requested by: Host: ef64bc6981db.c8065ebc.us-east-1.token.awswaf.com
URL: https://ef64bc6981db.c8065ebc.us-east-1.token.awswaf.com/ef64bc6981db/740c86c9aa24/04273f930fa9/challenge.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.245.60.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-109.fra60.r.cloudfront.net
Software: /
Resource Hash: 1cd3a203ef570d42586423f142b7d1559dcea2fc4b11cb1bfd1dbbac7f905ae3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://banking.firstfedtrust.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 20 May 2024 21:16:27 GMT
via: 1.1 5cf26f8164e0cad37f6634ff6aeac4ce.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,GET,POST
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-amzn-waf-challenge-id: Root=1-664bbdab-1d3f48015c64dfa75a8b1e13
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=86400
content-length: 312
x-amz-cf-id: ddkugjM9EPbwDb1TQTDESOPVIkESy1dX9S8dBjk4h1SiboologoZvg==
expires: 0

POST
H3 200 telemetry Show response
ef64bc6981db.c8065ebc.us-east-1.token.awswaf.com/ef64bc6981db/740c86c9aa24/04273f930fa9/ 880 B
1 KB 294ms
294ms Fetch
application/json 18.245.60.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ef64bc6981db.c8065ebc.us-east-1.token.awswaf.com/ef64bc6981db/740c86c9aa24/04273f930fa9/telemetry
Requested by: Host: ef64bc6981db.c8065ebc.us-east-1.token.awswaf.com
URL: https://ef64bc6981db.c8065ebc.us-east-1.token.awswaf.com/ef64bc6981db/740c86c9aa24/04273f930fa9/challenge.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.245.60.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-109.fra60.r.cloudfront.net
Software: /
Resource Hash: b50f0e84fbe77abf65969fdab2a662426b0e5dfc3a41f36bf7cfe05e5aa8ae51

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://banking.firstfedtrust.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 20 May 2024 21:16:28 GMT
via: 1.1 5cf26f8164e0cad37f6634ff6aeac4ce.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,GET,POST
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-amzn-waf-challenge-id: Root=1-664bbdac-6021fc330dc167b967fbbed3
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=86400
content-length: 880
x-amz-cf-id: ya8I9jZUVxAK8kxv_5_FdoKFcR3pBxbBsEhSCEyqFXqY4VTxCPARGw==
expires: 0

GET
H2 410 Primary Request 7b819de490 Show response
banking.firstfedtrust.com/ 2 KB
3 KB 121ms
120ms Document
text/html 23.23.167.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://banking.firstfedtrust.com/7b819de490?l=56

Requested by

Host: banking.firstfedtrust.com
URL: https://banking.firstfedtrust.com/7b819de490?l=56

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.167.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-167-42.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

befdc0e88611851b4c53f3e5dc1e190834c29d289e15404b3ffed6d9f6560d55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://banking.firstfedtrust.com/7b819de490?l=56
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-cache
content-type: text/html; charset=utf-8
date: Mon, 20 May 2024 21:16:28 GMT
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-host-info: lw-prod-us-i-09ea3b3608d2092f7 ; 7ab042967e623923e817fbc8931e097004f737c7
x-permitted-cross-domain-policies: none
x-request-id: 481cba89-abaf-4865-b56c-ede1c2289f82
x-runtime: 0.005172
x-xss-protection: 1; mode=block

GET
H2 200 jquery.min.js Show response
banking.firstfedtrust.com/assets/ajax/libs/jquery/1.8.0/ 90 KB
33 KB 228ms
228ms Script
application/javascript 23.23.167.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://banking.firstfedtrust.com/assets/ajax/libs/jquery/1.8.0/jquery.min.js
Requested by: Host: banking.firstfedtrust.com
URL: https://banking.firstfedtrust.com/7b819de490?l=56
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.167.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-23-167-42.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: 8c574e0a06396dfa7064b8b460e0e4a8d5d0748c4aa66eb2e4efdfcb46da4b31

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://banking.firstfedtrust.com/7b819de490?l=56
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 21:16:28 GMT
content-encoding: gzip
last-modified: Thu, 11 Apr 2024 13:01:26 GMT
server: ThreatSim-Web-Server
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 all.js Show response
banking.firstfedtrust.com/assets/ 28 KB
7 KB 114ms
114ms Script
application/javascript 23.23.167.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://banking.firstfedtrust.com/assets/all.js?g=410
Requested by: Host: banking.firstfedtrust.com
URL: https://banking.firstfedtrust.com/7b819de490?l=56
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.167.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-23-167-42.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: 39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://banking.firstfedtrust.com/7b819de490?l=56
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 21:16:28 GMT
content-encoding: gzip
last-modified: Thu, 11 Apr 2024 13:01:26 GMT
server: ThreatSim-Web-Server
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
content-length: 7191
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 trace
banking.firstfedtrust.com/ 0
466 B 116ms
116ms Image
text/html 23.23.167.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://banking.firstfedtrust.com/trace?id=undefined&msg=window.tracking_id%20is%20not%20set%2C%20let%27s%20get%20it&correlation_id=undefined

Requested by

Host: banking.firstfedtrust.com
URL: https://banking.firstfedtrust.com/7b819de490?l=56

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.167.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-167-42.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://banking.firstfedtrust.com/7b819de490?l=56
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 21:16:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 92401a20-3700-4db8-93ea-184830d5728f
x-runtime: 0.001405
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0249dd4db3d5bbac8, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
banking.firstfedtrust.com/ 0
466 B 117ms
117ms Image
text/html 23.23.167.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://banking.firstfedtrust.com/trace?id=unknown&msg=get-id%20is%20undefined&correlation_id=undefined

Requested by

Host: banking.firstfedtrust.com
URL: https://banking.firstfedtrust.com/7b819de490?l=56

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.167.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-167-42.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://banking.firstfedtrust.com/7b819de490?l=56
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 21:16:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 3b68c0a4-f7ba-4413-9ef5-877ca0d9b549
x-runtime: 0.002064
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-04e567bbd45ed26b3, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
banking.firstfedtrust.com/ 0
466 B 118ms
117ms Image
text/html 23.23.167.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://banking.firstfedtrust.com/trace?id=unknown&msg=found%20guid%20in%20last%20part%20of%20location&correlation_id=undefined

Requested by

Host: banking.firstfedtrust.com
URL: https://banking.firstfedtrust.com/7b819de490?l=56

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.167.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-167-42.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://banking.firstfedtrust.com/7b819de490?l=56
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 21:16:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: b5c43b9a-024d-4003-a154-bbbb63c538d5
x-runtime: 0.001916
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0c1d85d7ca1fd3a79, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

POST
H2 200 browser_post Show response
banking.firstfedtrust.com/secure/ 0
487 B 127ms
127ms XHR
image/gif 23.23.167.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://banking.firstfedtrust.com/secure/browser_post

Requested by

Host: banking.firstfedtrust.com
URL: https://banking.firstfedtrust.com/assets/ajax/libs/jquery/1.8.0/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.167.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-167-42.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: */*
Referer: https://banking.firstfedtrust.com/7b819de490?l=56
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 21:16:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 9388059c-4112-42d6-81c5-19319d39ef58
x-runtime: 0.004156
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-09ea3b3608d2092f7, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding, Accept
x-frame-options: SAMEORIGIN
content-type: image/gif; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
banking.firstfedtrust.com/ 0
466 B 127ms
119ms Image
text/html 23.23.167.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://banking.firstfedtrust.com/trace?id=7b819de490&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=undefined

Requested by

Host: banking.firstfedtrust.com
URL: https://banking.firstfedtrust.com/7b819de490?l=56

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.167.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-167-42.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://banking.firstfedtrust.com/7b819de490?l=56
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 21:16:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 2fed2654-40b1-40fe-86e1-184b422e8adf
x-runtime: 0.001180
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0249dd4db3d5bbac8, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
banking.firstfedtrust.com/ 0
466 B 129ms
122ms Image
text/html 23.23.167.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://banking.firstfedtrust.com/trace?id=7b819de490&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=undefined

Requested by

Host: banking.firstfedtrust.com
URL: https://banking.firstfedtrust.com/7b819de490?l=56

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.167.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-167-42.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://banking.firstfedtrust.com/7b819de490?l=56
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 21:16:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 950e64bd-3e0a-4e6f-87bf-2824294e91d1
x-runtime: 0.002178
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0c1d85d7ca1fd3a79, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
banking.firstfedtrust.com/ 0
466 B 128ms
121ms Image
text/html 23.23.167.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://banking.firstfedtrust.com/trace?id=7b819de490&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=undefined

Requested by

Host: banking.firstfedtrust.com
URL: https://banking.firstfedtrust.com/7b819de490?l=56

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.167.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-167-42.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://banking.firstfedtrust.com/7b819de490?l=56
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 21:16:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: e37904a7-ee1a-4c65-9579-462bc2d34ac1
x-runtime: 0.001879
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-04e567bbd45ed26b3, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
banking.firstfedtrust.com/ 0
466 B 127ms
121ms Image
text/html 23.23.167.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://banking.firstfedtrust.com/trace?id=7b819de490&msg=BrowserDetect%20-%20browser%20%3D%20Chrome&correlation_id=undefined

Requested by

Host: banking.firstfedtrust.com
URL: https://banking.firstfedtrust.com/7b819de490?l=56

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.167.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-167-42.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://banking.firstfedtrust.com/7b819de490?l=56
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 21:16:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: fe204e5b-e6e3-454c-bd86-2ecda2ce5779
x-runtime: 0.001354
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-09ea3b3608d2092f7, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
banking.firstfedtrust.com/ 0
467 B 230ms
223ms Image
text/html 23.23.167.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://banking.firstfedtrust.com/trace?id=7b819de490&msg=BrowserDetect%20-%20browser_version%20%3D%20124&correlation_id=undefined

Requested by

Host: banking.firstfedtrust.com
URL: https://banking.firstfedtrust.com/7b819de490?l=56

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.167.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-167-42.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://banking.firstfedtrust.com/7b819de490?l=56
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 21:16:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 469f566c-5bb8-43e9-9ee6-94c77eb4e9d8
x-runtime: 0.002603
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0c1d85d7ca1fd3a79, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
banking.firstfedtrust.com/ 0
466 B 229ms
223ms Image
text/html 23.23.167.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://banking.firstfedtrust.com/trace?id=7b819de490&msg=BrowserDetect%20-%20os%20%3D%20Windows&correlation_id=undefined

Requested by

Host: banking.firstfedtrust.com
URL: https://banking.firstfedtrust.com/7b819de490?l=56

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.167.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-167-42.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://banking.firstfedtrust.com/7b819de490?l=56
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 21:16:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 4781222c-be8e-430b-b32b-d37a8f44ec72
x-runtime: 0.002692
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-04e567bbd45ed26b3, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
banking.firstfedtrust.com/ 0
466 B 231ms
225ms Image
text/html 23.23.167.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://banking.firstfedtrust.com/trace?id=7b819de490&msg=BrowserDetect%20-%20os_version%20%3D%2010&correlation_id=undefined

Requested by

Host: banking.firstfedtrust.com
URL: https://banking.firstfedtrust.com/7b819de490?l=56

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.167.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-167-42.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://banking.firstfedtrust.com/7b819de490?l=56
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 21:16:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 27846195-09d0-4df7-9f0a-eb0195868bb7
x-runtime: 0.002644
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-09ea3b3608d2092f7, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
banking.firstfedtrust.com/ 0
467 B 230ms
224ms Image
text/html 23.23.167.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://banking.firstfedtrust.com/trace?id=7b819de490&msg=BrowserDetect%20-%20language%20%3D%20de-DE&correlation_id=undefined

Requested by

Host: banking.firstfedtrust.com
URL: https://banking.firstfedtrust.com/7b819de490?l=56

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.167.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-167-42.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://banking.firstfedtrust.com/7b819de490?l=56
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 21:16:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 4d731761-d4b6-4592-95c8-450425c8d868
x-runtime: 0.001697
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0249dd4db3d5bbac8, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
banking.firstfedtrust.com/ 0
466 B 232ms
226ms Image
text/html 23.23.167.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://banking.firstfedtrust.com/trace?id=7b819de490&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=undefined

Requested by

Host: banking.firstfedtrust.com
URL: https://banking.firstfedtrust.com/7b819de490?l=56

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.167.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-167-42.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://banking.firstfedtrust.com/7b819de490?l=56
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 21:16:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 8e3158a0-c88f-42c8-bb3f-d2218cb936d1
x-runtime: 0.002541
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-04e567bbd45ed26b3, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
banking.firstfedtrust.com/ 0
466 B 231ms
225ms Image
text/html 23.23.167.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://banking.firstfedtrust.com/trace?id=7b819de490&msg=BrowserDetect%20-%20width%20%3D%201600&correlation_id=undefined

Requested by

Host: banking.firstfedtrust.com
URL: https://banking.firstfedtrust.com/7b819de490?l=56

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.167.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-167-42.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://banking.firstfedtrust.com/7b819de490?l=56
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 21:16:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 6e81bb3b-94f9-4eea-8b0d-45813f6e0629
x-runtime: 0.002850
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0c1d85d7ca1fd3a79, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
banking.firstfedtrust.com/ 0
465 B 236ms
230ms Image
text/html 23.23.167.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://banking.firstfedtrust.com/trace?id=7b819de490&msg=BrowserDetect%20-%20height%20%3D%201200&correlation_id=undefined

Requested by

Host: banking.firstfedtrust.com
URL: https://banking.firstfedtrust.com/7b819de490?l=56

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.167.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-167-42.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://banking.firstfedtrust.com/7b819de490?l=56
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 21:16:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 6ecc71e7-78be-40fc-b2ee-e308f1b2031a
x-runtime: 0.004997
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-09ea3b3608d2092f7, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
banking.firstfedtrust.com/ 0
466 B 229ms
224ms Image
text/html 23.23.167.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://banking.firstfedtrust.com/trace?id=7b819de490&msg=BrowserDetect%20-%20plugin%20PDF%20Viewer&correlation_id=undefined

Requested by

Host: banking.firstfedtrust.com
URL: https://banking.firstfedtrust.com/7b819de490?l=56

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.167.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-167-42.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://banking.firstfedtrust.com/7b819de490?l=56
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 21:16:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 4eeaacb5-d58b-4057-b55d-c5b41484737c
x-runtime: 0.002294
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0249dd4db3d5bbac8, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
banking.firstfedtrust.com/ 0
465 B 234ms
228ms Image
text/html 23.23.167.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://banking.firstfedtrust.com/trace?id=7b819de490&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Viewer&correlation_id=undefined

Requested by

Host: banking.firstfedtrust.com
URL: https://banking.firstfedtrust.com/7b819de490?l=56

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.167.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-167-42.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://banking.firstfedtrust.com/7b819de490?l=56
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 21:16:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 21eec02e-0d85-4a27-b232-e14bf61b13c6
x-runtime: 0.004689
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-04e567bbd45ed26b3, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
banking.firstfedtrust.com/ 0
466 B 232ms
227ms Image
text/html 23.23.167.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://banking.firstfedtrust.com/trace?id=7b819de490&msg=BrowserDetect%20-%20plugin%20Chromium%20PDF%20Viewer&correlation_id=undefined

Requested by

Host: banking.firstfedtrust.com
URL: https://banking.firstfedtrust.com/7b819de490?l=56

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.167.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-167-42.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://banking.firstfedtrust.com/7b819de490?l=56
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 21:16:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 99ce3093-11d0-485a-b3db-c2e1bff5ed34
x-runtime: 0.002557
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0c1d85d7ca1fd3a79, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
banking.firstfedtrust.com/ 0
465 B 237ms
232ms Image
text/html 23.23.167.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://banking.firstfedtrust.com/trace?id=7b819de490&msg=BrowserDetect%20-%20plugin%20Microsoft%20Edge%20PDF%20Viewer&correlation_id=undefined

Requested by

Host: banking.firstfedtrust.com
URL: https://banking.firstfedtrust.com/7b819de490?l=56

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.167.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-167-42.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://banking.firstfedtrust.com/7b819de490?l=56
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 21:16:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 08fe2135-a830-48a1-b843-c2c80f702220
x-runtime: 0.005967
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-09ea3b3608d2092f7, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
banking.firstfedtrust.com/ 0
466 B 238ms
233ms Image
text/html 23.23.167.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://banking.firstfedtrust.com/trace?id=7b819de490&msg=BrowserDetect%20-%20plugin%20WebKit%20built-in%20PDF&correlation_id=undefined

Requested by

Host: banking.firstfedtrust.com
URL: https://banking.firstfedtrust.com/7b819de490?l=56

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.167.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-167-42.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://banking.firstfedtrust.com/7b819de490?l=56
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 21:16:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 5a30924e-004b-4d90-ad63-4baa39affde7
x-runtime: 0.001243
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0c1d85d7ca1fd3a79, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 log
banking.firstfedtrust.com/ 0
475 B 231ms
226ms Image
image/gif 23.23.167.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://banking.firstfedtrust.com/log?id=7b819de490&sev=1&msg=PluginDetect%20is%20not%20defined&correlation_id=undefined

Requested by

Host: banking.firstfedtrust.com
URL: https://banking.firstfedtrust.com/7b819de490?l=56

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.167.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-167-42.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://banking.firstfedtrust.com/7b819de490?l=56
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 21:16:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: f9dc1eef-1428-46a1-9c96-0ecb629181c4
x-runtime: 0.002030
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0249dd4db3d5bbac8, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/gif; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
banking.firstfedtrust.com/ 0
466 B 236ms
231ms Image
text/html 23.23.167.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://banking.firstfedtrust.com/trace?id=7b819de490&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=undefined

Requested by

Host: banking.firstfedtrust.com
URL: https://banking.firstfedtrust.com/7b819de490?l=56

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.167.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-167-42.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://banking.firstfedtrust.com/7b819de490?l=56
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 21:16:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 46b7f60f-6679-48a3-b46d-bb2282c1844c
x-runtime: 0.002503
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-04e567bbd45ed26b3, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 log
banking.firstfedtrust.com/ 0
476 B 233ms
229ms Image
image/gif 23.23.167.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://banking.firstfedtrust.com/log?id=7b819de490&sev=1&msg=Cannot%20read%20properties%20of%20undefined%20(reading%20%27getVersion%27)&correlation_id=undefined

Requested by

Host: banking.firstfedtrust.com
URL: https://banking.firstfedtrust.com/7b819de490?l=56

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.167.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-167-42.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://banking.firstfedtrust.com/7b819de490?l=56
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 21:16:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: a7dd9b81-453b-4a56-957c-f83ba42cde43
x-runtime: 0.004507
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-09ea3b3608d2092f7, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/gif; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
banking.firstfedtrust.com/ 0
466 B 232ms
228ms Image
text/html 23.23.167.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://banking.firstfedtrust.com/trace?id=7b819de490&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=undefined

Requested by

Host: banking.firstfedtrust.com
URL: https://banking.firstfedtrust.com/7b819de490?l=56

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.167.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-167-42.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://banking.firstfedtrust.com/7b819de490?l=56
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 21:16:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: ec110235-0f09-4d94-af38-dd1e7450ae88
x-runtime: 0.002248
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0249dd4db3d5bbac8, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 log
banking.firstfedtrust.com/ 0
476 B 233ms
229ms Image
image/gif 23.23.167.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://banking.firstfedtrust.com/log?id=7b819de490&sev=1&msg=deployJava%20is%20not%20defined&correlation_id=undefined

Requested by

Host: banking.firstfedtrust.com
URL: https://banking.firstfedtrust.com/7b819de490?l=56

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.167.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-167-42.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://banking.firstfedtrust.com/7b819de490?l=56
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 21:16:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: be4ae8c1-bfdc-43c6-bff2-0db5a35dc83a
x-runtime: 0.002584
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-09ea3b3608d2092f7, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/gif; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
banking.firstfedtrust.com/ 0
466 B 232ms
228ms Image
text/html 23.23.167.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://banking.firstfedtrust.com/trace?id=7b819de490&msg=java_version%20%3D%20undefined&correlation_id=undefined

Requested by

Host: banking.firstfedtrust.com
URL: https://banking.firstfedtrust.com/7b819de490?l=56

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.167.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-167-42.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://banking.firstfedtrust.com/7b819de490?l=56
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 21:16:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 43eaa1d9-53ca-429b-8394-9cd2f0d5aac0
x-runtime: 0.001211
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0c1d85d7ca1fd3a79, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
banking.firstfedtrust.com/ 0
466 B 236ms
232ms Image
text/html 23.23.167.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://banking.firstfedtrust.com/trace?id=7b819de490&msg=Loading%20flash%20version&correlation_id=undefined

Requested by

Host: banking.firstfedtrust.com
URL: https://banking.firstfedtrust.com/7b819de490?l=56

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.167.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-167-42.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://banking.firstfedtrust.com/7b819de490?l=56
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 21:16:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 1d6cf30c-8f81-42c9-9d2f-5917ade7a85a
x-runtime: 0.003087
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-04e567bbd45ed26b3, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
banking.firstfedtrust.com/ 0
465 B 235ms
232ms Image
text/html 23.23.167.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://banking.firstfedtrust.com/trace?id=7b819de490&msg=Loading%20pdf%20version&correlation_id=undefined

Requested by

Host: banking.firstfedtrust.com
URL: https://banking.firstfedtrust.com/7b819de490?l=56

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.167.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-167-42.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://banking.firstfedtrust.com/7b819de490?l=56
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 21:16:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: dc4dccd0-6aa6-4a29-a1c9-30d00130c697
x-runtime: 0.001194
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0249dd4db3d5bbac8, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
banking.firstfedtrust.com/ 0
465 B 235ms
232ms Image
text/html 23.23.167.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://banking.firstfedtrust.com/trace?id=7b819de490&msg=Loading%20quicktime%20version&correlation_id=undefined

Requested by

Host: banking.firstfedtrust.com
URL: https://banking.firstfedtrust.com/7b819de490?l=56

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.167.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-167-42.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://banking.firstfedtrust.com/7b819de490?l=56
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 21:16:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: e2c8ec39-8490-4cda-9709-d1952bbc0111
x-runtime: 0.002202
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0c1d85d7ca1fd3a79, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
banking.firstfedtrust.com/ 0
466 B 233ms
230ms Image
text/html 23.23.167.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://banking.firstfedtrust.com/trace?id=7b819de490&msg=Loading%20RealPlayer%20version&correlation_id=undefined

Requested by

Host: banking.firstfedtrust.com
URL: https://banking.firstfedtrust.com/7b819de490?l=56

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.167.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-167-42.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://banking.firstfedtrust.com/7b819de490?l=56
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 21:16:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 69013fc8-8d27-49fe-a8fa-d28d607a1b8f
x-runtime: 0.002587
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-04e567bbd45ed26b3, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
banking.firstfedtrust.com/ 0
466 B 230ms
227ms Image
text/html 23.23.167.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://banking.firstfedtrust.com/trace?id=7b819de490&msg=Loading%20Silverlight%20version&correlation_id=undefined

Requested by

Host: banking.firstfedtrust.com
URL: https://banking.firstfedtrust.com/7b819de490?l=56

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.167.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-167-42.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://banking.firstfedtrust.com/7b819de490?l=56
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 21:16:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 5f3ed1e8-50fa-486a-afca-0a89b0576878
x-runtime: 0.001507
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0249dd4db3d5bbac8, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
banking.firstfedtrust.com/ 0
465 B 233ms
231ms Image
text/html 23.23.167.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://banking.firstfedtrust.com/trace?id=7b819de490&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=undefined

Requested by

Host: banking.firstfedtrust.com
URL: https://banking.firstfedtrust.com/7b819de490?l=56

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.167.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-167-42.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://banking.firstfedtrust.com/7b819de490?l=56
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 21:16:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 30f65ddc-c6dd-4eb0-81ea-a4a0ceaf12e5
x-runtime: 0.003378
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-09ea3b3608d2092f7, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
banking.firstfedtrust.com/ 0
466 B 235ms
233ms Image
text/html 23.23.167.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://banking.firstfedtrust.com/trace?id=7b819de490&msg=redirect_url%20is%20undefined&correlation_id=undefined

Requested by

Host: banking.firstfedtrust.com
URL: https://banking.firstfedtrust.com/7b819de490?l=56

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.167.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-167-42.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://banking.firstfedtrust.com/7b819de490?l=56
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 21:16:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: d0140ae8-8673-463a-ac2d-e7217d97b40a
x-runtime: 0.002001
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-0c1d85d7ca1fd3a79, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
banking.firstfedtrust.com/ 0
466 B 117ms
116ms Image
text/html 23.23.167.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://banking.firstfedtrust.com/trace?id=7b819de490&msg=browser_post_successful&correlation_id=undefined

Requested by

Host: banking.firstfedtrust.com
URL: https://banking.firstfedtrust.com/7b819de490?l=56

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.23.167.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-167-42.compute-1.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://banking.firstfedtrust.com/7b819de490?l=56
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 21:16:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 84fdf275-5aec-4b48-9680-104cee913387
x-runtime: 0.001297
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-us-i-09ea3b3608d2092f7, ; 7ab042967e623923e817fbc8931e097004f737c7
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 favicon.ico
banking.firstfedtrust.com/ 0
160 B 114ms
114ms Other
image/x-icon 23.23.167.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://banking.firstfedtrust.com/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.167.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-23-167-42.compute-1.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://banking.firstfedtrust.com/7b819de490?l=56
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 21:16:29 GMT
last-modified: Thu, 11 Apr 2024 13:01:26 GMT
server: ThreatSim-Web-Server
etag: "6617df26-0"
content-type: image/x-icon
access-control-allow-origin: *
accept-ranges: bytes
content-length: 0

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.banking.firstfedtrust.com/	1970-01-20 20:49:45	Name: aws-waf-token Value: 8d59ff5e-a1ff-448f-bb32-3ca76941e5af:EQoApjqT5ckOAQAA:yyP20bIhdOnlN4NVXux0PtXk9CWFjeuvlg7Y2544ovnDQtLQxmS7E+DLqklDDKFZg/5Bp1H+MS8OkBO3jO52DoQIk5BIWg19XebdOeKp8TXbbHiWfyHkvpdgwPEHuwqV8/+/DR8nv8zHVRpFVsHgp/9To/FvXs9Ln4ISuxIGbH7GS1uGzMcTJOCtHvJ7L50u0ZGM4PjtDZM0qBlXAb3Qqjd3A9GHmwPTa1a45iGT8QBP6dwEmJOvUIqmPBx0XTsUI4mye0varVWo8DoA3RpwmCfweEs=
banking.firstfedtrust.com/	1969-12-31 23:59:59	Name: EXFILGUID Value: 7b819de490
banking.firstfedtrust.com/	1969-12-31 23:59:59	Name: link_clicked_7b819de490 Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://banking.firstfedtrust.com/7b819de490?l=56 Message: Failed to load resource: the server responded with a status of 410 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

banking.firstfedtrust.com
ef64bc6981db.c8065ebc.us-east-1.token.awswaf.com
18.245.60.109
23.23.167.42
1cd3a203ef570d42586423f142b7d1559dcea2fc4b11cb1bfd1dbbac7f905ae3
39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9
8c574e0a06396dfa7064b8b460e0e4a8d5d0748c4aa66eb2e4efdfcb46da4b31
b50f0e84fbe77abf65969fdab2a662426b0e5dfc3a41f36bf7cfe05e5aa8ae51
bb007dc5d4c0ce1175ed5932750f49d615f1756341d90e82e1979a9ff97cf422
befdc0e88611851b4c53f3e5dc1e190834c29d289e15404b3ffed6d9f6560d55
ce494974d0af3af6bfb388ec2c88e395dd4007f436feaa387cf392ff356c8939
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

banking.firstfedtrust.com Open in urlscan Pro 23.23.167.42 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

43 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

347 kBTransfer

1192 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

banking.firstfedtrust.com Open in urlscan Pro
23.23.167.42 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

347 kB
Transfer

1192 kB
Size

3
Cookies

43 HTTP transactions
0 data transactions