| login.micrasoft-395office.com/assets/all.js?g=bc1e9eca71 | 34.248.78.201 | | 7.2 kB |
URL login.micrasoft-395office.com/assets/all.js?g=bc1e9eca71 IP34.248.78.201:0
File typeJavaScript source, ASCII text Hash097f74fc8f861ece148262a652ab806a 305ecb552c3ff6bd24b56333fab6e731eb81ed30 39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9
GET /assets/all.js?g=bc1e9eca71 HTTP/1.1
Host: login.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/zgy-vign-wwh/a9bc1e936eca71d0?l=107
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 23 Apr 2024 09:51:03 GMT
content-type: application/javascript
content-length: 7191
last-modified: Thu, 11 Apr 2024 12:55:27 GMT
vary: Accept-Encoding
content-encoding: gzip
server: ThreatSim-Web-Server
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=bc1e9eca71&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 | 3.5.16.103 | 200 OK | 50 kB |
URL GET HTTP/1.1tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=bc1e9eca71&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP3.5.16.103:443
Requested byhttps://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 CertificateIssuerAmazon Subject*.s3.amazonaws.com FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1 ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (306) Hash00a513f07603df01e3b99be00f370754 f0c03b1c50f39c95075df687cd55f18861631526 4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a
GET /detect/plugin_detect.js?guid=bc1e9eca71&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: FMWc7D2F2yl2X3+6PIw8j9IprCfJTFkx+MFfOvQQf6StMOdJCSUtSZviTolf/DHopw/6CsErVdQj1FkJXLUctQ==
x-amz-request-id: 3CD96PK70PCVJ36C
Date: Tue, 23 Apr 2024 09:51:06 GMT
Last-Modified: Wed, 15 Feb 2017 17:56:07 GMT
ETag: "00a513f07603df01e3b99be00f370754"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 50085
|
|
| login.micrasoft-395office.com/favicon.ico | 34.248.78.201 | 200 OK | 0 B |
URL GET HTTP/2login.micrasoft-395office.com/favicon.ico IP34.248.78.201:443
Requested byhttps://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: login.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/zgy-vign-wwh/a9bc1e936eca71d0?l=107
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 23 Apr 2024 09:51:05 GMT
content-type: image/x-icon
content-length: 0
last-modified: Thu, 11 Apr 2024 12:55:27 GMT
etag: "6617ddbf-0"
server: ThreatSim-Web-Server
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| login.micrasoft-395office.com/trace?id=bc1e9eca71&msg=BrowserDetect%20-%20browser%20%3D%20Firefox&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 | 34.248.78.201 | | 3.0 kB |
URL login.micrasoft-395office.com/trace?id=bc1e9eca71&msg=BrowserDetect%20-%20browser%20%3D%20Firefox&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP34.248.78.201:0
File typeJavaScript source, ASCII text, with very long lines (6636), with no line terminators Hash85ff02da974c920ae6bfe5f6a602183f 849d4c02a6a1330e70ef6b53c5e50e56704e664a 9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc
GET /trace?id=bc1e9eca71&msg=BrowserDetect%20-%20browser%20%3D%20Firefox&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1
Host: login.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/zgy-vign-wwh/a9bc1e936eca71d0?l=107
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 23 Apr 2024 09:51:05 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 644d6566-8056-4373-abb2-2ad7bc9db3de
x-runtime: 0.001622
x-host-info: lw-prod-eu-i-06164ae2ecae76ca0, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| login.micrasoft-395office.com/assets/all.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015 | 34.248.78.201 | 200 OK | 7.2 kB |
URL GET HTTP/2login.micrasoft-395office.com/assets/all.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015 IP34.248.78.201:443
Requested byhttps://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
File typeJavaScript source, ASCII text Hash097f74fc8f861ece148262a652ab806a 305ecb552c3ff6bd24b56333fab6e731eb81ed30 39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9
GET /assets/all.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015 HTTP/1.1
Host: login.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 23 Apr 2024 09:51:07 GMT
content-type: application/javascript
content-length: 7191
last-modified: Thu, 11 Apr 2024 12:55:30 GMT
vary: Accept-Encoding
content-encoding: gzip
server: ThreatSim-Web-Server
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| login.micrasoft-395office.com/assets/all.js?guid=bc1e9eca71&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 | 34.248.78.201 | 200 OK | 7.2 kB |
URL GET HTTP/2login.micrasoft-395office.com/assets/all.js?guid=bc1e9eca71&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP34.248.78.201:443
Requested byhttps://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
File typeJavaScript source, ASCII text Hash097f74fc8f861ece148262a652ab806a 305ecb552c3ff6bd24b56333fab6e731eb81ed30 39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9
GET /assets/all.js?guid=bc1e9eca71&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1
Host: login.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 23 Apr 2024 09:51:07 GMT
content-type: application/javascript
content-length: 7191
last-modified: Thu, 11 Apr 2024 12:55:27 GMT
vary: Accept-Encoding
content-encoding: gzip
server: ThreatSim-Web-Server
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| login.micrasoft-395office.com/assets/ajax/libs/jquery/1.9.1/jquery.min.js | 34.248.78.201 | | 66 kB |
URL login.micrasoft-395office.com/assets/ajax/libs/jquery/1.9.1/jquery.min.js IP34.248.78.201:0
File typeJavaScript source, ASCII text, with very long lines (32089) Hash7eef2fd8e979c1f6a9d37b5ec0ac9625 1487da2c7fbab89ad1c6d4798502af58ba859479 7037d9eca0ef430e6d4b0a848d06ceb8644617af872f65427a95a1c24f366761
GET /assets/ajax/libs/jquery/1.9.1/jquery.min.js HTTP/1.1
Host: login.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/zgy-vign-wwh/a9bc1e936eca71d0?l=107
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 23 Apr 2024 09:51:03 GMT
content-type: application/javascript
last-modified: Thu, 11 Apr 2024 12:55:27 GMT
vary: Accept-Encoding
server: ThreatSim-Web-Server
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| login.micrasoft-395office.com/trace?id=bc1e9eca71&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 | 34.248.78.201 | | 20 B |
URL login.micrasoft-395office.com/trace?id=bc1e9eca71&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP34.248.78.201:0
File typegzip compressed data, max compression, from Unix Hash4a4dd3598707603b3f76a2378a4504aa a0fddd5458378c1bf3c10dd2f5c060d1347741ed f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=bc1e9eca71&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1
Host: login.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/zgy-vign-wwh/a9bc1e936eca71d0?l=107
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 23 Apr 2024 09:51:05 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: ddd8a965-9159-4c74-a17d-9a3174e802e3
x-runtime: 0.001339
x-host-info: lw-prod-eu-i-0630ecaca960f15d1, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| login.micrasoft-395office.com/trace?id=bc1e9eca71&msg=BrowserDetect%20-%20browser_version%20%3D%2096&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 | 34.248.78.201 | | 10 kB |
URL login.micrasoft-395office.com/trace?id=bc1e9eca71&msg=BrowserDetect%20-%20browser_version%20%3D%2096&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP34.248.78.201:0
File typegzip compressed data, max compression, from Unix Hashd65588a4a449b5ff55c1aeb001b12fa4 d846659a32c9045c1462c40e9e323366d866ed62 27397fbfe80d181a369f71cd9af6b87fa7854ab0dd50536a025839d44d2d7fc1
GET /trace?id=bc1e9eca71&msg=BrowserDetect%20-%20browser_version%20%3D%2096&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1
Host: login.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/zgy-vign-wwh/a9bc1e936eca71d0?l=107
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 23 Apr 2024 09:51:05 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: b1a8bd4a-0804-429e-b860-8c9eceee5aad
x-runtime: 0.001952
x-host-info: lw-prod-eu-i-0acc5e90dd72f7192, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| tslp.s3.amazonaws.com/training/embedded/css/url.css | 3.5.16.103 | 200 OK | 6.4 kB |
URL GET HTTP/1.1tslp.s3.amazonaws.com/training/embedded/css/url.css IP3.5.16.103:443
Requested byhttps://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 CertificateIssuerAmazon Subject*.s3.amazonaws.com FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1 ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (412) Hash0560febf38cfe916ab8ffbee8ce4e9fc 5e41bb9b576db52bcea94264b9929a286a20a0f4 18fd69a3bb1fc61221c8d6c3bbbd177c38a21d96392bf2b403ddd9969615cf22
GET /training/embedded/css/url.css HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: Cr8gRMZGQ5JZKUaVWHVeMolt8p5KrWzJfKEL8+PtWSAIwbC4gqM4H7G5J6v4ndDSyHU60j6Ftf/tsanw1eIZoA==
x-amz-request-id: RE4T9W3FAXZEE760
Date: Tue, 23 Apr 2024 09:51:08 GMT
Last-Modified: Fri, 26 Aug 2022 14:07:46 GMT
ETag: "0560febf38cfe916ab8ffbee8ce4e9fc"
x-amz-server-side-encryption: AES256
x-amz-version-id: jWFW6Vb_IckPQFjf7Ej9_NT_HlQSyGGs
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Content-Length: 6367
|
|
| tslp.s3.amazonaws.com/detect/java.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015 | 52.217.160.9 | 200 OK | 51 kB |
URL GET HTTP/1.1tslp.s3.amazonaws.com/detect/java.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015 IP52.217.160.9:443
Requested byhttps://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 CertificateIssuerAmazon Subject*.s3.amazonaws.com FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1 ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text Hash2bec0061039dc3fb25fc20aaf611d5b9 dfc11b0662ac5950d309e2615e887032dd1dde0c 4805fc6abdad8075af2165e241b781c3073d4769ae725e4004bf79064acb5f24
GET /detect/java.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015 HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: tC25fUR6xDBMOL0Fh6RmnqjLqSw4Wg/sTTee7jU1k4GkI4+gT1gIN5nCr/wY/WtO/mEQ4T3V5Oc=
x-amz-request-id: RE4N2TXQKF05X5A1
Date: Tue, 23 Apr 2024 09:51:08 GMT
Last-Modified: Wed, 15 Feb 2017 14:38:28 GMT
ETag: "2bec0061039dc3fb25fc20aaf611d5b9"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 50717
|
|
| login.micrasoft-395office.com/trace?id=bc1e9eca71&msg=BrowserDetect%20-%20os_version%20%3D%20&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 | 34.248.78.201 | | 6.7 kB |
URL login.micrasoft-395office.com/trace?id=bc1e9eca71&msg=BrowserDetect%20-%20os_version%20%3D%20&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP34.248.78.201:0
File typegzip compressed data, max compression, from Unix Hash76e58a6289e331a62a86eafc1f78758b f9727eb5d709070e2e3d4424afb47e63f6968c5a c75f54ecf0177241a4a318ec8fde5cbc362399f3f2b14b755681f22628683a5d
GET /trace?id=bc1e9eca71&msg=BrowserDetect%20-%20os_version%20%3D%20&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1
Host: login.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/zgy-vign-wwh/a9bc1e936eca71d0?l=107
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 23 Apr 2024 09:51:05 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 439b790d-d918-43b4-ab98-5906968a5994
x-runtime: 0.001490
x-host-info: lw-prod-eu-i-034fcb0b4e2cb4302, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| login.micrasoft-395office.com/trace?id=bc1e9eca71&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 | 34.248.78.201 | | 50 kB |
URL login.micrasoft-395office.com/trace?id=bc1e9eca71&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP34.248.78.201:0
File typegzip compressed data, max compression, from Unix Hashf2f4fa7eda51f74581438a4c5e7c12e0 33c902a729bbe306c1d3f7fa74d945a4c75c8bdb cc9fce99b13d9f82a8586b345d08cbc1a57112aa2e5b85a86c9062b6910d5028
GET /trace?id=bc1e9eca71&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1
Host: login.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/zgy-vign-wwh/a9bc1e936eca71d0?l=107
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 23 Apr 2024 09:51:05 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: e19f6fef-8b3c-4ee4-967f-0ab9275a3f4e
x-runtime: 0.001284
x-host-info: lw-prod-eu-i-0630ecaca960f15d1, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| login.micrasoft-395office.com/trace?id=bc1e9eca71&msg=BrowserDetect%20-%20plugin%20WebKit%20built-in%20PDF&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 | 34.248.78.201 | | 23 kB |
URL login.micrasoft-395office.com/trace?id=bc1e9eca71&msg=BrowserDetect%20-%20plugin%20WebKit%20built-in%20PDF&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP34.248.78.201:0
File typegzip compressed data, max compression, from Unix Hash0bc582c81c9bd7cc0fc71ad56574a24e 60b471311daaa38eff972065dc1ac441654b27f1 f75f028e64084613e027f2dfab2e3c83be97f056c6782095015a0863a1c0eecb
GET /trace?id=bc1e9eca71&msg=BrowserDetect%20-%20plugin%20WebKit%20built-in%20PDF&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1
Host: login.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/zgy-vign-wwh/a9bc1e936eca71d0?l=107
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 23 Apr 2024 09:51:05 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 4c3b8697-d7ea-428d-a754-0fe8000b1b5e
x-runtime: 0.001901
x-host-info: lw-prod-eu-i-0630ecaca960f15d1, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| login.micrasoft-395office.com/trace?id=bc1e9eca71&msg=BrowserDetect%20-%20height%20%3D%201024&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 | 34.248.78.201 | | 5.5 kB |
URL login.micrasoft-395office.com/trace?id=bc1e9eca71&msg=BrowserDetect%20-%20height%20%3D%201024&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP34.248.78.201:0
File typeJavaScript source, ASCII text, with very long lines (18444), with no line terminators Hash9c1ae8d324e45716080572dfc20993a3 0afdd5636017b31750dd4e1a41ced118aaa5d3ab 358bb442f5d81ddc8e393d922458a9d84010efee2c346763ae87a45be92224d1
GET /trace?id=bc1e9eca71&msg=BrowserDetect%20-%20height%20%3D%201024&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1
Host: login.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/zgy-vign-wwh/a9bc1e936eca71d0?l=107
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 23 Apr 2024 09:51:05 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 25758d5b-68d1-4e79-9f33-f2d7ce89cc6d
x-runtime: 0.001808
x-host-info: lw-prod-eu-i-034fcb0b4e2cb4302, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=bc1e9eca71&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 | 3.5.29.187 | 200 OK | 50 kB |
URL GET HTTP/1.1tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=bc1e9eca71&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP3.5.29.187:443
Requested byhttps://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 CertificateIssuerAmazon Subject*.s3.amazonaws.com FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1 ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (306) Hash00a513f07603df01e3b99be00f370754 f0c03b1c50f39c95075df687cd55f18861631526 4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a
GET /detect/plugin_detect.js?guid=bc1e9eca71&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: e+64Yv7ty0lqWk1itBa6odwexMDv87o4WBTEGL69EHHAwbWoaQbCqdhuPOIoGQVAYI+k9gKxe9y4CH/G0mfhsQlwgrJTw7O224tF9FzAlG8=
x-amz-request-id: RE4P5MCQ8V3F30P9
Date: Tue, 23 Apr 2024 09:51:08 GMT
Last-Modified: Wed, 15 Feb 2017 17:56:07 GMT
ETag: "00a513f07603df01e3b99be00f370754"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 50085
|
|
| tslp.s3.amazonaws.com/detect/wmp.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015 | 3.5.16.103 | 200 OK | 5.9 kB |
URL GET HTTP/1.1tslp.s3.amazonaws.com/detect/wmp.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015 IP3.5.16.103:443
Requested byhttps://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 CertificateIssuerAmazon Subject*.s3.amazonaws.com FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1 ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text Hashffd2cc77bb64d40beeb5d561fffe1f79 6cb535641677d27e4de591ceb3c4e2f408826e7d cdb16ca3ddd3cead71121799751fa80d3033375abcdbc5fc84d35fb82c7fc9de
GET /detect/wmp.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015 HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: 2On8eSnqMCUDPi10OYI4HG7PBzJGwU5AcqhV4osiSSuAOBw2JFRUYcNUVRBQ0b77dwn/6G1uWAZ5LSBAel2+Vw==
x-amz-request-id: RE4HKY65FQJ9CNA5
Date: Tue, 23 Apr 2024 09:51:08 GMT
Last-Modified: Wed, 15 Feb 2017 15:07:14 GMT
ETag: "ffd2cc77bb64d40beeb5d561fffe1f79"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 5941
|
|
| login.micrasoft-395office.com/trace?id=bc1e9eca71&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Viewer&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 | 34.248.78.201 | | 8.2 kB |
URL login.micrasoft-395office.com/trace?id=bc1e9eca71&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Viewer&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP34.248.78.201:0
File typegzip compressed data, max compression, from Unix Hash52cdb3f9e7c6987ff16bf1c988c987f6 fac8c16271ac48ccd294dbd30df39ebb91b2a2ae ab50d4ac8b0d15ca92aaadf1f668b4769c3afaf30e6dae798cfe5a1acd744f96
GET /trace?id=bc1e9eca71&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Viewer&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1
Host: login.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/zgy-vign-wwh/a9bc1e936eca71d0?l=107
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 23 Apr 2024 09:51:05 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: ea986aa5-5bba-435e-a016-d56d6ada7792
x-runtime: 0.001570
x-host-info: lw-prod-eu-i-0acc5e90dd72f7192, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| tslp.s3.amazonaws.com/assets/js/training.js | 3.5.29.187 | 200 OK | 352 B |
URL GET HTTP/1.1tslp.s3.amazonaws.com/assets/js/training.js IP3.5.29.187:443
Requested byhttps://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 CertificateIssuerAmazon Subject*.s3.amazonaws.com FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1 ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text Hash029ab28ca3c245dc425e3f3f6599d480 845057d3630d0a06e797a7049b3e9658d7650af1 8a1170223599205267c6ee3a3072855f1727461d9dd1066bb94f39180f963af9
GET /assets/js/training.js HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: zxb22iYjFf7z/D8RDi9C6dyhjKviebSTErcNuEhDi5RHQAyNbEIEKu0lNIAh5DnqhuDJnQEB3m8ErASO+DTTotXzyhWDJUcKOMt6zwy2j3M=
x-amz-request-id: RE4KR27QNN9MNHAP
Date: Tue, 23 Apr 2024 09:51:08 GMT
Last-Modified: Fri, 26 Aug 2022 14:07:38 GMT
ETag: "029ab28ca3c245dc425e3f3f6599d480"
x-amz-server-side-encryption: AES256
x-amz-version-id: 6KvPBARKn9Wl5VW3Hl_LtK2bIq68QrGH
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Length: 352
|
|
| tslp.s3.amazonaws.com/detect/quicktime.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015 | 3.5.29.187 | 200 OK | 7.0 kB |
URL GET HTTP/1.1tslp.s3.amazonaws.com/detect/quicktime.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015 IP3.5.29.187:443
Requested byhttps://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 CertificateIssuerAmazon Subject*.s3.amazonaws.com FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1 ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (322) Hashee73f2f47d51116dc40b85a6b57eaf20 6c42011667bac1fa6c3272a11b510f22962d72a2 6ae53963f41133561c78b4332b564c01f551c471cd91d980436a9f5dacdd8f19
GET /detect/quicktime.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015 HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: Jig8MTRQVHblT++mIs4UBiXrCiZZ5kLwHdGIpHmltuSt9K5YgucxfeuIdWV0S5lIS7gDBeww4F8rTtzaSqW8HL/5FW5lLwYH6M4CYqJ2Dsg=
x-amz-request-id: RE4KZ7FSF2MBFGQ3
Date: Tue, 23 Apr 2024 09:51:08 GMT
Last-Modified: Wed, 15 Feb 2017 14:41:05 GMT
ETag: "ee73f2f47d51116dc40b85a6b57eaf20"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 6999
|
|
| login.micrasoft-395office.com/trace?id=bc1e9eca71&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 | 34.248.78.201 | | 9.8 kB |
URL login.micrasoft-395office.com/trace?id=bc1e9eca71&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP34.248.78.201:0
File typegzip compressed data, max compression, from Unix Hash3bf28611f90271a98147092c62f9813a 55f39985c0c75b98fa66ababed4cb021c29b41e6 86045c3e64cd830e3e9da9540ac37e0e2b41f98ede5f2e767ba46f1d3e2176ce
GET /trace?id=bc1e9eca71&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1
Host: login.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/zgy-vign-wwh/a9bc1e936eca71d0?l=107
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 23 Apr 2024 09:51:05 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 96855801-49d6-4920-a6fd-947fc46d48c4
x-runtime: 0.001345
x-host-info: lw-prod-eu-i-06164ae2ecae76ca0, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| tslp.s3.amazonaws.com/detect/silverlight.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015 | 3.5.29.187 | 200 OK | 4.2 kB |
URL GET HTTP/1.1tslp.s3.amazonaws.com/detect/silverlight.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015 IP3.5.29.187:443
Requested byhttps://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 CertificateIssuerAmazon Subject*.s3.amazonaws.com FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1 ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text Hashe6dd596d2bc204ea573b868b92028c26 fa58bba4c9a01b3764a881949a8423b773d8a338 0730a7e6770925fa4232096e4d9874514985ec791a63fe873f0e4e3cd7722381
GET /detect/silverlight.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015 HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: bdqfHdcnqjFKN7UPQtGZZ+NgXHm4oH29oN7Ipcz7usF+07lBPsy3kvHC07y4+Mq+7bxpdluMD2WWP+KWvvefYA/byZz+P+AjSGwzP4UWkLs=
x-amz-request-id: RE4JNR37W3RKSW57
Date: Tue, 23 Apr 2024 09:51:08 GMT
Last-Modified: Wed, 15 Feb 2017 18:00:03 GMT
ETag: "e6dd596d2bc204ea573b868b92028c26"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 4234
|
|
| ts-eu-uploads.s3-eu-west-1.amazonaws.com/training/production/11963/il-mio-progetto-7ea2fe.png | 3.5.65.69 | 200 OK | 5.6 kB |
URL GET HTTP/1.1ts-eu-uploads.s3-eu-west-1.amazonaws.com/training/production/11963/il-mio-progetto-7ea2fe.png IP3.5.65.69:443
Requested byhttps://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 CertificateIssuerAmazon Subject*.s3-eu-west-1.amazonaws.com Fingerprint49:42:4E:99:9B:99:CB:89:18:03:B0:67:44:1E:3F:5D:9A:CD:21:1C ValidityWed, 31 Jan 2024 00:00:00 GMT - Wed, 15 Jan 2025 23:59:59 GMT
File typePNG image data, 92 x 100, 8-bit/color RGBA, non-interlaced Hashaa5fe6a7e7b850509567be1b7b5ec1a5 4ff0dca424c4726d340235a3a04ea4cd23e788f6 e92392b88ac36e39771d2002d7271dbd3013c918c14322fb5b07e3298bebf079
GET /training/production/11963/il-mio-progetto-7ea2fe.png HTTP/1.1
Host: ts-eu-uploads.s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: 9ngkQMLMXfK7OaPolL1r6XxHXJNj30/XUimzHAzSd70b9g1hmZFdf6gaxwihXyWDDw2/eDPbyYAbIB4f9ojj0A==
x-amz-request-id: SD5576SDBMM6XJVK
Date: Tue, 23 Apr 2024 09:51:09 GMT
Last-Modified: Wed, 11 Jan 2023 09:07:23 GMT
ETag: "aa5fe6a7e7b850509567be1b7b5ec1a5"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 5636
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.227 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.227:443
Requested byhttps://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://login.micrasoft-395office.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:35:00 GMT
expires: Fri, 18 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 458168
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.227 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.227:443
Requested byhttps://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://login.micrasoft-395office.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:35:00 GMT
expires: Fri, 18 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 458168
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| login.micrasoft-395office.com/favicon.ico | 34.248.78.201 | 200 OK | 0 B |
URL GET HTTP/2login.micrasoft-395office.com/favicon.ico IP34.248.78.201:443
Requested byhttps://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: login.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 23 Apr 2024 09:51:08 GMT
content-type: image/x-icon
content-length: 0
last-modified: Thu, 11 Apr 2024 12:55:27 GMT
etag: "6617ddbf-0"
server: ThreatSim-Web-Server
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 | 34.248.78.201 | 200 OK | 491 B |
URL GET HTTP/2login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP34.248.78.201:443
Requested byhttps://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
File typegzip compressed data, max compression, from Unix Hashf335071fc0dc43230a60348526973c8f f56a941f7e2bfaeaa348db20bcf7609a398b8fb0 d6c4471711a9b22d28f68d944bd1c1a0f0e9014097e658e6d0233a7c779a9841
GET /trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1
Host: login.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 23 Apr 2024 09:51:08 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 03441a11-bb97-418c-aa0e-0505e0206b6f
x-runtime: 0.001597
x-host-info: lw-prod-eu-i-0630ecaca960f15d1, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| login.micrasoft-395office.com/assets/ajax/libs/jquery/1.11.0/jquery.min.js | 34.248.78.201 | 200 OK | 35 kB |
URL GET HTTP/2login.micrasoft-395office.com/assets/ajax/libs/jquery/1.11.0/jquery.min.js IP34.248.78.201:443
Requested byhttps://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
File typegzip compressed data, max compression, from Unix Hashe273bbf1684cba335a64710835ee5925 af43f3f68d706fc3d0882fd9545f6f1a0eee0a28 263070d5bf19ee19c8d6163fd8dc35fed48b311592de3f594fec93348054fedb
GET /assets/ajax/libs/jquery/1.11.0/jquery.min.js HTTP/1.1
Host: login.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 23 Apr 2024 09:51:08 GMT
content-type: application/javascript
last-modified: Thu, 11 Apr 2024 12:55:30 GMT
vary: Accept-Encoding
server: ThreatSim-Web-Server
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.java.com/js/deployJava.js | 23.36.79.9 | 200 OK | 18 kB |
URL GET HTTP/2www.java.com/js/deployJava.js IP23.36.79.9:443 ASN#20940 Akamai International B.V.
Requested byhttps://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 CertificateIssuerDigiCert Inc Subjectjava.com FingerprintD2:86:EC:2F:2D:A7:69:D4:DC:A9:2C:40:B0:01:98:0B:DD:A0:0E:BF ValiditySat, 14 Oct 2023 00:00:00 GMT - Wed, 16 Oct 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (18444), with no line terminators Hash9c1ae8d324e45716080572dfc20993a3 0afdd5636017b31750dd4e1a41ced118aaa5d3ab 358bb442f5d81ddc8e393d922458a9d84010efee2c346763ae87a45be92224d1
GET /js/deployJava.js HTTP/1.1
Host: www.java.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
content-disposition: attachment; filename="deployJava.js";filename*=UTF-8''deployJava.js
content-encoding: gzip
etag: "D07B023847CD4DC5C4ED4AB4FC46AD47BDD6E99A0663:19"
x-oracle-dms-ecid: 99e0c31d-6d93-4d4a-9f00-e33f61836c5d-0035da5d
x-oracle-dms-rid: 0
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
content-length: 5512
cache-control: public, max-age=86400
expires: Wed, 24 Apr 2024 09:51:07 GMT
date: Tue, 23 Apr 2024 09:51:07 GMT
vary: Accept-Encoding
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1713865867410_388255493_1893489816_62_85278_2_9_21";dur=1
akamai-grn: 0.054f2417.1713865867.70dc5c98
set-cookie: akaalb_OCE_Failover=1713865927~op=JCOM_OCE:oceProdappJcomProdOrigin|~rv=3~m=oceProdappJcomProdOrigin:0|~os=2708f36cb43ca861e42dc0215e4669c5~id=7741cf9a590d55bafdbb0e1d4f1b7d67; path=/; Expires=Tue, 23 Apr 2024 09:52:07 GMT; Secure; SameSite=None
x-content-type-options: nosniff, nosniff
x-xss-protection: 1
X-Firefox-Spdy: h2
|
|
| login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 | 34.248.78.201 | 200 OK | 0 B |
URL GET HTTP/2login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP34.248.78.201:443
Requested byhttps://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1
Host: login.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 Apr 2024 09:51:08 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: e54cd1b1-334a-4711-b9f3-1c4b4aa00581
x-runtime: 0.001888
x-host-info: lw-prod-eu-i-034fcb0b4e2cb4302, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20os_version%20%3D%20&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 | 34.248.78.201 | 200 OK | 0 B |
URL GET HTTP/2login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20os_version%20%3D%20&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP34.248.78.201:443
Requested byhttps://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20os_version%20%3D%20&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1
Host: login.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 Apr 2024 09:51:08 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: e55d12f6-e462-4baf-9434-ab349fa4790a
x-runtime: 0.001423
x-host-info: lw-prod-eu-i-0630ecaca960f15d1, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 | 34.248.78.201 | 200 OK | 24 kB |
URL User Request GET HTTP/2login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP34.248.78.201:443
CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1
Host: login.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/zgy-vign-wwh/a9bc1e936eca71d0?l=107
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 Apr 2024 09:51:06 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
etag: W/"3139286d0eb44128d7c19b50f60284b5"
cache-control: max-age=0, private, must-revalidate
x-request-id: d5303e64-7e85-44d4-91b0-accf80f43e0b
x-runtime: 0.015096
x-host-info: lw-prod-eu-i-06164ae2ecae76ca0, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| tslp.s3.amazonaws.com/detect/pdf.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015 | 52.217.160.9 | 200 OK | 23 kB |
URL GET HTTP/1.1tslp.s3.amazonaws.com/detect/pdf.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015 IP52.217.160.9:443
Requested byhttps://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 CertificateIssuerAmazon Subject*.s3.amazonaws.com FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1 ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text Hash0d5882d41c8b6e40059c8d9acbcf1518 53103565f3c07416fc691583a43a91943dbf0809 d9b7c6163477008469af64b211e2dbd4f4171b85b51e3714f11c99f9ba2c32f9
GET /detect/pdf.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015 HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: IKrrZTCY/emWIAg6JpZOxBOKRMwRLLcX4u0O/flSgKPeMtjJOG8BqAoX70gSg/I7/AYRuoR9mjs=
x-amz-request-id: RE4KHEZ0V4MA8VP4
Date: Tue, 23 Apr 2024 09:51:08 GMT
Last-Modified: Wed, 15 Feb 2017 14:39:34 GMT
ETag: "0d5882d41c8b6e40059c8d9acbcf1518"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 22855
|
|
| login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 | 34.248.78.201 | 200 OK | 0 B |
URL GET HTTP/2login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP34.248.78.201:443
Requested byhttps://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1
Host: login.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 Apr 2024 09:51:08 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 36d5318f-68fc-43b1-8b64-63d2026219bf
x-runtime: 0.001391
x-host-info: lw-prod-eu-i-06164ae2ecae76ca0, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| tslp.s3.amazonaws.com/detect/realplayer.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015 | 3.5.29.187 | 200 OK | 9.8 kB |
URL GET HTTP/1.1tslp.s3.amazonaws.com/detect/realplayer.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015 IP3.5.29.187:443
Requested byhttps://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 CertificateIssuerAmazon Subject*.s3.amazonaws.com FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1 ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (10127), with no line terminators Hash0835871d59d36ed958755d159c30fe5b 48e149eb222ee44e33f074190a400cf4d731c73e bb2c6e86b033d916b06384185ab197feb5a5f3c239e80b806e22ae4e69b124ee
GET /detect/realplayer.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015 HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: c0xBanNbhfYSdWYOhtGuHnwvvIWSO7lLZ8olpBYFbhz/9BiM9Mi/TxFy2QbYoeLuGI8PTq4ORwvuwHW94vDq61MQx8HRkP/CqPxsPwjTHug=
x-amz-request-id: RE4ZSHWEP1B8VGZE
Date: Tue, 23 Apr 2024 09:51:08 GMT
Last-Modified: Wed, 15 Feb 2017 14:45:02 GMT
ETag: "3d7be656672c16a34806c13388410325"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 9775
|
|
| login.micrasoft-395office.com/trace?id=undefined&msg=window.tracking_id%20is%20not%20set%2C%20let%27s%20get%20it&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 | 34.248.78.201 | 200 OK | 0 B |
URL GET HTTP/2login.micrasoft-395office.com/trace?id=undefined&msg=window.tracking_id%20is%20not%20set%2C%20let%27s%20get%20it&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP34.248.78.201:443
Requested byhttps://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trace?id=undefined&msg=window.tracking_id%20is%20not%20set%2C%20let%27s%20get%20it&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1
Host: login.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 Apr 2024 09:51:08 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 6c153396-eabe-4c22-bb15-b85b0e39211b
x-runtime: 0.001951
x-host-info: lw-prod-eu-i-0630ecaca960f15d1, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Viewer&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 | 34.248.78.201 | 200 OK | 0 B |
URL GET HTTP/2login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Viewer&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP34.248.78.201:443
Requested byhttps://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Viewer&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1
Host: login.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 Apr 2024 09:51:08 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 4d34f38d-a344-40fb-9aed-21736c55adc1
x-runtime: 0.001360
x-host-info: lw-prod-eu-i-034fcb0b4e2cb4302, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Open+Sans:400,700 | 142.250.74.106 | 200 OK | 11 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Open+Sans:400,700 IP142.250.74.106:443
Requested byhttps://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typeASCII text, with very long lines (1572) Hashb69c29c8c917c014d6f4b79752d8ce0b 71a580b2e8792ba930815bcca3bda73e7715ca3f 5cccc465f4c8cdcec789a0b28846823f18646206351bc9ff794f1aec7f58f5b0
GET /css?family=Open+Sans:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 23 Apr 2024 09:51:07 GMT
date: Tue, 23 Apr 2024 09:51:07 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js | 143.204.42.78 | 200 OK | 6.6 kB |
URL GET HTTP/1.1d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js IP143.204.42.78:443
Requested byhttps://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 CertificateIssuerAmazon Subject*.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (6819), with no line terminators Hash9e4af143cc4c3acb5f4888660d22658b 0c3904226c334dbd1abcc64d39577f4d17727ea9 bea4602f2348a1008386f581c429a89569a664c0781fd1845d5be2ca66acd73a
GET /bugsnag-2.min.js HTTP/1.1
Host: d2wy8f7a9ursnm.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 2962
Connection: keep-alive
Date: Wed, 17 Apr 2024 05:48:33 GMT
Last-Modified: Wed, 10 Aug 2016 00:30:49 GMT
ETag: "6103bb5e4ec6141e19e1100caafc780c"
Cache-Control: public, max-age=604800
Content-Encoding: gzip
x-amz-version-id: null
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: WhFWmJldukAiUQLHhX3YXbxb2cxWvyeZHJXIVFzpv51j4pDnl_0K5g==
Age: 532955
|
|
| login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=Skipping%20pdf%20detection&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 | 34.248.78.201 | 200 OK | 0 B |
URL GET HTTP/2login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=Skipping%20pdf%20detection&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP34.248.78.201:443
Requested byhttps://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trace?id=f5bc1e96feca7164&msg=Skipping%20pdf%20detection&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1
Host: login.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 Apr 2024 09:51:08 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 1c70b594-2379-4fbd-af8d-e6d6bcad84da
x-runtime: 0.001765
x-host-info: lw-prod-eu-i-0acc5e90dd72f7192, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=Skipping%20WindowsMediaPlayer%20detection&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 | 34.248.78.201 | 200 OK | 0 B |
URL GET HTTP/2login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=Skipping%20WindowsMediaPlayer%20detection&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP34.248.78.201:443
Requested byhttps://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trace?id=f5bc1e96feca7164&msg=Skipping%20WindowsMediaPlayer%20detection&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1
Host: login.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 Apr 2024 09:51:08 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 6b2a1521-7766-4da8-b9c5-07b512294264
x-runtime: 0.001016
x-host-info: lw-prod-eu-i-06164ae2ecae76ca0, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=Skipping%20java%20detection&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 | 34.248.78.201 | 200 OK | 0 B |
URL GET HTTP/2login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=Skipping%20java%20detection&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP34.248.78.201:443
Requested byhttps://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trace?id=f5bc1e96feca7164&msg=Skipping%20java%20detection&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1
Host: login.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 Apr 2024 09:51:08 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: a303a76c-0fd3-4b55-9155-c95a60d82615
x-runtime: 0.001465
x-host-info: lw-prod-eu-i-034fcb0b4e2cb4302, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| tslp.s3.amazonaws.com/detect/flash.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015 | 3.5.16.103 | 200 OK | 6.7 kB |
URL GET HTTP/1.1tslp.s3.amazonaws.com/detect/flash.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015 IP3.5.16.103:443
Requested byhttps://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 CertificateIssuerAmazon Subject*.s3.amazonaws.com FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1 ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (6956), with no line terminators Hash4a8c802c6c7b2c9c3fe90f85037107fb b0c892bb068132c52f8d3b8b79b01ea2ce613b0d 041667b6e07a8781f155750c2008c86cd83a76874b6736687a8bf3c49b516f47
GET /detect/flash.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015 HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: 3eRslUd6HUOatBp4ZV15FI74T8qisUATupd7xb3QcfSbYjZXJAFOfy8Poab7gUJwBYYbwCReAHy0rMK5cdjsQw==
x-amz-request-id: RE4G86R6CPKPM3J7
Date: Tue, 23 Apr 2024 09:51:08 GMT
Last-Modified: Wed, 15 Feb 2017 03:54:01 GMT
ETag: "f9ad9a096894ba248e4a1f73e7eba1be"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 6680
|
|
| login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 | 34.248.78.201 | 200 OK | 0 B |
URL GET HTTP/2login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP34.248.78.201:443
Requested byhttps://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1
Host: login.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 Apr 2024 09:51:08 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 6d5bee84-f481-4f2c-899b-e487ffa3a41e
x-runtime: 0.001364
x-host-info: lw-prod-eu-i-06164ae2ecae76ca0, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=redirect_url%20is%20undefined&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 | 34.248.78.201 | 200 OK | 0 B |
URL GET HTTP/2login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=redirect_url%20is%20undefined&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP34.248.78.201:443
Requested byhttps://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trace?id=f5bc1e96feca7164&msg=redirect_url%20is%20undefined&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1
Host: login.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 Apr 2024 09:51:08 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 9d17135f-4b24-44d0-8f42-54a2cd3c2c86
x-runtime: 0.002347
x-host-info: lw-prod-eu-i-034fcb0b4e2cb4302, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015 | 3.5.29.187 | 200 OK | 50 kB |
URL GET HTTP/1.1tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015 IP3.5.29.187:443
Requested byhttps://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 CertificateIssuerAmazon Subject*.s3.amazonaws.com FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1 ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (306) Hash00a513f07603df01e3b99be00f370754 f0c03b1c50f39c95075df687cd55f18861631526 4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a
GET /detect/plugin_detect.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015 HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: wfXfGLkXAA4M7su9bP8uKtG77VsS7F2XXFJC0w3S0Y1W3dttdolSW1stCUhZygGB6CsO6QbaZ7j5ItgywvFh4PEjYjVleJkOxDRQgM3Dai8=
x-amz-request-id: RE4Z1MRT0THS0QHG
Date: Tue, 23 Apr 2024 09:51:08 GMT
Last-Modified: Wed, 15 Feb 2017 17:56:07 GMT
ETag: "00a513f07603df01e3b99be00f370754"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 50085
|
|
| login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=training_page_no_browser_post&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 | 34.248.78.201 | 200 OK | 0 B |
URL GET HTTP/2login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=training_page_no_browser_post&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP34.248.78.201:443
Requested byhttps://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trace?id=f5bc1e96feca7164&msg=training_page_no_browser_post&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1
Host: login.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 Apr 2024 09:51:08 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 7b93d678-66a5-4e7d-b948-aaffce9e4263
x-runtime: 0.001594
x-host-info: lw-prod-eu-i-0630ecaca960f15d1, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js | 142.250.74.42 | 200 OK | 93 kB |
URL GET HTTP/2ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js IP142.250.74.42:443
Requested byhttps://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ajax/libs/jquery/1.8.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33621
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 19:23:27 GMT
expires: Wed, 16 Apr 2025 19:23:27 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 570460
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| tslp.s3.amazonaws.com/languages/language.18071.js | 52.217.160.9 | 200 OK | 8.2 kB |
URL GET HTTP/1.1tslp.s3.amazonaws.com/languages/language.18071.js IP52.217.160.9:443
Requested byhttps://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 CertificateIssuerAmazon Subject*.s3.amazonaws.com FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1 ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (8594), with no line terminators Hash99bd9632154dd07b4732a7c1157a486e 8b9ea9d1e6bba430b07f84f2d233b219192c55b4 72e9bd58d7442d1eedf210513f754197f54902f7662adaf4b510b98476712ad3
GET /languages/language.18071.js HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: lCqMMEcmQkgWYD+96flLfpN6WNidXxmqNjMIBVAdndxzX8ejQ561T5sWVYaKl0nFEZF0l23PXPY=
x-amz-request-id: RE4KE19A95NDWSPM
Date: Tue, 23 Apr 2024 09:51:08 GMT
Last-Modified: Fri, 26 Aug 2022 14:07:38 GMT
ETag: "8b9a9d305bd69c962b600c08f3c69edf"
x-amz-server-side-encryption: AES256
x-amz-version-id: U_kpSjDDW4npfowvZPZnd2_aKVkUaKPA
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Length: 8207
|
|
| login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20plugin%20PDF%20Viewer&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 | 34.248.78.201 | 200 OK | 0 B |
URL GET HTTP/2login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20plugin%20PDF%20Viewer&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP34.248.78.201:443
Requested byhttps://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20plugin%20PDF%20Viewer&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1
Host: login.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 Apr 2024 09:51:08 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: e9ee3600-f51a-47a2-b454-c95ea3b448a8
x-runtime: 0.001397
x-host-info: lw-prod-eu-i-06164ae2ecae76ca0, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=Skipping%20RealPlayer%20detection&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 | 34.248.78.201 | 200 OK | 0 B |
URL GET HTTP/2login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=Skipping%20RealPlayer%20detection&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP34.248.78.201:443
Requested byhttps://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trace?id=f5bc1e96feca7164&msg=Skipping%20RealPlayer%20detection&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1
Host: login.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 Apr 2024 09:51:08 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 94f913b2-8761-480b-a463-8f32ceae71e4
x-runtime: 0.001647
x-host-info: lw-prod-eu-i-0acc5e90dd72f7192, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| tslp.s3.amazonaws.com/training/teachable_moments/css/langdrop.css | 52.217.160.9 | 200 OK | 1.7 kB |
URL GET HTTP/1.1tslp.s3.amazonaws.com/training/teachable_moments/css/langdrop.css IP52.217.160.9:443
Requested byhttps://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 CertificateIssuerAmazon Subject*.s3.amazonaws.com FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1 ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (1807), with no line terminators Hash1da3d58e2bd153edfa872b5d5699d3d6 d0f4b9c06925d9fdaac8693a7eb4e7747cc5ecf7 536405beacaec418602e9c249bc4b0aa0ca6fd863ffa3078d705241681705096
GET /training/teachable_moments/css/langdrop.css HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: QsDJPQ43XXTNI7g6JkNjZ1JXwqswsefXh8uRoEYe72pJ8nR9hTLZmfQW1RhfPUvZzCQX+1Qd6bQ=
x-amz-request-id: RE4Z1E0JAC524XFC
Date: Tue, 23 Apr 2024 09:51:08 GMT
Last-Modified: Fri, 26 Aug 2022 14:07:49 GMT
ETag: "bc7f970ad0f163bc72c9ae9aa09e1cde"
x-amz-server-side-encryption: AES256
x-amz-version-id: OhzuQr9n0bqd2zskiPVZjmnmHAmPcoAx
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Content-Length: 1713
|
|
| login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20browser%20%3D%20Firefox&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 | 34.248.78.201 | 200 OK | 0 B |
URL GET HTTP/2login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20browser%20%3D%20Firefox&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP34.248.78.201:443
Requested byhttps://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20browser%20%3D%20Firefox&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1
Host: login.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 Apr 2024 09:51:08 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 59b936f3-95c1-4660-b67a-a048a18a9635
x-runtime: 0.001688
x-host-info: lw-prod-eu-i-0acc5e90dd72f7192, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| java.com/js/deployJava.js | 95.101.10.112 | 302 Found | 18 kB |
URL GET HTTP/2java.com/js/deployJava.js IP95.101.10.112:443 ASN#20940 Akamai International B.V.
Requested byhttps://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 CertificateIssuerDigiCert Inc Subjectjava.com FingerprintD2:86:EC:2F:2D:A7:69:D4:DC:A9:2C:40:B0:01:98:0B:DD:A0:0E:BF ValiditySat, 14 Oct 2023 00:00:00 GMT - Wed, 16 Oct 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/deployJava.js HTTP/1.1
Host: java.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: AkamaiGHost
content-length: 0
location: https://www.java.com/js/deployJava.js
cache-control: max-age=86400
expires: Wed, 24 Apr 2024 09:51:07 GMT
date: Tue, 23 Apr 2024 09:51:07 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1713865867053_1600457324_78433798_150_67344_1_14_21";dur=1
akamai-grn: 0.6c0a655f.1713865867.4acce06
set-cookie: akaalb_OCE_Failover=1713865927~op=JCOM_OCE:oceProdappJcomProdOrigin|~rv=92~m=oceProdappJcomProdOrigin:0|~os=2708f36cb43ca861e42dc0215e4669c5~id=1bc1fd06eb6eca0745f8ac56ba909858; path=/; Expires=Tue, 23 Apr 2024 09:52:07 GMT; Secure; SameSite=None
x-content-type-options: nosniff
x-xss-protection: 1
X-Firefox-Spdy: h2
|
|
| login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 | 34.248.78.201 | 200 OK | 0 B |
URL GET HTTP/2login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP34.248.78.201:443
Requested byhttps://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1
Host: login.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 Apr 2024 09:51:08 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 5a6155ea-cbd0-4f32-9591-47bce6082a6e
x-runtime: 0.002128
x-host-info: lw-prod-eu-i-0acc5e90dd72f7192, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=Skipping%20flash%20detection&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 | 34.248.78.201 | 200 OK | 0 B |
URL GET HTTP/2login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=Skipping%20flash%20detection&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP34.248.78.201:443
Requested byhttps://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trace?id=f5bc1e96feca7164&msg=Skipping%20flash%20detection&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1
Host: login.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 Apr 2024 09:51:08 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 4782dd78-98b7-4a40-ac30-0ca39cd40b72
x-runtime: 0.001803
x-host-info: lw-prod-eu-i-06164ae2ecae76ca0, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| tslp.s3.amazonaws.com/training/embedded/translations/url/en-us.json | 3.5.27.195 | 200 OK | 1.9 kB |
URL GET HTTP/1.1tslp.s3.amazonaws.com/training/embedded/translations/url/en-us.json IP3.5.27.195:443
Requested byhttps://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 CertificateIssuerAmazon Subject*.s3.amazonaws.com FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1 ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (1965), with no line terminators Hash68b8ed8426d4445995443f2954f79081 0cb4b57d22760dfa6ceb2c9230539710cd7de680 a04c9c65062a4ff0cbfe8b5ef45519a82821b3f21af8fde296c58998878bbc2e
GET /training/embedded/translations/url/en-us.json HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/
Origin: https://login.micrasoft-395office.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: pCXEi61WYoXYwXXMyxntRQLohrVGHl3Ycy1LxVKDSBsvfTj3rF+pEwZiKGIKtTGg0gaPUItWLpgZxYScHzHJxdkhNtO25jnIcyXErQHMtGw=
x-amz-request-id: T226BPRW3VTAXMNB
Date: Tue, 23 Apr 2024 09:51:10 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Last-Modified: Wed, 26 Jul 2023 17:07:40 GMT
ETag: "5113dad20241201a33ab81b33233bd01"
x-amz-server-side-encryption: AES256
x-amz-version-id: TMMo2.DrQRaqepauUxOD.NkoWByClgZx
Accept-Ranges: bytes
Content-Type: application/json
Server: AmazonS3
Content-Length: 1895
|
|
| login.micrasoft-395office.com/trace?id=unknown&msg=did%20not%20find%20guid%20in%20last%20part%20of%20location&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 | 34.248.78.201 | 200 OK | 0 B |
URL GET HTTP/2login.micrasoft-395office.com/trace?id=unknown&msg=did%20not%20find%20guid%20in%20last%20part%20of%20location&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP34.248.78.201:443
Requested byhttps://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trace?id=unknown&msg=did%20not%20find%20guid%20in%20last%20part%20of%20location&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1
Host: login.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 Apr 2024 09:51:08 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 82f3c5ad-9163-46bd-91b3-e84368daa59f
x-runtime: 0.001735
x-host-info: lw-prod-eu-i-034fcb0b4e2cb4302, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| login.micrasoft-395office.com/log?id=bc1e9eca71&campaign_guid=aae3021f93&msg=logo_object%20does%20not%20exist | 34.248.78.201 | 200 OK | 0 B |
URL GET HTTP/2login.micrasoft-395office.com/log?id=bc1e9eca71&campaign_guid=aae3021f93&msg=logo_object%20does%20not%20exist IP34.248.78.201:443
Requested byhttps://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /log?id=bc1e9eca71&campaign_guid=aae3021f93&msg=logo_object%20does%20not%20exist HTTP/1.1
Host: login.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 Apr 2024 09:51:08 GMT
content-type: image/gif; charset=utf-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 5ece2a3e-a52f-4b8c-b433-a42775d8b312
x-runtime: 0.002040
x-host-info: lw-prod-eu-i-0acc5e90dd72f7192, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20height%20%3D%201024&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 | 34.248.78.201 | 200 OK | 0 B |
URL GET HTTP/2login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20height%20%3D%201024&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP34.248.78.201:443
Requested byhttps://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20height%20%3D%201024&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1
Host: login.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 Apr 2024 09:51:08 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 73dda0d8-058b-46b6-ae8c-4fa01b3b1020
x-runtime: 0.002179
x-host-info: lw-prod-eu-i-0acc5e90dd72f7192, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| login.micrasoft-395office.com/trace?id=unknown&msg=get-id%20is%20undefined&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 | 34.248.78.201 | 200 OK | 0 B |
URL GET HTTP/2login.micrasoft-395office.com/trace?id=unknown&msg=get-id%20is%20undefined&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP34.248.78.201:443
Requested byhttps://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trace?id=unknown&msg=get-id%20is%20undefined&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1
Host: login.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 Apr 2024 09:51:08 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 9d372f47-cd84-4ddd-8dcb-26de394c11fd
x-runtime: 0.002109
x-host-info: lw-prod-eu-i-0acc5e90dd72f7192, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20plugin%20Chromium%20PDF%20Viewer&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 | 34.248.78.201 | 200 OK | 0 B |
URL GET HTTP/2login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20plugin%20Chromium%20PDF%20Viewer&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP34.248.78.201:443
Requested byhttps://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20plugin%20Chromium%20PDF%20Viewer&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1
Host: login.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 Apr 2024 09:51:08 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 3d30fe74-c12c-4a17-9b8a-9abee2cc91c8
x-runtime: 0.004227
x-host-info: lw-prod-eu-i-0acc5e90dd72f7192, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=Skipping%20quicktime%20detection&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 | 34.248.78.201 | 200 OK | 0 B |
URL GET HTTP/2login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=Skipping%20quicktime%20detection&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP34.248.78.201:443
Requested byhttps://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trace?id=f5bc1e96feca7164&msg=Skipping%20quicktime%20detection&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1
Host: login.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 Apr 2024 09:51:08 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 96511cef-62a5-44fb-8dde-a1fd0f8a45c6
x-runtime: 0.001383
x-host-info: lw-prod-eu-i-0630ecaca960f15d1, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20plugin%20WebKit%20built-in%20PDF&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 | 34.248.78.201 | 200 OK | 0 B |
URL GET HTTP/2login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20plugin%20WebKit%20built-in%20PDF&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP34.248.78.201:443
Requested byhttps://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20plugin%20WebKit%20built-in%20PDF&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1
Host: login.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 Apr 2024 09:51:08 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 40d4dec2-a98b-4e3d-be80-5e190df12cf8
x-runtime: 0.002049
x-host-info: lw-prod-eu-i-06164ae2ecae76ca0, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=Skipping%20Silverlight%20detection&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 | 34.248.78.201 | 200 OK | 0 B |
URL GET HTTP/2login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=Skipping%20Silverlight%20detection&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP34.248.78.201:443
Requested byhttps://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trace?id=f5bc1e96feca7164&msg=Skipping%20Silverlight%20detection&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1
Host: login.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 Apr 2024 09:51:08 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 9b375e54-c316-4fe5-996d-4634b7411876
x-runtime: 0.001250
x-host-info: lw-prod-eu-i-034fcb0b4e2cb4302, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 | 34.248.78.201 | 200 OK | 0 B |
URL GET HTTP/2login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP34.248.78.201:443
Requested byhttps://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1
Host: login.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 Apr 2024 09:51:08 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 7efb0579-34bd-40e7-8e2d-aed92d07959d
x-runtime: 0.001126
x-host-info: lw-prod-eu-i-034fcb0b4e2cb4302, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20plugin%20Microsoft%20Edge%20PDF%20Viewer&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 | 34.248.78.201 | 200 OK | 0 B |
URL GET HTTP/2login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20plugin%20Microsoft%20Edge%20PDF%20Viewer&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP34.248.78.201:443
Requested byhttps://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20plugin%20Microsoft%20Edge%20PDF%20Viewer&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1
Host: login.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 Apr 2024 09:51:08 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: fb4eea5c-c8d1-41bd-90b9-9fa3c2f3f807
x-runtime: 0.001993
x-host-info: lw-prod-eu-i-0630ecaca960f15d1, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20browser_version%20%3D%2096&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 | 34.248.78.201 | 200 OK | 0 B |
URL GET HTTP/2login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20browser_version%20%3D%2096&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP34.248.78.201:443
Requested byhttps://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20browser_version%20%3D%2096&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1
Host: login.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 Apr 2024 09:51:08 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 57e9c18f-ca81-4d8f-85ee-e4f5576d3699
x-runtime: 0.001547
x-host-info: lw-prod-eu-i-034fcb0b4e2cb4302, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20width%20%3D%201280&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 | 34.248.78.201 | 200 OK | 0 B |
URL GET HTTP/2login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20width%20%3D%201280&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP34.248.78.201:443
Requested byhttps://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20width%20%3D%201280&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1
Host: login.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 Apr 2024 09:51:08 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 0b8d2214-45f9-4d5f-b2af-22f707501334
x-runtime: 0.004212
x-host-info: lw-prod-eu-i-0630ecaca960f15d1, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|