Overview

URL netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98
IP52.202.140.133
ASN
Location United States
Report completed2018-05-17 04:29:30 CEST
StatusLoading report..
urlQuery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 8 reports on IP: 52.202.140.133

Date UQ / IDS / BL URL IP
2018-05-29 22:26:36 +0200
0 - 0 - 0 www.greetingsweb.com/form/375e88126a?l=19 52.202.140.133
2018-05-29 06:29:57 +0200
0 - 0 - 0 www.emailquarantine.com/3645236d6e?l=36 52.202.140.133
2018-05-23 15:26:12 +0200
0 - 0 - 0 update.account-maintenance.com/07c310b94a?l=15 52.202.140.133
2018-05-23 07:38:06 +0200
0 - 0 - 0 www.oracle.user-account-maintenance.com/2dccc (...) 52.202.140.133
2018-05-22 19:43:10 +0200
0 - 0 - 0 department.improvements.account-maintenance.com 52.202.140.133
2018-05-22 19:05:58 +0200
0 - 0 - 0 www.trackingupdate.net/12c10e445b?l=25 52.202.140.133
2018-05-21 14:45:49 +0200
0 - 0 - 0 hr.corp-hr.com/b1c30f3bd4 52.202.140.133
2018-05-16 15:28:50 +0200
0 - 0 - 0 account-maintenance.com/SSFportal/23a6929e81?l=10 52.202.140.133

Last 10 reports on ASN:

Date UQ / IDS / BL URL IP
2018-10-18 22:57:22 +0200
2 - 1 - 0 emumame.ru/mame_g/tlep.html 185.179.190.36
2018-10-18 22:57:13 +0200
2 - 0 - 0 emumil.ru/dlu2xhbv9edw5rxy1fu3vwzxjfuhjvx0jhc (...) 185.179.190.36
2018-10-18 22:54:58 +0200
0 - 0 - 0 loadsource.org/ 172.64.134.5
2018-10-18 22:49:35 +0200
2 - 1 - 0 www.migliori-escort.com/3349704514.html 173.212.198.34
2018-10-18 22:45:55 +0200
0 - 0 - 0 https://www.sportsblog.com/nbary/live-nba-was (...) 35.186.246.227
2018-10-18 22:45:14 +0200
0 - 0 - 0 https://accounts.virtru.com/email-activation 52.14.143.111
2018-10-18 22:43:46 +0200
0 - 0 - 0 cdn.gocanvas.com 13.33.54.61
2018-10-18 22:43:42 +0200
0 - 2 - 0 www.sexy.galleries.stack.stackjam.top/ 54.36.162.42
2018-10-18 22:39:25 +0200
0 - 0 - 0 https://anchor.fm/tamjid-hossen/episodes/FREE (...) 34.236.47.101
2018-10-18 22:38:42 +0200
0 - 1 - 0 gwpfgcrdbmlfhi.bid/ 198.54.117.200

Last 4 reports on domain: netbenefits-access.com

Date UQ / IDS / BL URL IP
2018-10-02 19:12:23 +0200
0 - 0 - 0 www.netbenefits-access.com/d21df3f580 34.202.118.251
2017-12-14 15:44:54 +0100
0 - 0 - 0 ch2m.netbenefits-access.com/newaccountsetup 52.22.172.19
2017-11-15 12:49:41 +0100
0 - 0 - 0 change.bitcoin.zip.netbenefits-access.com/kjh (...) 52.22.172.19
2017-11-15 12:46:48 +0100
0 - 0 - 0 change.bitcoin.zip.netbenefits-access.com/kjh (...) 52.22.172.19


JavaScript

Executed Scripts (19)


Executed Evals (0)


Executed Writes (1)

#1 JavaScript::Write (size: 88, repeated: 4) - SHA256: c68ee07551c30c4d15bc24b53259693345e9498cde53b72ea2df4ee5692f7040

                                        < embed id = "deployJavaPlugin"
type = "application/java-deployment-toolkit"
hidden = "true" / >
                                    


HTTP Transactions (161)


Request Response
                                        
                                            GET /rusia-2018-mexico/2fd205f05c?l=98 HTTP/1.1 
Host: netbenefits-access.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:28:57 GMT
Etag: W/"05045ead751a7ba1b94eccbffec39e9f"
Server: ThreatSim-Web-Server
Set-Cookie: EXFILGUID=2fd205f05c; path=/ link_clicked_2fd205f05c=1; path=/
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0d3e323dae303813b, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: 8716f6cd2c761be306480929bc0e3bd9
X-Runtime: 0.028447
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 927
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   927
Md5:    c4e2f00a8a9798a62d6d02b5b079d204
Sha1:   e3c9231c8e24fce0c3f5d589e6db43c5fdbb77a6
Sha256: 14ca4fbe872dd12acd0443d43cd8c4961a5efbd1cf5a22b220dd102e2705fc4c
                                        
                                            GET /bugsnag-2.min.js HTTP/1.1 
Host: d2wy8f7a9ursnm.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         13.33.96.95
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Length: 2962
Connection: keep-alive
Date: Mon, 11 Dec 2017 23:50:03 GMT
Last-Modified: Wed, 10 Aug 2016 00:30:49 GMT
Etag: "6103bb5e4ec6141e19e1100caafc780c"
Cache-Control: public, max-age=604800
Content-Encoding: gzip
Accept-Ranges: bytes
Server: AmazonS3
Age: 181577
X-Cache: Hit from cloudfront
Via: 1.1 dbfa25b830ed5c81b9cf2bd126130c78.cloudfront.net (CloudFront)
X-Amz-Cf-Id: l1JH7yOlhiORCIqfi9lOYZqZ146tlge3MpIBANHD8YwEh-2-YDBltA==


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2962
Md5:    6103bb5e4ec6141e19e1100caafc780c
Sha1:   1396838ef637042cbf702f6b5fdcd0281d93feb9
Sha256: ccba3500aa323de51765587835fcd4842d46e4e2384e5cfd067506d0b6fc8a78
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=171106
Date: Thu, 17 May 2018 02:28:58 GMT
Etag: "5afcc86b-1d7"
Expires: Sat, 19 May 2018 02:00:44 GMT
Last-Modified: Thu, 17 May 2018 00:10:19 GMT
Server: ECS (arn/4692)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    c4b2ec49cee9e8961393828d8c997ba6
Sha1:   078f606d93c048522c5b07f77dd27e69d352bd68
Sha256: d1ad8c61fb442ad19aa2079556c0b719349669d7601f67d9365413c2c5e58ae6
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=170539
Date: Thu, 17 May 2018 02:28:58 GMT
Etag: "5afccabd-1d7"
Expires: Sat, 19 May 2018 01:29:48 GMT
Last-Modified: Thu, 17 May 2018 00:20:13 GMT
Server: ECS (arn/469D)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    de49f0186a7cee66964da5fc74ee9db6
Sha1:   7d138ee9c0e8c11fda3ee48ae7d87db49aeddea5
Sha256: 8a7e75c59cddc0d6f29c030f2a39bb4fe93ec8da5b1a064cfe2ef5ede1df5b82
                                        
                                            GET /js/deployJava.js HTTP/1.1 
Host: java.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         104.123.122.133
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: Oracle-HTTP-Server
Last-Modified: Fri, 07 Jul 2017 23:29:07 GMT
Content-Disposition: inline;filename=deployJava.js;filename*=UTF-8''deployJava.js
X-ORACLE-DMS-RID: 0:1
X-Content-Type-Options: nosniff
X-ORACLE-DMS-ECID: 005Kza_yrKd9Tcw70Fm3UF0003QU009rYR
mdt-type: abinary;charset=UTF-8
X-Frame-Options: SAMEORIGIN
Content-Length: 18444
Cache-Control: max-age=86400
Expires: Fri, 18 May 2018 02:28:58 GMT
Date: Thu, 17 May 2018 02:28:58 GMT
Connection: keep-alive
X-XSS-PROTECTION: 1


--- Additional Info ---
Magic:  ASCII English text, with very long lines, with no line terminators
Size:   18444
Md5:    9c1ae8d324e45716080572dfc20993a3
Sha1:   0afdd5636017b31750dd4e1a41ced118aaa5d3ab
Sha256: 358bb442f5d81ddc8e393d922458a9d84010efee2c346763ae87a45be92224d1
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=159646
Date: Thu, 17 May 2018 02:28:58 GMT
Etag: "5afc9d06-1d7"
Expires: Fri, 18 May 2018 22:38:52 GMT
Last-Modified: Wed, 16 May 2018 21:05:10 GMT
Server: ECS (arn/46BA)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    3a0f3bb0d88e4047daaf1023a80540da
Sha1:   432417cfd104e602d9081583a2cbaeb7d2a0a77a
Sha256: 2a28f723af362271d0e87ce4b754070439a135306156ccb4a2542afc3f5fedcf
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=154446
Date: Thu, 17 May 2018 02:28:58 GMT
Etag: "5afc7d64-1d7"
Expires: Fri, 18 May 2018 21:06:06 GMT
Last-Modified: Wed, 16 May 2018 18:50:12 GMT
Server: ECS (arn/459B)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    58053ece2ea6051309cab216d7de87be
Sha1:   1728285384a90fb90f5071ee9e4cb7ca91387e5c
Sha256: 69c5f8a8fb3f2299c289c37e11b454dafc66cb70793e519bd23de19cbae958fe
                                        
                                            GET /detect/quicktime.js?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: tslp.s3.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         52.216.134.83
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: gHDSJJnZVje/lkM4ZCeauCZUBELt/G11C1DKg+l2YxVBlYNrYTNQBg2ioH/Y2+kjvwKT2vPkDOQ=
x-amz-request-id: 4C9EB3F91E5A9180
Date: Thu, 17 May 2018 02:28:59 GMT
Last-Modified: Wed, 15 Feb 2017 14:41:05 GMT
Etag: "ee73f2f47d51116dc40b85a6b57eaf20"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 6999
Server: AmazonS3


--- Additional Info ---
Magic:  ASCII C program text, with very long lines
Size:   6999
Md5:    ee73f2f47d51116dc40b85a6b57eaf20
Sha1:   6c42011667bac1fa6c3272a11b510f22962d72a2
Sha256: 6ae53963f41133561c78b4332b564c01f551c471cd91d980436a9f5dacdd8f19
                                        
                                            GET /detect/realplayer.js?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: tslp.s3.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         52.216.134.83
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: B8sTv13aps0tHqHSD7KixkhCD8lHcrnup8qsyFqHBfXPflJsQfn1AgL7ITJw8BpUMK6y5CZ/GK8=
x-amz-request-id: C87981ACE4E0E7C4
Date: Thu, 17 May 2018 02:28:59 GMT
Last-Modified: Wed, 15 Feb 2017 14:45:02 GMT
Etag: "3d7be656672c16a34806c13388410325"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 9775
Server: AmazonS3


--- Additional Info ---
Magic:  ASCII C program text
Size:   9775
Md5:    3d7be656672c16a34806c13388410325
Sha1:   c391646c980c60d75c35b33a974c97ae88114eef
Sha256: 88be902cc76b5ec1ec932b6ae93457b6b0ca69d7a36bfadefc2f24db225dc238
                                        
                                            GET /detect/flash.js?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: tslp.s3.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         52.216.134.83
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: HNbsKciC4z+rg9/oXsg5saTqZlYBAr21gT/vFwHBW1eEZJDoS+Q09XsePePAZYa47KyAZ6YCJt8=
x-amz-request-id: 6A9A8C6EB56CC978
Date: Thu, 17 May 2018 02:28:59 GMT
Last-Modified: Wed, 15 Feb 2017 03:54:01 GMT
Etag: "f9ad9a096894ba248e4a1f73e7eba1be"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 6680
Server: AmazonS3


--- Additional Info ---
Magic:  ASCII C program text
Size:   6680
Md5:    f9ad9a096894ba248e4a1f73e7eba1be
Sha1:   f2449ce5f7a5c42ffdcc5f087a75b2513e73592c
Sha256: a26d01d5912459798481786640dc44fd7605d09f2f9e6dd24720205efcab6861
                                        
                                            GET /detect/silverlight.js?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: tslp.s3.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         52.216.134.83
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: 3QTGKx/NRtiktH466+upGenDXNdShdpWMbFOPlMKNUjLHTavxoxlb4YCNWgyBweBFvOPIeBsohg=
x-amz-request-id: 27CC03FB6A13624A
Date: Thu, 17 May 2018 02:28:59 GMT
Last-Modified: Wed, 15 Feb 2017 18:00:03 GMT
Etag: "e6dd596d2bc204ea573b868b92028c26"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 4234
Server: AmazonS3


--- Additional Info ---
Magic:  ASCII C program text
Size:   4234
Md5:    e6dd596d2bc204ea573b868b92028c26
Sha1:   fa58bba4c9a01b3764a881949a8423b773d8a338
Sha256: 0730a7e6770925fa4232096e4d9874514985ec791a63fe873f0e4e3cd7722381
                                        
                                            GET /detect/pdf.js?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: tslp.s3.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         52.216.134.83
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: 9xEO4Y6P2dUO4DmB0PCBph2aOs07Vv4j/btXISxAKzzH38RodWVUQSxlUAb3COOt0Jcf4hG8R8k=
x-amz-request-id: 191FDB4A62BD755D
Date: Thu, 17 May 2018 02:28:59 GMT
Last-Modified: Wed, 15 Feb 2017 14:39:34 GMT
Etag: "0d5882d41c8b6e40059c8d9acbcf1518"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 22855
Server: AmazonS3


--- Additional Info ---
Magic:  ASCII C program text
Size:   22855
Md5:    0d5882d41c8b6e40059c8d9acbcf1518
Sha1:   53103565f3c07416fc691583a43a91943dbf0809
Sha256: d9b7c6163477008469af64b211e2dbd4f4171b85b51e3714f11c99f9ba2c32f9
                                        
                                            GET /detect/plugin_detect.js?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: tslp.s3.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         52.216.134.83
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: rFTQj8RfJwdbjWc9kBrQdAbYxRQTqIiv0bU1NwB0UEwq5qB/gGwvv6URS2ETyJFfilNHF2iZdHA=
x-amz-request-id: 7092F901EAA70389
Date: Thu, 17 May 2018 02:28:59 GMT
Last-Modified: Wed, 15 Feb 2017 17:56:07 GMT
Etag: "00a513f07603df01e3b99be00f370754"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 50085
Server: AmazonS3


--- Additional Info ---
Magic:  ASCII C program text, with very long lines
Size:   50085
Md5:    00a513f07603df01e3b99be00f370754
Sha1:   f0c03b1c50f39c95075df687cd55f18861631526
Sha256: 4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a
                                        
                                            GET /detect/wmp.js?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: tslp.s3.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         52.216.134.83
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: byA/RpsDkIT3+M8UIIsNhgqNS+zhLGznF5WOSDdQqW0SbN4SHJ3+1/f7thRsIv9UDniIn3NL0qA=
x-amz-request-id: 4A4CB2D5A11B7116
Date: Thu, 17 May 2018 02:28:59 GMT
Last-Modified: Wed, 15 Feb 2017 15:07:14 GMT
Etag: "ffd2cc77bb64d40beeb5d561fffe1f79"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 5941
Server: AmazonS3


--- Additional Info ---
Magic:  ASCII C program text
Size:   5941
Md5:    ffd2cc77bb64d40beeb5d561fffe1f79
Sha1:   6cb535641677d27e4de591ceb3c4e2f408826e7d
Sha256: cdb16ca3ddd3cead71121799751fa80d3033375abcdbc5fc84d35fb82c7fc9de
                                        
                                            GET /ajax/libs/jquery/1.9.1/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         216.58.207.202
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 33018
Date: Wed, 09 May 2018 05:56:33 GMT
Expires: Thu, 09 May 2019 05:56:33 GMT
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-PROTECTION: 1; mode=block
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 678746


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   33018
Md5:    d67fea647a9ff0d912549d69cf963267
Sha1:   3fae503c55d45fa707de03bd42c31f564e20e91c
Sha256: 9307813f2ee3a1a6e08a02829d6dd7a1652c4f8db7882416bb7859bbebc593bc
                                        
                                            GET /detect/java.js?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: tslp.s3.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         52.216.134.83
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: 4pP6PyGTMNwSg6sQ4jXgNJGGCfQjn+V8Ddhr/gv/99rSHkgQzHTW9ppujb7Xydiy58zkpDPr7zA=
x-amz-request-id: E37BE384BD33194F
Date: Thu, 17 May 2018 02:28:59 GMT
Last-Modified: Wed, 15 Feb 2017 14:38:28 GMT
Etag: "2bec0061039dc3fb25fc20aaf611d5b9"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 50717
Server: AmazonS3


--- Additional Info ---
Magic:  ASCII C program text
Size:   50717
Md5:    2bec0061039dc3fb25fc20aaf611d5b9
Sha1:   dfc11b0662ac5950d309e2615e887032dd1dde0c
Sha256: 4805fc6abdad8075af2165e241b781c3073d4769ae725e4004bf79064acb5f24
                                        
                                            GET /assets/google-tracking.js?g=2fd205f05c HTTP/1.1 
Host: netbenefits-access.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98
Cookie: EXFILGUID=2fd205f05c; link_clicked_2fd205f05c=1

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:28:59 GMT
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Last-Modified: Fri, 13 Apr 2018 17:32:00 GMT
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
Content-Length: 316
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix, last modified: Sat Jun 11 03:35:22 2016, max compression
Size:   316
Md5:    719dec8ba10f30b81501c6789fdc0b38
Sha1:   a5981aa8101108d7d3d92c8272c5a8f39ff84619
Sha256: 39b4a814e874e6f5cf6f1f40c45c9932cc676a16786b35ccca4b3f2b0507f12a
                                        
                                            GET /assets/all.js?g=2fd205f05c HTTP/1.1 
Host: netbenefits-access.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98
Cookie: EXFILGUID=2fd205f05c; link_clicked_2fd205f05c=1

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:28:59 GMT
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Last-Modified: Fri, 13 Apr 2018 17:32:00 GMT
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
Content-Length: 7149
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix, last modified: Fri Mar 03 22:28:11 2017, max compression
Size:   7149
Md5:    7ef5804bf7d4879e5ccdfbd01de4ed2b
Sha1:   81960b78265b10afc3ae75b9434d1377cfa7a17f
Sha256: 8e4b430299b5c01368fb14b0ed378091efe77c9c7e3279092ce29c7a434e0bd2
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Timing-Allow-Origin: *
Date: Thu, 17 May 2018 00:59:07 GMT
Expires: Thu, 17 May 2018 02:59:07 GMT
Last-Modified: Thu, 12 Apr 2018 18:13:11 GMT
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Server: Golfe2
Content-Length: 14353
Cache-Control: public, max-age=7200
Age: 5393


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   14353
Md5:    8234e6190ec70f60aadd1cbabd2f64ed
Sha1:   08b5b4bdfd370934a6bda3f7b88fc837fd4538ce
Sha256: 4830a9562f0d539f6f957f44bd32f9859b127c9024bd46f30e711d4b2fd079b4
                                        
                                            GET /r/collect?v=1&_v=j67&a=1184618929&t=pageview&_s=1&dl=http%3A%2F%2Fnetbenefits-access.com%2Frusia-2018-mexico%2F2fd205f05c%3Fl%3D98&ul=en-us&de=UTF-8&sd=24-bit&sr=1176x885&vp=1176x775&je=1&fl=10.0%20r45&_u=IEBAAEQ~&jid=1422886293&gjid=79728331&cid=1848799807.1526524142&tid=UA-83403-17&_gid=520873749.1526524142&_r=1&z=32405776 HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         216.58.211.14
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-83403-17&cid=1848799807.1526524142&jid=1422886293&_gid=520873749.1526524142&gjid=79728331&_v=j67&z=32405776
Access-Control-Allow-Origin: *
Date: Thu, 17 May 2018 02:29:02 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Server: Golfe2
Content-Length: 413


--- Additional Info ---
Magic:  HTML document text
Size:   413
Md5:    e57cc0035baa77b6f3e6d46489eb39ac
Sha1:   de8589c8b5e8ec6ed62eb846572b61f9c62dea2f
Sha256: 21d7c559852b3759b91397a552beccd31731e08e5747440d1a9aca23ba9d9bf2
                                        
                                            GET /collect?v=1&_v=j67&a=1184618929&t=pageview&_s=2&dl=http%3A%2F%2Fnetbenefits-access.com%2Frusia-2018-mexico%2F2fd205f05c%3Fl%3D98&ul=en-us&de=UTF-8&sd=24-bit&sr=1176x885&vp=1176x775&je=1&fl=10.0%20r45&_u=YEBAAEQ~&jid=&gjid=&cid=1848799807.1526524142&uid=2fd205f05c&tid=UA-83403-17&_gid=520873749.1526524142&z=2103549179 HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Allow-Origin: *
Date: Tue, 15 May 2018 09:28:45 GMT
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Server: Golfe2
Content-Length: 35
Cache-Control: no-cache, no-store, must-revalidate
Age: 147617


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 116
Content-Type: application/ocsp-request

                                         
                                         178.255.83.1
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 17 May 2018 02:29:02 GMT
Server: Apache
Last-Modified: Mon, 14 May 2018 09:30:31 GMT
Expires: Mon, 21 May 2018 09:30:31 GMT
Etag: 920A8B35A0ECB5D91205DB62A794A4960CBAC9CE
Cache-Control: max-age=370288,public,no-transform,must-revalidate
X-OCSP-Responder-ID: rmdccaocsp19
Content-Length: 472
Connection: close


--- Additional Info ---
Magic:  data
Size:   472
Md5:    01e42366c8f93e00aaea4b981eee0be7
Sha1:   920a8b35a0ecb5d91205db62a794a4960cbac9ce
Sha256: 6aa21fe8ecd39a4e00289e033585dfc5619f13da4caf93089e324e0ebd17c1ba
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         178.255.83.1
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 17 May 2018 02:29:02 GMT
Server: Apache
Last-Modified: Tue, 15 May 2018 09:10:02 GMT
Expires: Tue, 22 May 2018 09:10:02 GMT
Etag: A63817827C909DE6C38BFF9FEF8A2924247A3F71
Cache-Control: max-age=455459,public,no-transform,must-revalidate
X-OCSP-Responder-ID: rmdccaocsp19
Content-Length: 727
Connection: close


--- Additional Info ---
Magic:  data
Size:   727
Md5:    066308ba279f0728d87aaece93a4ba19
Sha1:   a63817827c909de6c38bff9fef8a2924247a3f71
Sha256: 978df60a7e0170b90755fb554cd03ec35d805398250dcc5c305d68ffc93a6cc3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.usertrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         178.255.83.1
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 17 May 2018 02:29:02 GMT
Server: Apache
Last-Modified: Tue, 15 May 2018 09:10:02 GMT
Expires: Tue, 22 May 2018 09:10:02 GMT
Etag: 2DF03B86AAEA9CF48FA64F0AD042A264F5C8861D
Cache-Control: max-age=455459,public,no-transform,must-revalidate
X-OCSP-Responder-ID: rmdccaocsp19
Content-Length: 471
Connection: close


--- Additional Info ---
Magic:  data
Size:   471
Md5:    afe1703fb88ddf3ee1a1b4fcd33debe9
Sha1:   2df03b86aaea9cf48fa64f0ad042a264f5c8861d
Sha256: 1eaa98aabb5239638551559b0aa424c687cf27a9af754873da6eb8b28693d16c
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 17 May 2018 02:29:02 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-PROTECTION: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    c82155df6bc8e0a7d1fe3de20e112371
Sha1:   df6511f22bdb308f710d83782ee96d729e838d0a
Sha256: f462f422718c00533efc603f370ee3c0afa56c3d70becff774e8fb0b68bff187
                                        
                                            POST /gsr2 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 112
Content-Type: application/ocsp-request

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 17 May 2018 02:29:02 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 468
X-XSS-PROTECTION: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   468
Md5:    6bf50ec404fb4a8b4a94be8390d11938
Sha1:   0caaab7704d6221abc5e0342909a4928cee50b1c
Sha256: 63b592179b1e9a528344ce1d430b9479fc55f43420a468ec35aaeaa9dff911cf
                                        
                                            GET /r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-83403-17&cid=1848799807.1526524142&jid=1422886293&_gid=520873749.1526524142&gjid=79728331&_v=j67&z=32405776 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         64.233.162.157
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Date: Thu, 17 May 2018 02:29:02 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Server: Golfe2
Content-Length: 35
Alt-Svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            GET /trace?id=2fd205f05c&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:02 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0c343185cc1c57430, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: 6300a3e92b4f80007c018235f3476a7b
X-Runtime: 0.002216
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /trace?id=2fd205f05c&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:02 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0df465a5b01d9ea0c, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: 7f1709ff8fd3d31f6e245a3980dcb08e
X-Runtime: 0.002543
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /trace?id=2fd205f05c&msg=BrowserDetect%20-%20os_version%20%3D%206.1&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:02 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0c54726b71f83fdfb, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: 7f7481d040cb2b4efaada7dcb79187ae
X-Runtime: 0.002258
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /trace?id=2fd205f05c&msg=BrowserDetect%20-%20browser%20%3D%20Firefox&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:02 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0df465a5b01d9ea0c, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: 8e80c14deeeb4f0ccaf488c00b63cb11
X-Runtime: 0.001892
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /trace?id=2fd205f05c&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:02 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0c343185cc1c57430, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: 6d7ffb577ed7064006cc1e6a0e171503
X-Runtime: 0.002264
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /trace?id=2fd205f05c&msg=BrowserDetect%20-%20browser_version%20%3D%203.6&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:03 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0c343185cc1c57430, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: a434db7a3abd7a7f12762cb749870ac2
X-Runtime: 0.001702
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /trace?id=2fd205f05c&msg=BrowserDetect%20-%20os%20%3D%20Windows&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:03 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0df465a5b01d9ea0c, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: af45ea158a915aca716446b0838a2e4a
X-Runtime: 0.002294
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            OPTIONS /secure/browser_post HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Origin: http://netbenefits-access.com
Access-Control-Request-Method: POST

                                         
                                         52.202.140.133
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=utf-8
                                        
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:03 GMT
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0c54726b71f83fdfb, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: pass
X-Request-Id: 0a014e283c1372fa661c24802b291ec1
X-Runtime: 0.001315
Content-Length: 1033
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1033
Md5:    f06e1e89b6b967e3d5948c05a8e0ce2c
Sha1:   08e4835d8681d7fce19a24ba2b073ea5c529e3b6
Sha256: 39d250f8046f111df98d3aa043e8e9945839bcee21b9d3ce21e782823a7b186e
                                        
                                            GET /trace?id=2fd205f05c&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:03 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0c343185cc1c57430, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: 827ea205839d56be1fade1616cc15a68
X-Runtime: 0.002012
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /trace?id=2fd205f05c&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:03 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0df465a5b01d9ea0c, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: 9257343f41d29b740d7aaf5a63cc8027
X-Runtime: 0.002338
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /trace?id=2fd205f05c&msg=BrowserDetect%20-%20width%20%3D%201176&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:03 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0c343185cc1c57430, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: c109449588c3c92d46b55d70058e09d2
X-Runtime: 0.001662
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /trace?id=2fd205f05c&msg=BrowserDetect%20-%20height%20%3D%20885&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:03 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0c54726b71f83fdfb, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: 97d74e8ac0d2d4a11684b128ab9c1c0b
X-Runtime: 0.002368
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /trace?id=2fd205f05c&msg=BrowserDetect%20-%20plugin%20Mozilla%20Default%20Plug-in&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:03 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0c54726b71f83fdfb, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: cadbeb9df349906e69b1953763dcd8e4
X-Runtime: 0.001807
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /trace?id=2fd205f05c&msg=BrowserDetect%20-%20plugin%20Shockwave%20Flash&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:03 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0c54726b71f83fdfb, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: 5c9d2d98f6a684e186b95fbafa8c09bc
X-Runtime: 0.001860
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /trace?id=2fd205f05c&msg=BrowserDetect%20-%20plugin%20Java%20Deployment%20Toolkit%207.0.50.5&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:03 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0df465a5b01d9ea0c, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: 067432577c5653a3e8ca7e15e07a4f69
X-Runtime: 0.002359
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /trace?id=2fd205f05c&msg=BrowserDetect%20-%20plugin%20Java(TM)%20Platform%20SE%207%20U5&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:03 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0c54726b71f83fdfb, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: 1cbea60d64b498d3bed9166bd940b33a
X-Runtime: 0.002107
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /trace?id=2fd205f05c&msg=BrowserDetect%20-%20plugin%20Windows%20Presentation%20Foundation&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:03 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0c54726b71f83fdfb, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: 96fc217b82755c9b62f9c5833678a4e2
X-Runtime: 0.001729
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /trace?id=2fd205f05c&msg=BrowserDetect%20-%20plugin%20Microsoft%C2%AE%20DRM&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:03 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0c54726b71f83fdfb, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: 6e4dd5d38e81db47b7b2e709be1c94a8
X-Runtime: 0.002157
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /trace?id=2fd205f05c&msg=BrowserDetect%20-%20plugin%20Adobe%20Acrobat&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:03 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0c343185cc1c57430, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: ef9944b9378e551b689c9a03ec8b251e
X-Runtime: 0.003278
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /trace?id=2fd205f05c&msg=BrowserDetect%20-%20plugin%20Windows%20Media%20Player%20Plug-in%20Dynamic%20Link%20Library&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:03 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0df465a5b01d9ea0c, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: ef61e4be7ba3c777379b148ef1d25216
X-Runtime: 0.002266
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /trace?id=2fd205f05c&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:03 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0c343185cc1c57430, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: edcc25cee68173675603588d413d0430
X-Runtime: 0.001894
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: netbenefits-access.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: EXFILGUID=2fd205f05c; link_clicked_2fd205f05c=1; _ga=GA1.2.1848799807.1526524142; _gid=GA1.2.520873749.1526524142; _gat=1

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Date: Thu, 17 May 2018 02:29:03 GMT
Etag: "5ad0e990-0"
Last-Modified: Fri, 13 Apr 2018 17:32:00 GMT
Server: ThreatSim-Web-Server
Content-Length: 0
Connection: keep-alive


--- Additional Info ---
                                        
                                            GET /load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: netbenefits-access.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98
Cookie: EXFILGUID=2fd205f05c; link_clicked_2fd205f05c=1; _ga=GA1.2.1848799807.1526524142; _gid=GA1.2.520873749.1526524142; _gat=1

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:03 GMT
Etag: W/"ac46a05eecd11721c129fc5db6adfcc2"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0c343185cc1c57430, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: e0988ed0651098786520358781a38542
X-Runtime: 0.013964
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 3122
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   3122
Md5:    5116246aa2f9468ad6014dbec383ecbe
Sha1:   8fc5185776a4f9560492c3c80677afdf3f9dae83
Sha256: 5c067cd19cf01b23e323b69d7c9eed7a10631f58ae27c24226ff8b90dc679cdb
                                        
                                            GET /bugsnag-2.min.js HTTP/1.1 
Host: d2wy8f7a9ursnm.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df
If-Modified-Since: Wed, 10 Aug 2016 00:30:49 GMT
If-None-Match: "6103bb5e4ec6141e19e1100caafc780c"

                                         
                                         13.33.96.95
HTTP/1.1 304 Not Modified
                                        
Connection: keep-alive
Date: Thu, 17 May 2018 02:29:03 GMT
Etag: "6103bb5e4ec6141e19e1100caafc780c"
Cache-Control: public, max-age=604800
Server: AmazonS3
Age: 181582
X-Cache: Hit from cloudfront
Via: 1.1 dbfa25b830ed5c81b9cf2bd126130c78.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 5hYvKGTISJkkS02umQntPFvpX4eNh0qLF4SfHu47FjfulrvAQ30y4Q==


--- Additional Info ---
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 17 May 2018 02:29:03 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-PROTECTION: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    db7fdad1402c302e3733b6f303c287d4
Sha1:   d3b0dbe1bd16dbe0983b2d2f7fe1d35c03010ab5
Sha256: 00ac20c3c40be5fe1fb151926374ff1fc3d29aa71a369ee6566840f1c90c85f4
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 17 May 2018 02:29:03 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-PROTECTION: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    8e8033685617c84c68c6e7d02d73c0cf
Sha1:   35b77bc08ec89a197e722b8579d28a01310ba275
Sha256: 1de13b32d90722f3b2a3a70c0bab14bed2d87093d53932f4e920d04636a511f6
                                        
                                            GET /assets/google-tracking.js?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: netbenefits-access.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df
Cookie: EXFILGUID=2fd205f05c; link_clicked_2fd205f05c=1; _ga=GA1.2.1848799807.1526524142; _gid=GA1.2.520873749.1526524142; _gat=1

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:03 GMT
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Last-Modified: Fri, 13 Apr 2018 17:32:00 GMT
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
Content-Length: 316
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix, last modified: Sat Jun 11 03:35:22 2016, max compression
Size:   316
Md5:    719dec8ba10f30b81501c6789fdc0b38
Sha1:   a5981aa8101108d7d3d92c8272c5a8f39ff84619
Sha256: 39b4a814e874e6f5cf6f1f40c45c9932cc676a16786b35ccca4b3f2b0507f12a
                                        
                                            GET /detect/flash.js?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: tslp.s3.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df
If-Modified-Since: Wed, 15 Feb 2017 03:54:01 GMT
If-None-Match: "f9ad9a096894ba248e4a1f73e7eba1be"

                                         
                                         52.216.134.83
HTTP/1.1 304 Not Modified
                                        
x-amz-id-2: 9HhhuqlrObWwNVuClHaGloxoTPTv9SlJMo5a0K7IfSfzU/eW3sez6KJiIlP1fL/F1LWFV6YECpA=
x-amz-request-id: 943DC21C1FB23AD6
Date: Thu, 17 May 2018 02:29:04 GMT
Last-Modified: Wed, 15 Feb 2017 03:54:01 GMT
Etag: "f9ad9a096894ba248e4a1f73e7eba1be"
x-amz-version-id: null
Server: AmazonS3


--- Additional Info ---
                                        
                                            GET /assets/all.js?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: netbenefits-access.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df
Cookie: EXFILGUID=2fd205f05c; link_clicked_2fd205f05c=1; _ga=GA1.2.1848799807.1526524142; _gid=GA1.2.520873749.1526524142; _gat=1

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:03 GMT
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Last-Modified: Fri, 13 Apr 2018 17:32:00 GMT
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
Content-Length: 7149
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix, last modified: Fri Mar 03 22:28:11 2017, max compression
Size:   7149
Md5:    7ef5804bf7d4879e5ccdfbd01de4ed2b
Sha1:   81960b78265b10afc3ae75b9434d1377cfa7a17f
Sha256: 8e4b430299b5c01368fb14b0ed378091efe77c9c7e3279092ce29c7a434e0bd2
                                        
                                            GET /detect/quicktime.js?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: tslp.s3.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df
If-Modified-Since: Wed, 15 Feb 2017 14:41:05 GMT
If-None-Match: "ee73f2f47d51116dc40b85a6b57eaf20"

                                         
                                         52.216.134.83
HTTP/1.1 304 Not Modified
                                        
x-amz-id-2: oK3H7WkuKGtxDgYUXMLk/EGQk1pNNoHAmoa3b8JQ7As5x5SHR+ZCZwLs1fPZcgumak7V2lM7SUQ=
x-amz-request-id: 8E74FD3205E31460
Date: Thu, 17 May 2018 02:29:04 GMT
Last-Modified: Wed, 15 Feb 2017 14:41:05 GMT
Etag: "ee73f2f47d51116dc40b85a6b57eaf20"
x-amz-version-id: null
Server: AmazonS3


--- Additional Info ---
                                        
                                            GET /ajax/libs/jquery/1.11.0/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df

                                         
                                         216.58.207.202
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 33576
Date: Wed, 09 May 2018 16:55:55 GMT
Expires: Thu, 09 May 2019 16:55:55 GMT
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-PROTECTION: 1; mode=block
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 639188
Alt-Svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   33576
Md5:    55b8e6059da09b4e50cbe105e4a090a3
Sha1:   455328e76daf9a5a8fe0c94bc20c308801fb4883
Sha256: 9ba41d51fbabdb9fcaa7e9e34581d153d8f901a2ce9e364f60162ca278743813
                                        
                                            GET /detect/plugin_detect.js?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: tslp.s3.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df
If-Modified-Since: Wed, 15 Feb 2017 17:56:07 GMT
If-None-Match: "00a513f07603df01e3b99be00f370754"

                                         
                                         52.216.134.83
HTTP/1.1 304 Not Modified
                                        
x-amz-id-2: jh01n1R+UqiNIIO8cW5LwoCzmi6PLyF/qCQnlxvOTqGU4Am+7HOTizBf/ywh68qFpN5gkkn/9Ng=
x-amz-request-id: 56D85B575AB962A6
Date: Thu, 17 May 2018 02:29:04 GMT
Last-Modified: Wed, 15 Feb 2017 17:56:07 GMT
Etag: "00a513f07603df01e3b99be00f370754"
x-amz-version-id: null
Server: AmazonS3


--- Additional Info ---
                                        
                                            GET /detect/java.js?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: tslp.s3.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df
If-Modified-Since: Wed, 15 Feb 2017 14:38:28 GMT
If-None-Match: "2bec0061039dc3fb25fc20aaf611d5b9"

                                         
                                         52.216.134.83
HTTP/1.1 304 Not Modified
                                        
x-amz-id-2: R3aiOs2qZQ3yNGwkiV7cu+CDo0gkQw+k0oTGiEIcbrgxNe1fBT1Rp7x5JSjGA3jds4mgo4YXKcE=
x-amz-request-id: 5CB81045BCC2F887
Date: Thu, 17 May 2018 02:29:04 GMT
Last-Modified: Wed, 15 Feb 2017 14:38:28 GMT
Etag: "2bec0061039dc3fb25fc20aaf611d5b9"
x-amz-version-id: null
Server: AmazonS3


--- Additional Info ---
                                        
                                            GET /detect/realplayer.js?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: tslp.s3.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df
If-Modified-Since: Wed, 15 Feb 2017 14:45:02 GMT
If-None-Match: "3d7be656672c16a34806c13388410325"

                                         
                                         52.216.134.83
HTTP/1.1 304 Not Modified
                                        
x-amz-id-2: Gj0dY+fWhThX7tf7PL8QrqX3QwFTSnzgbBpjByZSBFWfUzXcQWw6FtSblm07R+7mEnqXS410ZP4=
x-amz-request-id: 1FF0B4B0555857C0
Date: Thu, 17 May 2018 02:29:04 GMT
Last-Modified: Wed, 15 Feb 2017 14:45:02 GMT
Etag: "3d7be656672c16a34806c13388410325"
x-amz-version-id: null
Server: AmazonS3


--- Additional Info ---
                                        
                                            GET /detect/wmp.js?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: tslp.s3.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df
If-Modified-Since: Wed, 15 Feb 2017 15:07:14 GMT
If-None-Match: "ffd2cc77bb64d40beeb5d561fffe1f79"

                                         
                                         52.216.134.83
HTTP/1.1 304 Not Modified
                                        
x-amz-id-2: 3kfqjJjEUBv2m1r1QlYKldMEpN9mYIHPPpsVD5qsVF3EZsl61gkahurm5iNK++KSNiz7LGqh+KY=
x-amz-request-id: 00EFD016B15A5142
Date: Thu, 17 May 2018 02:29:04 GMT
Last-Modified: Wed, 15 Feb 2017 15:07:14 GMT
Etag: "ffd2cc77bb64d40beeb5d561fffe1f79"
x-amz-version-id: null
Server: AmazonS3


--- Additional Info ---
                                        
                                            GET /detect/pdf.js?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: tslp.s3.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df
If-Modified-Since: Wed, 15 Feb 2017 14:39:34 GMT
If-None-Match: "0d5882d41c8b6e40059c8d9acbcf1518"

                                         
                                         52.216.134.83
HTTP/1.1 304 Not Modified
                                        
x-amz-id-2: gzqO4GyoxxZhSmZCkrDmrn0h8Vy0OUOF53WoOkRPJcErk8mLvx488oMTzwiEgw/Bg5L+kdC6QaM=
x-amz-request-id: 1E62CDE99DDB58B5
Date: Thu, 17 May 2018 02:29:04 GMT
Last-Modified: Wed, 15 Feb 2017 14:39:34 GMT
Etag: "0d5882d41c8b6e40059c8d9acbcf1518"
x-amz-version-id: null
Server: AmazonS3


--- Additional Info ---
                                        
                                            GET /detect/silverlight.js?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: tslp.s3.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df
If-Modified-Since: Wed, 15 Feb 2017 18:00:03 GMT
If-None-Match: "e6dd596d2bc204ea573b868b92028c26"

                                         
                                         52.216.134.83
HTTP/1.1 304 Not Modified
                                        
x-amz-id-2: HKOHfXRTdgrSMxiOkxgv7++c19z8yIjTOgfIa2lkdWoXftJ6TqMybk8g9BBjnwuTppkdmNi7p6s=
x-amz-request-id: 0FB3DC487A0E62B7
Date: Thu, 17 May 2018 02:29:04 GMT
Last-Modified: Wed, 15 Feb 2017 18:00:03 GMT
Etag: "e6dd596d2bc204ea573b868b92028c26"
x-amz-version-id: null
Server: AmazonS3


--- Additional Info ---
                                        
                                            GET /proxy/nvNxVBFEbd8Li-_2-1U8fXqU-TngKa3nLHopSB19-OHZa4LnTGkh240ECEgAxCarQ0uzw9LPU3dEf8ayimlwDRGplUPTTXSqY9YwOMpWewpP3Zox4WMH4qOQxcC0=s0-d-e1-ft HTTP/1.1 
Host: ci6.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df

                                         
                                         216.58.211.1
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400
Content-Disposition: attachment;filename="unnamed.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 17 May 2018 02:29:04 GMT
Server: fife
Content-Length: 26542
X-XSS-PROTECTION: 1; mode=block
Alt-Svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"


--- Additional Info ---
Magic:  PNG image, 525 x 149, 8-bit/color RGBA, non-interlaced
Size:   26542
Md5:    e603807d4262f6a9d12472e89b31cce6
Sha1:   2b4965e1c4ebfd6ac318303694717c8797c0bbd9
Sha256: fbab2df547adf2ec2f0a0f3003aab2cb9fda86459ef5290c9e9b38ac0d9b6851
                                        
                                            GET /proxy/wRTFWVbBDXIT6TpzCtjVMlE_E34jtz1FSKqixa-jlqttpJjXbo-G6z4Cu83sDZYstOiSFPHHo438rAC5q8X0CcWy7rj7-4SWPSZY0hB-JZmpjqwXnxw=s0-d-e1-ft HTTP/1.1 
Host: ci3.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df

                                         
                                         216.58.211.1
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400
Content-Disposition: attachment;filename="unnamed.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 17 May 2018 02:29:04 GMT
Server: fife
Content-Length: 11824
X-XSS-PROTECTION: 1; mode=block
Alt-Svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"


--- Additional Info ---
Magic:  PNG image, 283 x 283, 8-bit/color RGBA, non-interlaced
Size:   11824
Md5:    35aed4e1a61eac175407f84b6fd12585
Sha1:   79e40dabce9edf59d44271d6e74c416e254f787c
Sha256: 151b8a44a1f2bee8f06abf48e34b08b10e5cd15e1dfcf1f1b4a0fe5af55268d3
                                        
                                            GET /trace?id=undefined&msg=window.tracking_id%20is%20not%20set%2C%20let%27s%20get%20it&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: netbenefits-access.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df
Cookie: EXFILGUID=2fd205f05c; link_clicked_2fd205f05c=1; _ga=GA1.2.1848799807.1526524142; _gid=GA1.2.520873749.1526524142; _gat=1

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:04 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0c343185cc1c57430, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: 0ca9c35136d721b00c8a6822c5ec8fdb
X-Runtime: 0.002402
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /collect?v=1&_v=j67&a=1121474163&t=pageview&_s=1&dl=http%3A%2F%2Fnetbenefits-access.com%2Fload_training%3Fguid%3D2fd205f05c%26correlation_id%3D933d5bfa-1a6c-48f4-9991-b2a9aece41df&ul=en-us&de=UTF-8&sd=24-bit&sr=1176x885&vp=1159x775&je=1&fl=10.0%20r45&_u=AACAAEQ~&jid=&gjid=&cid=1848799807.1526524142&tid=UA-83403-17&_gid=520873749.1526524142&z=28814901 HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Allow-Origin: *
Date: Tue, 15 May 2018 09:28:45 GMT
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Server: Golfe2
Content-Length: 35
Cache-Control: no-cache, no-store, must-revalidate
Age: 147619


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            GET /trace?id=unknown&msg=get-id%20is%20undefined&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: netbenefits-access.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df
Cookie: EXFILGUID=2fd205f05c; link_clicked_2fd205f05c=1; _ga=GA1.2.1848799807.1526524142; _gid=GA1.2.520873749.1526524142; _gat=1

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:04 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0c54726b71f83fdfb, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: 8abd6010a678e433b8295c9572b872a6
X-Runtime: 0.002323
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /collect?v=1&_v=j67&a=1121474163&t=pageview&_s=2&dl=http%3A%2F%2Fnetbenefits-access.com%2Fload_training%3Fguid%3D2fd205f05c%26correlation_id%3D933d5bfa-1a6c-48f4-9991-b2a9aece41df&ul=en-us&de=UTF-8&sd=24-bit&sr=1176x885&vp=1159x775&je=1&fl=10.0%20r45&_u=QACAAEQ~&jid=&gjid=&cid=1848799807.1526524142&tid=UA-83403-17&_gid=520873749.1526524142&z=517174990 HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Allow-Origin: *
Date: Tue, 15 May 2018 09:28:45 GMT
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Server: Golfe2
Content-Length: 35
Cache-Control: no-cache, no-store, must-revalidate
Age: 147619


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            GET /trace?id=unknown&msg=did%20not%20find%20guid%20in%20last%20part%20of%20location&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: netbenefits-access.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df
Cookie: EXFILGUID=2fd205f05c; link_clicked_2fd205f05c=1; _ga=GA1.2.1848799807.1526524142; _gid=GA1.2.520873749.1526524142; _gat=1

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:04 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0c54726b71f83fdfb, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: d2cc0cbad9985c919e1da76b5a84c29c
X-Runtime: 0.002204
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /trace?id=2fd205f05c&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: netbenefits-access.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df
Cookie: EXFILGUID=2fd205f05c; link_clicked_2fd205f05c=1; _ga=GA1.2.1848799807.1526524142; _gid=GA1.2.520873749.1526524142; _gat=1

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:04 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0c343185cc1c57430, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: 57fe13e8a1063ef3aecda21b08310e73
X-Runtime: 0.002703
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /trace?id=2fd205f05c&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: netbenefits-access.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df
Cookie: EXFILGUID=2fd205f05c; link_clicked_2fd205f05c=1; _ga=GA1.2.1848799807.1526524142; _gid=GA1.2.520873749.1526524142; _gat=1

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:04 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0c54726b71f83fdfb, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: 019906ca6150e829fbc3d5af25ca88b1
X-Runtime: 0.002368
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /trace?id=2fd205f05c&msg=BrowserDetect%20-%20os%20%3D%20Windows&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: netbenefits-access.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df
Cookie: EXFILGUID=2fd205f05c; link_clicked_2fd205f05c=1; _ga=GA1.2.1848799807.1526524142; _gid=GA1.2.520873749.1526524142; _gat=1

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:05 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0df465a5b01d9ea0c, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: bf3e456e8cea46958e70b10c6ff2a5d3
X-Runtime: 0.002399
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /trace?id=2fd205f05c&msg=BrowserDetect%20-%20os_version%20%3D%206.1&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: netbenefits-access.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df
Cookie: EXFILGUID=2fd205f05c; link_clicked_2fd205f05c=1; _ga=GA1.2.1848799807.1526524142; _gid=GA1.2.520873749.1526524142; _gat=1

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:05 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0c343185cc1c57430, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: 54cc29a9177588d484866b72bf0a596e
X-Runtime: 0.001770
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /trace?id=2fd205f05c&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: netbenefits-access.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df
Cookie: EXFILGUID=2fd205f05c; link_clicked_2fd205f05c=1; _ga=GA1.2.1848799807.1526524142; _gid=GA1.2.520873749.1526524142; _gat=1

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:05 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0c54726b71f83fdfb, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: b6a068df06d09e2561633ec0ec96453e
X-Runtime: 0.002284
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /trace?id=2fd205f05c&msg=BrowserDetect%20-%20width%20%3D%201176&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: netbenefits-access.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df
Cookie: EXFILGUID=2fd205f05c; link_clicked_2fd205f05c=1; _ga=GA1.2.1848799807.1526524142; _gid=GA1.2.520873749.1526524142; _gat=1

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:05 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0c343185cc1c57430, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: 6b3e832227900c8bc3220df2f4afe01a
X-Runtime: 0.003087
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /trace?id=2fd205f05c&msg=BrowserDetect%20-%20browser_version%20%3D%203.6&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: netbenefits-access.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df
Cookie: EXFILGUID=2fd205f05c; link_clicked_2fd205f05c=1; _ga=GA1.2.1848799807.1526524142; _gid=GA1.2.520873749.1526524142; _gat=1

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:05 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0c343185cc1c57430, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: e1e08b9a61fa4ae7992a347a1571f979
X-Runtime: 0.002848
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /trace?id=2fd205f05c&msg=BrowserDetect%20-%20browser%20%3D%20Firefox&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: netbenefits-access.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df
Cookie: EXFILGUID=2fd205f05c; link_clicked_2fd205f05c=1; _ga=GA1.2.1848799807.1526524142; _gid=GA1.2.520873749.1526524142; _gat=1

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:05 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0df465a5b01d9ea0c, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: a59341d382979baf2c8082cca2cef4cb
X-Runtime: 0.002583
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /trace?id=2fd205f05c&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: netbenefits-access.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df
Cookie: EXFILGUID=2fd205f05c; link_clicked_2fd205f05c=1; _ga=GA1.2.1848799807.1526524142; _gid=GA1.2.520873749.1526524142; _gat=1

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:05 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0c54726b71f83fdfb, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: 6de321a70824c3e90d48fea73db39661
X-Runtime: 0.003032
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /trace?id=2fd205f05c&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: netbenefits-access.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df
Cookie: EXFILGUID=2fd205f05c; link_clicked_2fd205f05c=1; _ga=GA1.2.1848799807.1526524142; _gid=GA1.2.520873749.1526524142; _gat=1

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:05 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0c54726b71f83fdfb, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: b9632c97747328c753bad6e0e7cfec61
X-Runtime: 0.003039
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /trace?id=2fd205f05c&msg=BrowserDetect%20-%20height%20%3D%20885&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: netbenefits-access.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df
Cookie: EXFILGUID=2fd205f05c; link_clicked_2fd205f05c=1; _ga=GA1.2.1848799807.1526524142; _gid=GA1.2.520873749.1526524142; _gat=1

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:05 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0df465a5b01d9ea0c, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: 9ef305dd077e8053fb60bac508f64d53
X-Runtime: 0.001776
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /trace?id=2fd205f05c&msg=BrowserDetect%20-%20plugin%20Java%20Deployment%20Toolkit%207.0.50.5&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: netbenefits-access.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df
Cookie: EXFILGUID=2fd205f05c; link_clicked_2fd205f05c=1; _ga=GA1.2.1848799807.1526524142; _gid=GA1.2.520873749.1526524142; _gat=1

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:05 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0df465a5b01d9ea0c, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: cbc37c935faf312fe4707c2c61112294
X-Runtime: 0.002552
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /trace?id=2fd205f05c&msg=BrowserDetect%20-%20plugin%20Shockwave%20Flash&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: netbenefits-access.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df
Cookie: EXFILGUID=2fd205f05c; link_clicked_2fd205f05c=1; _ga=GA1.2.1848799807.1526524142; _gid=GA1.2.520873749.1526524142; _gat=1

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:05 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0c54726b71f83fdfb, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: aea677adb262f8d0106d400bf5f64160
X-Runtime: 0.002442
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /trace?id=2fd205f05c&msg=BrowserDetect%20-%20plugin%20Mozilla%20Default%20Plug-in&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: netbenefits-access.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df
Cookie: EXFILGUID=2fd205f05c; link_clicked_2fd205f05c=1; _ga=GA1.2.1848799807.1526524142; _gid=GA1.2.520873749.1526524142; _gat=1

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:05 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0c343185cc1c57430, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: 7b91b84f1ae895e32cce2cd99334eec2
X-Runtime: 0.003223
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /trace?id=2fd205f05c&msg=BrowserDetect%20-%20plugin%20Java(TM)%20Platform%20SE%207%20U5&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: netbenefits-access.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df
Cookie: EXFILGUID=2fd205f05c; link_clicked_2fd205f05c=1; _ga=GA1.2.1848799807.1526524142; _gid=GA1.2.520873749.1526524142; _gat=1

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:05 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0df465a5b01d9ea0c, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: 281011ef9af39dee148b7ffa7305901b
X-Runtime: 0.003196
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /trace?id=2fd205f05c&msg=BrowserDetect%20-%20plugin%20Adobe%20Acrobat&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: netbenefits-access.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df
Cookie: EXFILGUID=2fd205f05c; link_clicked_2fd205f05c=1; _ga=GA1.2.1848799807.1526524142; _gid=GA1.2.520873749.1526524142; _gat=1

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:05 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0df465a5b01d9ea0c, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: acfd15e256afa8ce77c77f53e2d31080
X-Runtime: 0.002384
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /trace?id=2fd205f05c&msg=BrowserDetect%20-%20plugin%20Windows%20Presentation%20Foundation&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: netbenefits-access.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df
Cookie: EXFILGUID=2fd205f05c; link_clicked_2fd205f05c=1; _ga=GA1.2.1848799807.1526524142; _gid=GA1.2.520873749.1526524142; _gat=1

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:05 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0c343185cc1c57430, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: 120a0a22b73730232509cb8bf6182237
X-Runtime: 0.002533
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /trace?id=2fd205f05c&msg=BrowserDetect%20-%20plugin%20Microsoft%C2%AE%20DRM&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: netbenefits-access.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df
Cookie: EXFILGUID=2fd205f05c; link_clicked_2fd205f05c=1; _ga=GA1.2.1848799807.1526524142; _gid=GA1.2.520873749.1526524142; _gat=1

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:05 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0c343185cc1c57430, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: 91ec80c56a5457353036f86bbcf279ee
X-Runtime: 0.002342
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /trace?id=2fd205f05c&msg=BrowserDetect%20-%20plugin%20Windows%20Media%20Player%20Plug-in%20Dynamic%20Link%20Library&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: netbenefits-access.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df
Cookie: EXFILGUID=2fd205f05c; link_clicked_2fd205f05c=1; _ga=GA1.2.1848799807.1526524142; _gid=GA1.2.520873749.1526524142; _gat=1

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:05 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0df465a5b01d9ea0c, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: 7b41b86341b8d283552847f48687ba86
X-Runtime: 0.002173
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /trace?id=2fd205f05c&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: netbenefits-access.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df
Cookie: EXFILGUID=2fd205f05c; link_clicked_2fd205f05c=1; _ga=GA1.2.1848799807.1526524142; _gid=GA1.2.520873749.1526524142; _gat=1

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:05 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0c54726b71f83fdfb, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: 442a3e1c79709782a6dba1b5d8f93e82
X-Runtime: 0.002048
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /trace?id=2fd205f05c&msg=java_version_pl%20%3D%201.7.0.5&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: netbenefits-access.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df
Cookie: EXFILGUID=2fd205f05c; link_clicked_2fd205f05c=1; _ga=GA1.2.1848799807.1526524142; _gid=GA1.2.520873749.1526524142; _gat=1

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:05 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0c343185cc1c57430, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: b2fb0f60263db719fde3b08eedf12db0
X-Runtime: 0.002054
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /trace?id=2fd205f05c&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: netbenefits-access.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df
Cookie: EXFILGUID=2fd205f05c; link_clicked_2fd205f05c=1; _ga=GA1.2.1848799807.1526524142; _gid=GA1.2.520873749.1526524142; _gat=1

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:05 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0df465a5b01d9ea0c, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: 7d0b1ef1678af28c7951d65eb0f98699
X-Runtime: 0.001809
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /trace?id=2fd205f05c&msg=java_version%20%3D%201.7.0.05&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: netbenefits-access.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df
Cookie: EXFILGUID=2fd205f05c; link_clicked_2fd205f05c=1; _ga=GA1.2.1848799807.1526524142; _gid=GA1.2.520873749.1526524142; _gat=1

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:06 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0c54726b71f83fdfb, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: 708514684fe8cf28b070eb9858bf50a7
X-Runtime: 0.002208
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /trace?id=2fd205f05c&msg=Loading%20flash%20version&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: netbenefits-access.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df
Cookie: EXFILGUID=2fd205f05c; link_clicked_2fd205f05c=1; _ga=GA1.2.1848799807.1526524142; _gid=GA1.2.520873749.1526524142; _gat=1

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:06 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0c343185cc1c57430, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: 7d0bc335c02de212b8b86366fde2e753
X-Runtime: 0.002164
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /trace?id=2fd205f05c&msg=java_version_jres%20%3D%201.7.0.05&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: netbenefits-access.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df
Cookie: EXFILGUID=2fd205f05c; link_clicked_2fd205f05c=1; _ga=GA1.2.1848799807.1526524142; _gid=GA1.2.520873749.1526524142; _gat=1

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:06 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0df465a5b01d9ea0c, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: e46cd031ad76663cbc96da082d57e722
X-Runtime: 0.002279
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /trace?id=2fd205f05c&msg=Loading%20quicktime%20version&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: netbenefits-access.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df
Cookie: EXFILGUID=2fd205f05c; link_clicked_2fd205f05c=1; _ga=GA1.2.1848799807.1526524142; _gid=GA1.2.520873749.1526524142; _gat=1

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:06 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0c54726b71f83fdfb, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: efb971429e8701eb1d1034b294a3e898
X-Runtime: 0.002462
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /trace?id=2fd205f05c&msg=flash%20%3D%2010.0.45.2&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: netbenefits-access.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df
Cookie: EXFILGUID=2fd205f05c; link_clicked_2fd205f05c=1; _ga=GA1.2.1848799807.1526524142; _gid=GA1.2.520873749.1526524142; _gat=1

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:06 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0c54726b71f83fdfb, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: 32c9c2c833ca726a1cd7a52d010d3359
X-Runtime: 0.004512
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /trace?id=2fd205f05c&msg=Loading%20pdf%20version&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: netbenefits-access.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df
Cookie: EXFILGUID=2fd205f05c; link_clicked_2fd205f05c=1; _ga=GA1.2.1848799807.1526524142; _gid=GA1.2.520873749.1526524142; _gat=1

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:06 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0c343185cc1c57430, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: fbb74bbf8972ea09b574313318a9d3ad
X-Runtime: 0.002271
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /trace?id=2fd205f05c&msg=pdf%20%3D%208.0.0.456&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: netbenefits-access.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df
Cookie: EXFILGUID=2fd205f05c; link_clicked_2fd205f05c=1; _ga=GA1.2.1848799807.1526524142; _gid=GA1.2.520873749.1526524142; _gat=1

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:06 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0df465a5b01d9ea0c, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: 0d09b11768fd12a2aeab036fb34008d1
X-Runtime: 0.002368
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /trace?id=2fd205f05c&msg=quicktime%20%3D%20unknown&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: netbenefits-access.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df
Cookie: EXFILGUID=2fd205f05c; link_clicked_2fd205f05c=1; _ga=GA1.2.1848799807.1526524142; _gid=GA1.2.520873749.1526524142; _gat=1

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:06 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0c343185cc1c57430, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: 5adfedb404a6e31a27027a6c64aeddbb
X-Runtime: 0.002236
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /trace?id=2fd205f05c&msg=Loading%20RealPlayer%20version&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: netbenefits-access.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df
Cookie: EXFILGUID=2fd205f05c; link_clicked_2fd205f05c=1; _ga=GA1.2.1848799807.1526524142; _gid=GA1.2.520873749.1526524142; _gat=1

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:06 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0df465a5b01d9ea0c, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: 80b55eeb76daf4010713f09867608caf
X-Runtime: 0.001693
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /trace?id=2fd205f05c&msg=realplayer%20%3D%20unknown&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: netbenefits-access.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df
Cookie: EXFILGUID=2fd205f05c; link_clicked_2fd205f05c=1; _ga=GA1.2.1848799807.1526524142; _gid=GA1.2.520873749.1526524142; _gat=1

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:06 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0df465a5b01d9ea0c, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: 619b1082fde85fc738d45850b52deb5b
X-Runtime: 0.002884
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /trace?id=2fd205f05c&msg=Loading%20Silverlight%20version&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: netbenefits-access.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df
Cookie: EXFILGUID=2fd205f05c; link_clicked_2fd205f05c=1; _ga=GA1.2.1848799807.1526524142; _gid=GA1.2.520873749.1526524142; _gat=1

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:06 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0c54726b71f83fdfb, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: df81dd477919380e2253f1c647c6d3bf
X-Runtime: 0.002319
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /trace?id=2fd205f05c&msg=silverlight%20%3D%20unknown&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: netbenefits-access.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df
Cookie: EXFILGUID=2fd205f05c; link_clicked_2fd205f05c=1; _ga=GA1.2.1848799807.1526524142; _gid=GA1.2.520873749.1526524142; _gat=1

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:06 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0c343185cc1c57430, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: 8c109d29366a555570200fc6cba3cdea
X-Runtime: 0.001914
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /trace?id=2fd205f05c&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: netbenefits-access.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df
Cookie: EXFILGUID=2fd205f05c; link_clicked_2fd205f05c=1; _ga=GA1.2.1848799807.1526524142; _gid=GA1.2.520873749.1526524142; _gat=1

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:06 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0df465a5b01d9ea0c, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: 627d5572caef9977b6584694da2e3fe5
X-Runtime: 0.002822
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /trace?id=2fd205f05c&msg=wmp%20%3D%20unknown&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: netbenefits-access.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df
Cookie: EXFILGUID=2fd205f05c; link_clicked_2fd205f05c=1; _ga=GA1.2.1848799807.1526524142; _gid=GA1.2.520873749.1526524142; _gat=1

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:06 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0c54726b71f83fdfb, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: 1b7caa2b7359fd253dcfd790ab621831
X-Runtime: 0.002416
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /trace?id=2fd205f05c&msg=training_page_no_browser_post&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: netbenefits-access.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df
Cookie: EXFILGUID=2fd205f05c; link_clicked_2fd205f05c=1; _ga=GA1.2.1848799807.1526524142; _gid=GA1.2.520873749.1526524142; _gat=1

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:06 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0c343185cc1c57430, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: 5308c7b4b490ebea1635decdd08f8f66
X-Runtime: 0.002263
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /trace?id=2fd205f05c&msg=redirect_url%20is%20undefined&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: netbenefits-access.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df
Cookie: EXFILGUID=2fd205f05c; link_clicked_2fd205f05c=1; _ga=GA1.2.1848799807.1526524142; _gid=GA1.2.520873749.1526524142; _gat=1

                                         
                                         52.202.140.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, private, max-age=0
Content-Encoding: gzip
Date: Thu, 17 May 2018 02:29:06 GMT
Etag: W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
X-Host-Info: lw-prd-us-i-0c54726b71f83fdfb, ; ba75ea3f6d2dcd7bde18f9e9916f2aa3955bdfdd
X-Rack-Cache: miss
X-Request-Id: ad2487a5763572fd5883f4fe0b481ac9
X-Runtime: 0.002109
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 21
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21
Md5:    d09653f3cd2c8475255535aee1fa6f6a
Sha1:   d0911d41eef8167c7adfc30f96d2046f3bf1bdb4
Sha256: 560e7e6603e98f268c30b08c81635323c2bce9a2a8c584aae5d9dfc2068da6c9
                                        
                                            GET /alt_pixel_click_2fd205f05c.gif?correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: netbenefits-access.com:49152
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98
Cookie: EXFILGUID=2fd205f05c; link_clicked_2fd205f05c=1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /trace?id=2fd205f05c&msg=Loading%20RealPlayer%20version&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /trace?id=2fd205f05c&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /secure/browser_single?id=8519927873&guid=2fd205f05c&k=java_version_pl&v=%221.7.0.5%22&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /trace?id=2fd205f05c&msg=java_version_pl%20%3D%201.7.0.5&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /trace?id=2fd205f05c&msg=quicktime%20%3D%20unknown&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /trace?id=2fd205f05c&msg=wmp%20%3D%20unknown&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /trace?id=2fd205f05c&msg=Loading%20pdf%20version&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /trace?id=2fd205f05c&msg=flash%20%3D%2010.0.45.2&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /trace?id=2fd205f05c&msg=Loading%20quicktime%20version&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /secure/browser_single?id=8519927873&guid=2fd205f05c&k=java_version&v=%221.7.0.05%22&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /secure/browser_single?id=8519927873&guid=2fd205f05c&k=jres&v=%5B%221.7.0_05%22%5D&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /trace?id=2fd205f05c&msg=pdf%20%3D%208.0.0.456&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /trace?id=2fd205f05c&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /trace?id=2fd205f05c&msg=browser_post_unsuccessful&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /secure/browser_single?id=8519927873&guid=2fd205f05c&k=adobe_pdf_version&v=%228.0.0.456%22&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /trace?id=2fd205f05c&msg=silverlight%20%3D%20unknown&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /trace?id=2fd205f05c&msg=java_version%20%3D%201.7.0.05&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /trace?id=2fd205f05c&msg=Loading%20Silverlight%20version&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /secure/browser_single?id=8519927873&guid=2fd205f05c&k=bd_browser_version&v=%223.6%22&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /secure/browser_single?id=8519927873&guid=2fd205f05c&k=correlation_id&v=%22933d5bfa-1a6c-48f4-9991-b2a9aece41df%22&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /trace?id=2fd205f05c&msg=realplayer%20%3D%20unknown&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /load_training?guid=2fd205f05c&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: netbenefits-access.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98
Cookie: EXFILGUID=2fd205f05c; link_clicked_2fd205f05c=1; _ga=GA1.2.1848799807.1526524142; _gid=GA1.2.520873749.1526524142; _gat=1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /secure/browser_single?id=8519927873&guid=2fd205f05c&k=java_version_jres&v=%221.7.0.05%22&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /trace?id=2fd205f05c&msg=Loading%20flash%20version&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /secure/browser_single?id=8519927873&guid=2fd205f05c&k=bd_hasLocalStorage&v=true&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /secure/browser_single?id=8519927873&guid=2fd205f05c&k=bd_hasSessionStorage&v=true&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /secure/browser_single?id=8519927873&guid=2fd205f05c&k=bd_hasCookies&v=true&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /secure/browser_single?id=8519927873&guid=2fd205f05c&k=bd_user_agent&v=%22Mozilla%2F5.0%20(Windows%253B%20U%253B%20Windows%20NT%206.1%253B%20en-US%253B%20rv%3A1.9.2.13)%20Gecko%2F20101203%20Firefox%2F3.6.13%22&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /secure/browser_single?id=8519927873&guid=2fd205f05c&k=bd_colorDepth&v=%2224%22&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /secure/browser_single?id=8519927873&guid=2fd205f05c&k=bd_width&v=%221176%22&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /secure/browser_single?id=8519927873&guid=2fd205f05c&k=bd_height&v=%22885%22&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /secure/browser_single?id=8519927873&guid=2fd205f05c&k=bd_ActiveXEnabled&v=false&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /secure/browser_single?id=8519927873&guid=2fd205f05c&k=bd_isIE&v=false&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /secure/browser_single?id=8519927873&guid=2fd205f05c&k=bd_verIE&v=null&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /secure/browser_single?id=8519927873&guid=2fd205f05c&k=bd_verIEtrue&v=null&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /secure/browser_single?id=8519927873&guid=2fd205f05c&k=bd_docModeIE&v=null&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /secure/browser_single?id=8519927873&guid=2fd205f05c&k=bd_isGecko&v=true&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /secure/browser_single?id=8519927873&guid=2fd205f05c&k=bd_isSafari&v=false&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /secure/browser_single?id=8519927873&guid=2fd205f05c&k=bd_verSafari&v=null&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /secure/browser_single?id=8519927873&guid=2fd205f05c&k=bd_isChrome&v=false&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /secure/browser_single?id=8519927873&guid=2fd205f05c&k=bd_verChrome&v=null&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /secure/browser_single?id=8519927873&guid=2fd205f05c&k=bd_isOpera&v=false&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /secure/browser_single?id=8519927873&guid=2fd205f05c&k=plugin_0&v=%7B%22name%22%3A%22Mozilla%20Default%20Plug-in%22%2C%22filename%22%3A%22npnul32.dll%22%2C%22description%22%3A%22Default%20Plug-in%22%7D&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /secure/browser_single?id=8519927873&guid=2fd205f05c&k=plugin_2&v=%7B%22name%22%3A%22Java%20Deployment%20Toolkit%207.0.50.5%22%2C%22filename%22%3A%22npDeployJava1.dll%22%2C%22description%22%3A%22NPRuntime%20Script%20Plug-in%20Library%20for%20Java(TM)%20Deploy%22%7D&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /secure/browser_single?id=8519927873&guid=2fd205f05c&k=plugin_3&v=%7B%22name%22%3A%22Java(TM)%20Platform%20SE%207%20U5%22%2C%22filename%22%3A%22npjp2.dll%22%2C%22description%22%3A%22Next%20Generation%20Java%20Plug-in%2010.5.0%20for%20Mozilla%20browsers%22%7D&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /secure/browser_single?id=8519927873&guid=2fd205f05c&k=plugin_4&v=%7B%22name%22%3A%22Windows%20Presentation%20Foundation%22%2C%22filename%22%3A%22NPWPF.dll%22%2C%22description%22%3A%22Windows%20Presentation%20Foundation%20(WPF)%20plug-in%20for%20Mozilla%20browsers%22%7D&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /secure/browser_single?id=8519927873&guid=2fd205f05c&k=plugin_5&v=%7B%22name%22%3A%22Java(TM)%20Platform%20SE%207%20U5%22%2C%22filename%22%3A%22npjpi170_05.dll%22%2C%22description%22%3A%22Classic%20Java%20Plug-in%2010.5.0%20for%20Netscape%20and%20Mozilla%22%7D&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /secure/browser_single?id=8519927873&guid=2fd205f05c&k=plugin_6&v=%7B%22name%22%3A%22Adobe%20Acrobat%22%2C%22filename%22%3A%22nppdf32.dll%22%2C%22description%22%3A%22Adobe%20PDF%20Plug-In%20For%20Firefox%20and%20Netscape%22%7D&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /secure/browser_single?id=8519927873&guid=2fd205f05c&k=plugin_7&v=%7B%22name%22%3A%22Microsoft%C2%AE%20DRM%22%2C%22filename%22%3A%22npdrmv2.dll%22%2C%22description%22%3A%22DRM%20Netscape%20Network%20Object%22%7D&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /secure/browser_single?id=8519927873&guid=2fd205f05c&k=plugin_9&v=%7B%22name%22%3A%22Microsoft%C2%AE%20DRM%22%2C%22filename%22%3A%22npwmsdrm.dll%22%2C%22description%22%3A%22DRM%20Store%20Netscape%20Plugin%22%7D&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /trace?id=2fd205f05c&msg=individual_send_successful&correlation_id=933d5bfa-1a6c-48f4-9991-b2a9aece41df HTTP/1.1 
Host: dataentry.threatsim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://netbenefits-access.com/rusia-2018-mexico/2fd205f05c?l=98

                                         
                                         0.0.0.0
                                        


--- Additional Info ---