| ocsp.r2m03.amazontrust.com/ | 3.164.222.26 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP3.164.222.26:0
Hash827ba9ea1b79133f30dcec2b0a88a974 6a2ecdab0e1250c3709f96f2ac69cea35c93836a cda13a291fcef2270a12f4b2686cba5f1f209374b5491a9cdcd7c04ffc93b0c5
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Mon, 06 May 2024 04:27:28 GMT
Last-Modified: Mon, 06 May 2024 03:45:47 GMT
Server: ECAcc (amb/6AC3)
X-Cache: Miss from cloudfront
Via: 1.1 79a8a1b412ce1417e50d9d69261c9066.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN53-P1
X-Amz-Cf-Id: WvxNcBulvPVyTNAO9brJ9bOxb3pxHIXmWVvpLaIFk67Kg3j1TRSTOg==
Age: 2502
|
|
| www.micrasoft-395office.com/assets/all.js?g=37cf237cfa | 52.210.231.227 | | 7.2 kB |
URL www.micrasoft-395office.com/assets/all.js?g=37cf237cfa IP52.210.231.227:0
File typeJavaScript source, ASCII text Hash097f74fc8f861ece148262a652ab806a 305ecb552c3ff6bd24b56333fab6e731eb81ed30 39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9
GET /assets/all.js?g=37cf237cfa HTTP/1.1
Host: www.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/Valentino/System/Update/1437cf22937cfa3d?l=42
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=37cf237cfa; link_clicked_37cf237cfa=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 06 May 2024 04:27:29 GMT
content-type: application/javascript
content-length: 7191
last-modified: Thu, 11 Apr 2024 12:55:27 GMT
vary: Accept-Encoding
content-encoding: gzip
server: ThreatSim-Web-Server
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=37cf237cfa&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 | 52.216.56.137 | 200 OK | 50 kB |
URL GET HTTP/1.1tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=37cf237cfa&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 IP52.216.56.137:443
Requested byhttps://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 CertificateIssuerAmazon Subject*.s3.amazonaws.com FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1 ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (306) Hash00a513f07603df01e3b99be00f370754 f0c03b1c50f39c95075df687cd55f18861631526 4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a
GET /detect/plugin_detect.js?guid=37cf237cfa&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: jQ+7dcOHVG6o24DZrJiEl+Xr2uRaN22KoJZ43UCtV/zrcrM9/G6YRNXI9Y9J8tSQrn/yG7cOo+8=
x-amz-request-id: 27BK9M953DD15YXW
Date: Mon, 06 May 2024 04:27:30 GMT
Last-Modified: Wed, 15 Feb 2017 17:56:07 GMT
ETag: "00a513f07603df01e3b99be00f370754"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 50085
|
|
| www.micrasoft-395office.com/favicon.ico | 52.210.231.227 | 200 OK | 0 B |
URL GET HTTP/2www.micrasoft-395office.com/favicon.ico IP52.210.231.227:443
Requested byhttps://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/Valentino/System/Update/1437cf22937cfa3d?l=42
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=37cf237cfa; link_clicked_37cf237cfa=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 06 May 2024 04:27:30 GMT
content-type: image/x-icon
content-length: 0
last-modified: Thu, 11 Apr 2024 12:55:27 GMT
etag: "6617ddbf-0"
server: ThreatSim-Web-Server
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.micrasoft-395office.com/trace?id=37cf237cfa&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 | 52.210.231.227 | | 523 B |
URL www.micrasoft-395office.com/trace?id=37cf237cfa&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 IP52.210.231.227:0
File typegzip compressed data, max compression, from Unix Hashf332d3c79fb908a737b74a913eca70f7 7bc30a61ba764ae24629a9925c8a1d69e986fcf9 5767adb3b6e823e231c2cc2796a219b4c75c5bf10e18c9c96a3069540adf0296
GET /trace?id=37cf237cfa&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 HTTP/1.1
Host: www.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/Valentino/System/Update/1437cf22937cfa3d?l=42
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=37cf237cfa; link_clicked_37cf237cfa=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 06 May 2024 04:27:29 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 9eb25d4f-e210-4f8b-9700-6bb6082265ee
x-runtime: 0.001919
x-host-info: lw-prod-eu-i-0acc5e90dd72f7192, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.micrasoft-395office.com/trace?id=37cf237cfa&msg=BrowserDetect%20-%20browser%20%3D%20Firefox&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 | 52.210.231.227 | | 11 kB |
URL www.micrasoft-395office.com/trace?id=37cf237cfa&msg=BrowserDetect%20-%20browser%20%3D%20Firefox&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 IP52.210.231.227:0
File typegzip compressed data, max compression, from Unix Hash3801c03d9a2ca4c05bb506464b1d8574 ca37f4b8c461bae797b4c71cb0a4710fb9dffbaa 9aa34e902ad8c47d2c67581f22066626909e1ec9af0afcbefe08a0b5eae8c884
GET /trace?id=37cf237cfa&msg=BrowserDetect%20-%20browser%20%3D%20Firefox&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 HTTP/1.1
Host: www.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/Valentino/System/Update/1437cf22937cfa3d?l=42
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=37cf237cfa; link_clicked_37cf237cfa=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 06 May 2024 04:27:29 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 58c0d0f3-89a7-43ef-bf73-e458d9dd4eca
x-runtime: 0.002341
x-host-info: lw-prod-eu-i-06164ae2ecae76ca0, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.micrasoft-395office.com/trace?id=37cf237cfa&msg=BrowserDetect%20-%20browser_version%20%3D%2096&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 | 52.210.231.227 | | 4.9 kB |
URL www.micrasoft-395office.com/trace?id=37cf237cfa&msg=BrowserDetect%20-%20browser_version%20%3D%2096&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 IP52.210.231.227:0
File typegzip compressed data, max compression, from Unix Hash5e57c660298a78cdbdbcd773f1fdd660 1a557b71faee9201de90f7f2795d6d95a1f74b79 6cf7536b6b9e9ee67c9a872e5d11e6975a7958357627ff997cda7cd44cbc9a94
GET /trace?id=37cf237cfa&msg=BrowserDetect%20-%20browser_version%20%3D%2096&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 HTTP/1.1
Host: www.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/Valentino/System/Update/1437cf22937cfa3d?l=42
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=37cf237cfa; link_clicked_37cf237cfa=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 06 May 2024 04:27:30 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 4bf4283a-d639-4637-b605-7f8ce4660dd6
x-runtime: 0.001747
x-host-info: lw-prod-eu-i-0630ecaca960f15d1, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.micrasoft-395office.com/trace?id=37cf237cfa&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 | 52.210.231.227 | | 9.3 kB |
URL www.micrasoft-395office.com/trace?id=37cf237cfa&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 IP52.210.231.227:0
File typegzip compressed data, max compression, from Unix Hash1d31b7f36cacbfa97e39bc05e7dde040 b64b09bdfddc9c592be01aa437e13d6f8469f689 d80c1e5b4404b5a35338e44da5103980b1497f811245880ceca929436d3187d8
GET /trace?id=37cf237cfa&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 HTTP/1.1
Host: www.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/Valentino/System/Update/1437cf22937cfa3d?l=42
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=37cf237cfa; link_clicked_37cf237cfa=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 06 May 2024 04:27:30 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: a13e8301-83cb-4c2d-a5c8-1bf5ea0f132c
x-runtime: 0.001337
x-host-info: lw-prod-eu-i-0acc5e90dd72f7192, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.micrasoft-395office.com/trace?id=37cf237cfa&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 | 52.210.231.227 | | 7.2 kB |
URL www.micrasoft-395office.com/trace?id=37cf237cfa&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 IP52.210.231.227:0
File typeJavaScript source, ASCII text Hash097f74fc8f861ece148262a652ab806a 305ecb552c3ff6bd24b56333fab6e731eb81ed30 39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9
GET /trace?id=37cf237cfa&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 HTTP/1.1
Host: www.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/Valentino/System/Update/1437cf22937cfa3d?l=42
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=37cf237cfa; link_clicked_37cf237cfa=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 06 May 2024 04:27:30 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 6968239d-75c7-4a0e-9a46-d14dbefa71fe
x-runtime: 0.001470
x-host-info: lw-prod-eu-i-0630ecaca960f15d1, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.micrasoft-395office.com/assets/ajax/libs/jquery/1.11.0/jquery.min.js | 52.210.231.227 | 200 OK | 34 kB |
URL GET HTTP/2www.micrasoft-395office.com/assets/ajax/libs/jquery/1.11.0/jquery.min.js IP52.210.231.227:443
Requested byhttps://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
File typegzip compressed data, max compression, from Unix Hash74d05f2c144e746ec51ccc953012c06a 31021fa7f50c54c1fbc790181e44822842cacc35 6d3b24c7f6530116d5a8c85b21dd6ca1d2a69c0e57047b25fb36f6106177046a
GET /assets/ajax/libs/jquery/1.11.0/jquery.min.js HTTP/1.1
Host: www.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=37cf237cfa; link_clicked_37cf237cfa=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 06 May 2024 04:27:31 GMT
content-type: application/javascript
last-modified: Thu, 11 Apr 2024 12:55:27 GMT
vary: Accept-Encoding
server: ThreatSim-Web-Server
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.micrasoft-395office.com/trace?id=37cf237cfa&msg=BrowserDetect%20-%20os_version%20%3D%20&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 | 52.210.231.227 | | 34 kB |
URL www.micrasoft-395office.com/trace?id=37cf237cfa&msg=BrowserDetect%20-%20os_version%20%3D%20&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 IP52.210.231.227:0
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65480) Hash0b6ecf17e30037994d3ffee51b525914 d09d3a99ed25d0f1fbe6856de9e14ffd33557256 f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
GET /trace?id=37cf237cfa&msg=BrowserDetect%20-%20os_version%20%3D%20&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 HTTP/1.1
Host: www.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/Valentino/System/Update/1437cf22937cfa3d?l=42
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=37cf237cfa; link_clicked_37cf237cfa=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 06 May 2024 04:27:30 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 6dd431b5-93da-4c14-9c43-08c00422066d
x-runtime: 0.001757
x-host-info: lw-prod-eu-i-034fcb0b4e2cb4302, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=37cf237cfa&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 | 52.216.56.137 | 200 OK | 50 kB |
URL GET HTTP/1.1tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=37cf237cfa&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 IP52.216.56.137:443
Requested byhttps://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 CertificateIssuerAmazon Subject*.s3.amazonaws.com FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1 ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (306) Hash00a513f07603df01e3b99be00f370754 f0c03b1c50f39c95075df687cd55f18861631526 4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a
GET /detect/plugin_detect.js?guid=37cf237cfa&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: XR/6xVol8Q/Cm4+Ye2A/oNtO3uoB9mTBFpC1w4fqUpoWhOD5GYXxJOMiGgzr2nxt4N2METQTVaE=
x-amz-request-id: G1R9ENHB7H5NRBNA
Date: Mon, 06 May 2024 04:27:32 GMT
Last-Modified: Wed, 15 Feb 2017 17:56:07 GMT
ETag: "00a513f07603df01e3b99be00f370754"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 50085
|
|
| www.micrasoft-395office.com/trace?id=37cf237cfa&msg=BrowserDetect%20-%20height%20%3D%201024&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 | 52.210.231.227 | | 491 B |
URL www.micrasoft-395office.com/trace?id=37cf237cfa&msg=BrowserDetect%20-%20height%20%3D%201024&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 IP52.210.231.227:0
File typegzip compressed data, max compression, from Unix Hash756955758217989651aefd30a0e265fb 032d2daeb276bf5a4ab3b129b98ab03334987e2d 9cee702b3080abdbfbdff4b41c97c45a951873b492e212caef95e18213629af9
GET /trace?id=37cf237cfa&msg=BrowserDetect%20-%20height%20%3D%201024&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 HTTP/1.1
Host: www.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/Valentino/System/Update/1437cf22937cfa3d?l=42
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=37cf237cfa; link_clicked_37cf237cfa=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 06 May 2024 04:27:30 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 6c19aeaf-8b1a-4fef-87fc-00d0235b6ce6
x-runtime: 0.001872
x-host-info: lw-prod-eu-i-034fcb0b4e2cb4302, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| tslp.s3.amazonaws.com/languages/language.18071.js | 52.216.56.137 | 200 OK | 8.2 kB |
URL GET HTTP/1.1tslp.s3.amazonaws.com/languages/language.18071.js IP52.216.56.137:443
Requested byhttps://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 CertificateIssuerAmazon Subject*.s3.amazonaws.com FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1 ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text Hash8b9a9d305bd69c962b600c08f3c69edf 9a907e240cdf81d8265c9fb1322cfe10ed027288 73f360f08e8c2a1719c098491e17d53cdaa98d246585bfd0285a2afad75c51a7
GET /languages/language.18071.js HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: VXwemDT+nVWFSTAegNWaHMDBhNAP58cW4ZCLO4wpTQCbd0uQryzm/qoaT2Nb/SA1eb2e/jjhiEY=
x-amz-request-id: G1RA85BWZ2YQJNVK
Date: Mon, 06 May 2024 04:27:32 GMT
Last-Modified: Fri, 26 Aug 2022 14:07:38 GMT
ETag: "8b9a9d305bd69c962b600c08f3c69edf"
x-amz-server-side-encryption: AES256
x-amz-version-id: U_kpSjDDW4npfowvZPZnd2_aKVkUaKPA
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Length: 8207
|
|
| fonts.gstatic.com/s/benchnine/v16/ahcbv8612zF4jxrwMosbUMl0.woff2 | 142.250.74.131 | 200 OK | 20 kB |
URL GET HTTP/2fonts.gstatic.com/s/benchnine/v16/ahcbv8612zF4jxrwMosbUMl0.woff2 IP142.250.74.131:443
Requested byhttps://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 20196, version 1.0 Hashd056bf3055437ed0bccae4176b65336e 9049f5482de61d9a66806a292701787d5524fb85 f60c3e8ac9f319f101cf1d20290469aba1eb7cdc63c64d092a02764beae55d9f
GET /s/benchnine/v16/ahcbv8612zF4jxrwMosbUMl0.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.micrasoft-395office.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20196
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:12:53 GMT
expires: Fri, 02 May 2025 02:12:53 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Apr 2022 19:06:50 GMT
content-type: font/woff2
age: 353678
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.micrasoft-395office.com/trace?id=37cf237cfa&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 | 52.210.231.227 | | 372 B |
URL www.micrasoft-395office.com/trace?id=37cf237cfa&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 IP52.210.231.227:0
File typegzip compressed data, max compression, from Unix Hashc95ff97d1024790d638e172045f09261 8397726ac08ce8a76558ec3346eb76e0e46a9445 b9f356324f87e13ba29600fdb96f695ea02edb425ef809fe81c1b9412f7b9871
GET /trace?id=37cf237cfa&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 HTTP/1.1
Host: www.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/Valentino/System/Update/1437cf22937cfa3d?l=42
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=37cf237cfa; link_clicked_37cf237cfa=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 06 May 2024 04:27:30 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: f95fb1c7-1edd-4b97-b6d9-5ebab59278d3
x-runtime: 0.001507
x-host-info: lw-prod-eu-i-06164ae2ecae76ca0, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/benchnine/v16/ahcev8612zF4jxrwMosT6-xhgmy9.woff2 | 142.250.74.131 | 200 OK | 20 kB |
URL GET HTTP/2fonts.gstatic.com/s/benchnine/v16/ahcev8612zF4jxrwMosT6-xhgmy9.woff2 IP142.250.74.131:443
Requested byhttps://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 20208, version 1.0 Hashe7b92dfcb712afa964f20d6d6f208d94 33602bf4239f1b1f84960d1920030dae82bc6c9d c36dfd12461ec822d8b6cd3ee8c04082152a0631e830bd208523590a523598cd
GET /s/benchnine/v16/ahcev8612zF4jxrwMosT6-xhgmy9.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.micrasoft-395office.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20208
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 06:10:59 GMT
expires: Sat, 03 May 2025 06:10:59 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Apr 2022 19:07:04 GMT
content-type: font/woff2
age: 252992
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.micrasoft-395office.com/trace?id=37cf237cfa&msg=BrowserDetect%20-%20plugin%20Chromium%20PDF%20Viewer&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 | 52.210.231.227 | | 28 kB |
URL www.micrasoft-395office.com/trace?id=37cf237cfa&msg=BrowserDetect%20-%20plugin%20Chromium%20PDF%20Viewer&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 IP52.210.231.227:0
File typegzip compressed data, max compression, from Unix Hashdbd7c71f377765c9d2ee0bd140c0e916 611a026ebcc21774fc7a5067fffd544e0c7f65a4 3e9374228507f47fe92117f8a333c12cab360621edf9c08883ae70308246b313
GET /trace?id=37cf237cfa&msg=BrowserDetect%20-%20plugin%20Chromium%20PDF%20Viewer&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 HTTP/1.1
Host: www.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/Valentino/System/Update/1437cf22937cfa3d?l=42
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=37cf237cfa; link_clicked_37cf237cfa=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 06 May 2024 04:27:30 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: c8f4827d-c4bf-498d-8c5d-ed00978d4252
x-runtime: 0.002200
x-host-info: lw-prod-eu-i-0acc5e90dd72f7192, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ts-lp-eu.s3.amazonaws.com/prod/758ded82-a15c-4/MTAzODItdmF.jpg | 52.218.36.201 | 200 OK | 5.7 kB |
URL GET HTTP/1.1ts-lp-eu.s3.amazonaws.com/prod/758ded82-a15c-4/MTAzODItdmF.jpg IP52.218.36.201:443
Requested byhttps://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 CertificateIssuerAmazon Subject*.s3.amazonaws.com FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1 ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT
File typePNG image data, 144 x 144, 8-bit/color RGBA, non-interlaced Hashaefda98c4815242aee603e822503c201 25f016da2702d8e4ef8c284e6d8ed801b448fc0d 7f2b22e225f1d79ed96a733955f2aae8670c33561a5aa8e02053ec50509aa83b
GET /prod/758ded82-a15c-4/MTAzODItdmF.jpg HTTP/1.1
Host: ts-lp-eu.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: TtUjShVq5VJXk41ZOrT8u1TQkdzjYq1XF38/3Cc+jb+N9nZPhzC7oAxn3JhMMaWHdxDCsKWaM3M=
x-amz-request-id: G1RCG9DP35VR0SSV
Date: Mon, 06 May 2024 04:27:32 GMT
Last-Modified: Tue, 23 Apr 2024 09:37:06 GMT
ETag: "aefda98c4815242aee603e822503c201"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 5749
|
|
| www.micrasoft-395office.com/trace?id=6337cf22337cfaa2&msg=BrowserDetect%20-%20browser%20%3D%20Firefox&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 | 52.210.231.227 | 200 OK | 20 B |
URL GET HTTP/2www.micrasoft-395office.com/trace?id=6337cf22337cfaa2&msg=BrowserDetect%20-%20browser%20%3D%20Firefox&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 IP52.210.231.227:443
Requested byhttps://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
File typegzip compressed data, max compression, from Unix Hash4a4dd3598707603b3f76a2378a4504aa a0fddd5458378c1bf3c10dd2f5c060d1347741ed f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=6337cf22337cfaa2&msg=BrowserDetect%20-%20browser%20%3D%20Firefox&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 HTTP/1.1
Host: www.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=37cf237cfa; link_clicked_37cf237cfa=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 06 May 2024 04:27:31 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 9df3f0b9-f038-4f10-b85b-f8eea7b72491
x-runtime: 0.001715
x-host-info: lw-prod-eu-i-034fcb0b4e2cb4302, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| d25q7gseii1o1q.cloudfront.net/training/how_it_works/transfer-docs.png | 143.204.42.177 | 200 OK | 2.3 kB |
URL GET HTTP/1.1d25q7gseii1o1q.cloudfront.net/training/how_it_works/transfer-docs.png IP143.204.42.177:443
Requested byhttps://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 CertificateIssuerAmazon Subject*.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File typePNG image data, 180 x 92, 8-bit/color RGBA, non-interlaced Hash0a86569f3b5f660cc111525c2d28454b 7d1594796dad9953efb6cd306757716166cdea39 18b4f27003cbeeeab9f2c44d80493b5dc689faff6cbbf96f6f7586584786922e
GET /training/how_it_works/transfer-docs.png HTTP/1.1
Host: d25q7gseii1o1q.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 2274
Connection: keep-alive
Date: Sun, 05 May 2024 17:29:52 GMT
Last-Modified: Fri, 30 May 2014 19:21:22 GMT
ETag: "0a86569f3b5f660cc111525c2d28454b"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: RnpHRHr7CpnWaxFlWY1Zv0e5CaVF3KNOYd1hCLqMgXO2zV3egPPkxg==
Age: 39460
|
|
| www.micrasoft-395office.com/trace?id=6337cf22337cfaa2&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 | 52.210.231.227 | 200 OK | 3.3 kB |
URL GET HTTP/2www.micrasoft-395office.com/trace?id=6337cf22337cfaa2&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 IP52.210.231.227:443
Requested byhttps://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
File typegzip compressed data, max compression, from Unix Hash94a0d36bc177c542fcc13d9318c2e48f 7604700c5f41765b9e918b3725f7f05bca2275bd cf5d73b8d6acfeca8b0cc9aef0a85e57099b4039b90884389a4ea691a88a2582
GET /trace?id=6337cf22337cfaa2&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 HTTP/1.1
Host: www.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=37cf237cfa; link_clicked_37cf237cfa=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 06 May 2024 04:27:31 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 958b94b7-a878-4025-89ea-4dcbd3476a45
x-runtime: 0.001254
x-host-info: lw-prod-eu-i-0acc5e90dd72f7192, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| d25q7gseii1o1q.cloudfront.net/training/how_it_works/office-staff.png | 143.204.42.177 | 200 OK | 4.4 kB |
URL GET HTTP/1.1d25q7gseii1o1q.cloudfront.net/training/how_it_works/office-staff.png IP143.204.42.177:443
Requested byhttps://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 CertificateIssuerAmazon Subject*.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File typePNG image data, 192 x 87, 8-bit/color RGBA, non-interlaced Hash6b3d39c6a48fa82a2dc10a9b91dd14f0 e205ff5957d673e712fbd28db90109b7135c33d9 67a2c3e319a6167b225580368016ae2a6a304aaee56f87121ae3b526c83ec817
GET /training/how_it_works/office-staff.png HTTP/1.1
Host: d25q7gseii1o1q.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 4373
Connection: keep-alive
Date: Sun, 05 May 2024 19:44:39 GMT
Last-Modified: Fri, 30 May 2014 19:21:22 GMT
ETag: "6b3d39c6a48fa82a2dc10a9b91dd14f0"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _zATtM8dNBkSQ2QCbvUGXuzhGNskvkfFj5EWLzfg0J92pjWDXjJ1jA==
Age: 31372
|
|
| www.micrasoft-395office.com/trace?id=unknown&msg=did%20not%20find%20guid%20in%20last%20part%20of%20location&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 | 52.210.231.227 | 200 OK | 4.3 kB |
URL GET HTTP/2www.micrasoft-395office.com/trace?id=unknown&msg=did%20not%20find%20guid%20in%20last%20part%20of%20location&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 IP52.210.231.227:443
Requested byhttps://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
File typegzip compressed data, max compression, from Unix Hash33e22cdf36d95b1df50fe5e89aeb7e60 92d1b8a59f66959fbfd4db1f4f3e2d2f7cc0c7eb b811131b18fbc35999bc2aabcb752b3235e477f54d5357d60b7b646d6a314096
GET /trace?id=unknown&msg=did%20not%20find%20guid%20in%20last%20part%20of%20location&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 HTTP/1.1
Host: www.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=37cf237cfa; link_clicked_37cf237cfa=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 06 May 2024 04:27:31 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 164c3d2a-5bd4-4f07-a571-30cdc0c0c037
x-runtime: 0.001404
x-host-info: lw-prod-eu-i-0630ecaca960f15d1, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.micrasoft-395office.com/log?id=37cf237cfa&campaign_guid=a30f5f4537&msg=logo_object%20exists | 52.210.231.227 | 200 OK | 2.1 kB |
URL GET HTTP/2www.micrasoft-395office.com/log?id=37cf237cfa&campaign_guid=a30f5f4537&msg=logo_object%20exists IP52.210.231.227:443
Requested byhttps://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
File typegzip compressed data, max compression, from Unix Hash56946f7a2e434acc4cfedebee4a09ee4 11bd9d72259a05ac46d60dde18188dc92a1af1a0 2c4d9d4105246859a064d7b7297a4f36013cc756a2e172d42c83cba799b1dbf9
GET /log?id=37cf237cfa&campaign_guid=a30f5f4537&msg=logo_object%20exists HTTP/1.1
Host: www.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=37cf237cfa; link_clicked_37cf237cfa=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 06 May 2024 04:27:31 GMT
content-type: image/gif; charset=utf-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 55e7ac8e-e4c3-467b-97bf-5b2aeab09b33
x-runtime: 0.001804
x-host-info: lw-prod-eu-i-0acc5e90dd72f7192, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.micrasoft-395office.com/trace?id=6337cf22337cfaa2&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 | 52.210.231.227 | 200 OK | 3.0 kB |
URL GET HTTP/2www.micrasoft-395office.com/trace?id=6337cf22337cfaa2&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 IP52.210.231.227:443
Requested byhttps://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
File typegzip compressed data, max compression, from Unix Hashf7dfa5d3b8a81280d05ae897b5078930 b410b6e318edcef17bfd8692cd46e026f1a801c1 ebbd22b304474255aa42de6b3755caacd92f846423881a6b12426f20d2070777
GET /trace?id=6337cf22337cfaa2&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 HTTP/1.1
Host: www.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=37cf237cfa; link_clicked_37cf237cfa=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 06 May 2024 04:27:31 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: c5c517e1-9ccb-461a-a388-d3ab1b24df79
x-runtime: 0.001256
x-host-info: lw-prod-eu-i-06164ae2ecae76ca0, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Amatic+SC | 142.250.74.74 | 200 OK | 8.2 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Amatic+SC IP142.250.74.74:443
Requested byhttps://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typegzip compressed data, max compression Hash7e6ee24afd30d6b61c6ca5e4d74d3d86 b55b723572abebd747fdaf32e3ef7ce8ad23bb0a ea260b29d958f74eb59415050f2f1222569c7b899a853dc0bbd830d9b152edef
GET /css?family=Amatic+SC HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 06 May 2024 04:27:31 GMT
date: Mon, 06 May 2024 04:27:31 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.micrasoft-395office.com/trace?id=undefined&msg=window.tracking_id%20is%20not%20set%2C%20let%27s%20get%20it&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 | 52.210.231.227 | 200 OK | 0 B |
URL GET HTTP/2www.micrasoft-395office.com/trace?id=undefined&msg=window.tracking_id%20is%20not%20set%2C%20let%27s%20get%20it&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 IP52.210.231.227:443
Requested byhttps://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trace?id=undefined&msg=window.tracking_id%20is%20not%20set%2C%20let%27s%20get%20it&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 HTTP/1.1
Host: www.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=37cf237cfa; link_clicked_37cf237cfa=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 06 May 2024 04:27:31 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 3bab24f1-5d9a-43fa-b743-2585bc9c1c7c
x-runtime: 0.001740
x-host-info: lw-prod-eu-i-034fcb0b4e2cb4302, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.micrasoft-395office.com/trace?id=unknown&msg=get-id%20is%20undefined&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 | 52.210.231.227 | 200 OK | 0 B |
URL GET HTTP/2www.micrasoft-395office.com/trace?id=unknown&msg=get-id%20is%20undefined&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 IP52.210.231.227:443
Requested byhttps://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trace?id=unknown&msg=get-id%20is%20undefined&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 HTTP/1.1
Host: www.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=37cf237cfa; link_clicked_37cf237cfa=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 06 May 2024 04:27:31 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: b5e46a7b-42f4-44a5-9070-504bbc9ce9cb
x-runtime: 0.001291
x-host-info: lw-prod-eu-i-06164ae2ecae76ca0, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.micrasoft-395office.com/trace?id=6337cf22337cfaa2&msg=Skipping%20Silverlight%20detection&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 | 52.210.231.227 | 200 OK | 0 B |
URL GET HTTP/2www.micrasoft-395office.com/trace?id=6337cf22337cfaa2&msg=Skipping%20Silverlight%20detection&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 IP52.210.231.227:443
Requested byhttps://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trace?id=6337cf22337cfaa2&msg=Skipping%20Silverlight%20detection&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 HTTP/1.1
Host: www.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=37cf237cfa; link_clicked_37cf237cfa=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 06 May 2024 04:27:31 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: d3774020-0ff9-4cad-83ce-492886a65e41
x-runtime: 0.001671
x-host-info: lw-prod-eu-i-06164ae2ecae76ca0, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=BenchNine:400,700 | 142.250.74.74 | 200 OK | 1.5 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=BenchNine:400,700 IP142.250.74.74:443
Requested byhttps://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (1540), with no line terminators Hash836ca6e4178ced9464ae50df62e56b88 7b92e35e8333e244dcd694179bb90e0ea163e53a 3de168dfe16544918a32da428d7c6dfda5473bae14ace622ee92ccb9b6955be4
GET /css?family=BenchNine:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 06 May 2024 04:27:31 GMT
date: Mon, 06 May 2024 04:27:31 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.micrasoft-395office.com/assets/all.js?guid=37cf237cfa&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 | 52.210.231.227 | 200 OK | 28 kB |
URL GET HTTP/2www.micrasoft-395office.com/assets/all.js?guid=37cf237cfa&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 IP52.210.231.227:443
Requested byhttps://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
File typeJavaScript source, ASCII text Hash097f74fc8f861ece148262a652ab806a 305ecb552c3ff6bd24b56333fab6e731eb81ed30 39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9
GET /assets/all.js?guid=37cf237cfa&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 HTTP/1.1
Host: www.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=37cf237cfa; link_clicked_37cf237cfa=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 06 May 2024 04:27:31 GMT
content-type: application/javascript
content-length: 7191
last-modified: Thu, 11 Apr 2024 12:55:30 GMT
vary: Accept-Encoding
content-encoding: gzip
server: ThreatSim-Web-Server
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| www.micrasoft-395office.com/trace?id=6337cf22337cfaa2&msg=BrowserDetect%20-%20plugin%20PDF%20Viewer&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 | 52.210.231.227 | 200 OK | 0 B |
URL GET HTTP/2www.micrasoft-395office.com/trace?id=6337cf22337cfaa2&msg=BrowserDetect%20-%20plugin%20PDF%20Viewer&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 IP52.210.231.227:443
Requested byhttps://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trace?id=6337cf22337cfaa2&msg=BrowserDetect%20-%20plugin%20PDF%20Viewer&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 HTTP/1.1
Host: www.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=37cf237cfa; link_clicked_37cf237cfa=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 06 May 2024 04:27:31 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 6744ec7d-b207-425d-9221-291f6c01bdb4
x-runtime: 0.002625
x-host-info: lw-prod-eu-i-034fcb0b4e2cb4302, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.micrasoft-395office.com/trace?id=6337cf22337cfaa2&msg=BrowserDetect%20-%20height%20%3D%201024&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 | 52.210.231.227 | 200 OK | 0 B |
URL GET HTTP/2www.micrasoft-395office.com/trace?id=6337cf22337cfaa2&msg=BrowserDetect%20-%20height%20%3D%201024&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 IP52.210.231.227:443
Requested byhttps://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trace?id=6337cf22337cfaa2&msg=BrowserDetect%20-%20height%20%3D%201024&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 HTTP/1.1
Host: www.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=37cf237cfa; link_clicked_37cf237cfa=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 06 May 2024 04:27:31 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 02d5c7c8-135f-4c09-afa0-c532e2dd2f8b
x-runtime: 0.001891
x-host-info: lw-prod-eu-i-0acc5e90dd72f7192, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/amaticsc/v26/TUZyzwprpvBS1izr_vOECuSf.woff2 | 142.250.74.131 | 200 OK | 28 kB |
URL GET HTTP/2fonts.gstatic.com/s/amaticsc/v26/TUZyzwprpvBS1izr_vOECuSf.woff2 IP142.250.74.131:443
Requested byhttps://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 28268, version 1.0 Hash984f3d0bafc2a066eeda8a0b64fe7a3c 79b1714ae47302c451d9150f648f3a4a622b3818 9ee1dd0b37fcea476e4142696cb034a466ad84101dff157b5dde311a02c8c35b
GET /s/amaticsc/v26/TUZyzwprpvBS1izr_vOECuSf.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.micrasoft-395office.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28268
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 17:30:24 GMT
expires: Fri, 02 May 2025 17:30:24 GMT
cache-control: public, max-age=31536000
age: 298627
last-modified: Thu, 24 Aug 2023 17:53:15 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.micrasoft-395office.com/trace?id=6337cf22337cfaa2&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 | 52.210.231.227 | 200 OK | 0 B |
URL GET HTTP/2www.micrasoft-395office.com/trace?id=6337cf22337cfaa2&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 IP52.210.231.227:443
Requested byhttps://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trace?id=6337cf22337cfaa2&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 HTTP/1.1
Host: www.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=37cf237cfa; link_clicked_37cf237cfa=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 06 May 2024 04:27:31 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 53d6184f-5d82-4282-97e9-c4b35161f63e
x-runtime: 0.001585
x-host-info: lw-prod-eu-i-0630ecaca960f15d1, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.micrasoft-395office.com/trace?id=6337cf22337cfaa2&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 | 52.210.231.227 | 200 OK | 0 B |
URL GET HTTP/2www.micrasoft-395office.com/trace?id=6337cf22337cfaa2&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 IP52.210.231.227:443
Requested byhttps://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trace?id=6337cf22337cfaa2&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 HTTP/1.1
Host: www.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=37cf237cfa; link_clicked_37cf237cfa=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 06 May 2024 04:27:31 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 21056306-4ee6-459d-a4c4-210e354144ed
x-runtime: 0.001317
x-host-info: lw-prod-eu-i-034fcb0b4e2cb4302, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.micrasoft-395office.com/trace?id=6337cf22337cfaa2&msg=BrowserDetect%20-%20plugin%20Chromium%20PDF%20Viewer&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 | 52.210.231.227 | 200 OK | 0 B |
URL GET HTTP/2www.micrasoft-395office.com/trace?id=6337cf22337cfaa2&msg=BrowserDetect%20-%20plugin%20Chromium%20PDF%20Viewer&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 IP52.210.231.227:443
Requested byhttps://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trace?id=6337cf22337cfaa2&msg=BrowserDetect%20-%20plugin%20Chromium%20PDF%20Viewer&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 HTTP/1.1
Host: www.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=37cf237cfa; link_clicked_37cf237cfa=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 06 May 2024 04:27:31 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 6fddd604-641b-4126-a63f-4bbd42a1878e
x-runtime: 0.001921
x-host-info: lw-prod-eu-i-0630ecaca960f15d1, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.micrasoft-395office.com/trace?id=6337cf22337cfaa2&msg=Skipping%20flash%20detection&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 | 52.210.231.227 | 200 OK | 0 B |
URL GET HTTP/2www.micrasoft-395office.com/trace?id=6337cf22337cfaa2&msg=Skipping%20flash%20detection&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 IP52.210.231.227:443
Requested byhttps://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trace?id=6337cf22337cfaa2&msg=Skipping%20flash%20detection&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 HTTP/1.1
Host: www.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=37cf237cfa; link_clicked_37cf237cfa=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 06 May 2024 04:27:31 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: ca74c406-308c-4c9f-b4a6-c31d0100fca3
x-runtime: 0.002218
x-host-info: lw-prod-eu-i-0630ecaca960f15d1, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| tslp.s3.amazonaws.com/languages/how_it_works/lang_en-US.json | 52.216.56.137 | 200 OK | 3.0 kB |
URL GET HTTP/1.1tslp.s3.amazonaws.com/languages/how_it_works/lang_en-US.json IP52.216.56.137:443
Requested byhttps://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 CertificateIssuerAmazon Subject*.s3.amazonaws.com FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1 ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (3068), with no line terminators Hashbcc605d72760e67dadb6d4275156b47d 58de9334cc340142d10b30a596aeebe901baf012 90dc84a87596fb3fc5a7aa7d7a043e4e2bcaa8768937e54e876c421cb9d49965
GET /languages/how_it_works/lang_en-US.json HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/
Origin: https://www.micrasoft-395office.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: h9RRGYnBCnZnu+VW+OWFxBnW36lFpjygZcdn4xAMf5xKo7Se3+gHZYYfgasydE/3C0odl/0y4Io=
x-amz-request-id: G1R9ZFH783FRYYH1
Date: Mon, 06 May 2024 04:27:32 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Last-Modified: Wed, 26 Jul 2023 17:07:29 GMT
ETag: "410c70bc4fab9e236733caec9ef0d9a8"
x-amz-server-side-encryption: AES256
x-amz-version-id: o.034VYcJV8oaI8eLFe1aEeUDzhB3PF4
Accept-Ranges: bytes
Content-Type: application/json
Server: AmazonS3
Content-Length: 2963
|
|
| www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 | 52.210.231.227 | 200 OK | 15 kB |
URL User Request GET HTTP/2www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 IP52.210.231.227:443
CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 HTTP/1.1
Host: www.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/Valentino/System/Update/1437cf22937cfa3d?l=42
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=37cf237cfa; link_clicked_37cf237cfa=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 06 May 2024 04:27:30 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
etag: W/"bd9be615bb8cc5e5911067afa96e48f6"
cache-control: max-age=0, private, must-revalidate
x-request-id: c90b4e54-5d4e-4214-bdce-c0f9517e4c43
x-runtime: 0.013101
x-host-info: lw-prod-eu-i-06164ae2ecae76ca0, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.micrasoft-395office.com/trace?id=6337cf22337cfaa2&msg=BrowserDetect%20-%20width%20%3D%201280&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 | 52.210.231.227 | 200 OK | 0 B |
URL GET HTTP/2www.micrasoft-395office.com/trace?id=6337cf22337cfaa2&msg=BrowserDetect%20-%20width%20%3D%201280&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 IP52.210.231.227:443
Requested byhttps://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trace?id=6337cf22337cfaa2&msg=BrowserDetect%20-%20width%20%3D%201280&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 HTTP/1.1
Host: www.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=37cf237cfa; link_clicked_37cf237cfa=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 06 May 2024 04:27:31 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 32a9a1c1-cd17-4abe-bd04-55c3b9fd6e68
x-runtime: 0.001360
x-host-info: lw-prod-eu-i-06164ae2ecae76ca0, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.micrasoft-395office.com/trace?id=6337cf22337cfaa2&msg=BrowserDetect%20-%20plugin%20WebKit%20built-in%20PDF&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 | 52.210.231.227 | 200 OK | 0 B |
URL GET HTTP/2www.micrasoft-395office.com/trace?id=6337cf22337cfaa2&msg=BrowserDetect%20-%20plugin%20WebKit%20built-in%20PDF&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 IP52.210.231.227:443
Requested byhttps://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trace?id=6337cf22337cfaa2&msg=BrowserDetect%20-%20plugin%20WebKit%20built-in%20PDF&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 HTTP/1.1
Host: www.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=37cf237cfa; link_clicked_37cf237cfa=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 06 May 2024 04:27:31 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 105dbd4a-1dbd-4812-b525-0afdda5fa30b
x-runtime: 0.002076
x-host-info: lw-prod-eu-i-034fcb0b4e2cb4302, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.micrasoft-395office.com/trace?id=6337cf22337cfaa2&msg=BrowserDetect%20-%20plugin%20Microsoft%20Edge%20PDF%20Viewer&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 | 52.210.231.227 | 200 OK | 0 B |
URL GET HTTP/2www.micrasoft-395office.com/trace?id=6337cf22337cfaa2&msg=BrowserDetect%20-%20plugin%20Microsoft%20Edge%20PDF%20Viewer&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 IP52.210.231.227:443
Requested byhttps://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trace?id=6337cf22337cfaa2&msg=BrowserDetect%20-%20plugin%20Microsoft%20Edge%20PDF%20Viewer&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 HTTP/1.1
Host: www.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=37cf237cfa; link_clicked_37cf237cfa=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 06 May 2024 04:27:31 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: d5c98602-3494-4fa1-ab21-2b5af75ec25f
x-runtime: 0.001763
x-host-info: lw-prod-eu-i-0acc5e90dd72f7192, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.micrasoft-395office.com/trace?id=6337cf22337cfaa2&msg=BrowserDetect%20-%20browser_version%20%3D%2096&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 | 52.210.231.227 | 200 OK | 0 B |
URL GET HTTP/2www.micrasoft-395office.com/trace?id=6337cf22337cfaa2&msg=BrowserDetect%20-%20browser_version%20%3D%2096&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 IP52.210.231.227:443
Requested byhttps://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trace?id=6337cf22337cfaa2&msg=BrowserDetect%20-%20browser_version%20%3D%2096&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 HTTP/1.1
Host: www.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=37cf237cfa; link_clicked_37cf237cfa=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 06 May 2024 04:27:31 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 62701081-2afc-45f0-ac00-8e8c23303f97
x-runtime: 0.001349
x-host-info: lw-prod-eu-i-06164ae2ecae76ca0, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.micrasoft-395office.com/trace?id=6337cf22337cfaa2&msg=BrowserDetect%20-%20os_version%20%3D%20&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 | 52.210.231.227 | 200 OK | 0 B |
URL GET HTTP/2www.micrasoft-395office.com/trace?id=6337cf22337cfaa2&msg=BrowserDetect%20-%20os_version%20%3D%20&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 IP52.210.231.227:443
Requested byhttps://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trace?id=6337cf22337cfaa2&msg=BrowserDetect%20-%20os_version%20%3D%20&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 HTTP/1.1
Host: www.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=37cf237cfa; link_clicked_37cf237cfa=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 06 May 2024 04:27:31 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 9e8be104-47ac-4e62-afd5-0765c86c6a7f
x-runtime: 0.001329
x-host-info: lw-prod-eu-i-0630ecaca960f15d1, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.micrasoft-395office.com/trace?id=6337cf22337cfaa2&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 | 52.210.231.227 | 200 OK | 0 B |
URL GET HTTP/2www.micrasoft-395office.com/trace?id=6337cf22337cfaa2&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 IP52.210.231.227:443
Requested byhttps://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trace?id=6337cf22337cfaa2&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 HTTP/1.1
Host: www.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=37cf237cfa; link_clicked_37cf237cfa=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 06 May 2024 04:27:31 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 756c6880-6139-47b1-8242-68800cdc7214
x-runtime: 0.001411
x-host-info: lw-prod-eu-i-0630ecaca960f15d1, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| d25q7gseii1o1q.cloudfront.net/training/how_it_works/spy-email.png | 143.204.42.177 | 200 OK | 2.1 kB |
URL GET HTTP/1.1d25q7gseii1o1q.cloudfront.net/training/how_it_works/spy-email.png IP143.204.42.177:443
Requested byhttps://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 CertificateIssuerAmazon Subject*.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File typePNG image data, 208 x 86, 8-bit colormap, non-interlaced Hashea2f9829972b7b49df6f3cfc6574ae6d 9ff42f567b78a3303b8322b297eed5128da44ce0 67b7dba0ebe8608d37fc33da66f771f34e5d05ccab76a898c99b7fba6f6fb9bf
GET /training/how_it_works/spy-email.png HTTP/1.1
Host: d25q7gseii1o1q.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 2061
Connection: keep-alive
Date: Mon, 06 May 2024 03:33:55 GMT
Last-Modified: Fri, 30 May 2014 19:21:22 GMT
ETag: "ea2f9829972b7b49df6f3cfc6574ae6d"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8VhLBQvsfnTl090javbi2XRGXzWDt5HYeSu_Plf5gnKdI39-9aH26Q==
Age: 3217
|
|
| www.micrasoft-395office.com/trace?id=6337cf22337cfaa2&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 | 52.210.231.227 | 200 OK | 0 B |
URL GET HTTP/2www.micrasoft-395office.com/trace?id=6337cf22337cfaa2&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 IP52.210.231.227:443
Requested byhttps://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trace?id=6337cf22337cfaa2&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 HTTP/1.1
Host: www.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=37cf237cfa; link_clicked_37cf237cfa=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 06 May 2024 04:27:31 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: af7303c6-6575-4bb2-9e28-cad1a2af286f
x-runtime: 0.001510
x-host-info: lw-prod-eu-i-0acc5e90dd72f7192, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| d25q7gseii1o1q.cloudfront.net/training/how_it_works/malware-mail.png | 143.204.42.177 | 200 OK | 3.2 kB |
URL GET HTTP/1.1d25q7gseii1o1q.cloudfront.net/training/how_it_works/malware-mail.png IP143.204.42.177:443
Requested byhttps://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 CertificateIssuerAmazon Subject*.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File typePNG image data, 150 x 82, 8-bit/color RGBA, non-interlaced Hash85716f6eec7bf6efa199d97f34689f07 c88da4df88a2f51a71c9d0a69091f4e1cb7f5afa ea81675d3b35a515651b0d5610e71ce648c890049f47f1da087c1b872858623e
GET /training/how_it_works/malware-mail.png HTTP/1.1
Host: d25q7gseii1o1q.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 3241
Connection: keep-alive
Last-Modified: Fri, 30 May 2014 19:21:22 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Sun, 05 May 2024 17:29:52 GMT
ETag: "85716f6eec7bf6efa199d97f34689f07"
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: IpelniNsKRsWsYf8e4Jh1eIBTv_hyGyk5nvl7qAqoR_53Nzf_oRqNg==
Age: 39460
|
|
| www.micrasoft-395office.com/trace?id=6337cf22337cfaa2&msg=Skipping%20pdf%20detection&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 | 52.210.231.227 | 200 OK | 0 B |
URL GET HTTP/2www.micrasoft-395office.com/trace?id=6337cf22337cfaa2&msg=Skipping%20pdf%20detection&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 IP52.210.231.227:443
Requested byhttps://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trace?id=6337cf22337cfaa2&msg=Skipping%20pdf%20detection&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 HTTP/1.1
Host: www.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=37cf237cfa; link_clicked_37cf237cfa=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 06 May 2024 04:27:31 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 6eb9fb5c-2e77-4cbd-931e-f351d903519b
x-runtime: 0.001435
x-host-info: lw-prod-eu-i-0acc5e90dd72f7192, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.micrasoft-395office.com/trace?id=6337cf22337cfaa2&msg=Skipping%20quicktime%20detection&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 | 52.210.231.227 | 200 OK | 0 B |
URL GET HTTP/2www.micrasoft-395office.com/trace?id=6337cf22337cfaa2&msg=Skipping%20quicktime%20detection&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 IP52.210.231.227:443
Requested byhttps://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trace?id=6337cf22337cfaa2&msg=Skipping%20quicktime%20detection&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 HTTP/1.1
Host: www.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=37cf237cfa; link_clicked_37cf237cfa=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 06 May 2024 04:27:31 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 4515d25d-26ee-460c-bbd5-7291812b124a
x-runtime: 0.001238
x-host-info: lw-prod-eu-i-0630ecaca960f15d1, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| tslp.s3.amazonaws.com/assets/js/training.js | 3.5.28.173 | 200 OK | 352 B |
URL GET HTTP/1.1tslp.s3.amazonaws.com/assets/js/training.js IP3.5.28.173:443
Requested byhttps://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 CertificateIssuerAmazon Subject*.s3.amazonaws.com FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1 ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (365), with no line terminators Hash3c7f5fd60686b49523236de4cbb32d69 4e9835b68d0a734cfaba922ef4de9ca086d9e07d 42723a08247f31d6d95f1305aa683f1337fc697e129b3167b463951614639863
GET /assets/js/training.js HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: HiiuB9i8tlCn+9qEa/UuM8x6Z3h4rRIwF4SvwMiJLFG3W8sw4rfYi3pRhIiiI46gwHo7xR2iCoFZTBRtHfFKlN5IB2l4vaON5Z6gxjSqmf8=
x-amz-request-id: G1RED89KDQHZQ2G2
Date: Mon, 06 May 2024 04:27:32 GMT
Last-Modified: Fri, 26 Aug 2022 14:07:38 GMT
ETag: "029ab28ca3c245dc425e3f3f6599d480"
x-amz-server-side-encryption: AES256
x-amz-version-id: 6KvPBARKn9Wl5VW3Hl_LtK2bIq68QrGH
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Length: 352
|
|
| www.micrasoft-395office.com/log?id=37cf237cfa&campaign_guid=a30f5f4537&msg=window.account_logo%20is%20set%20to%20https%3A%2F%2Fts-lp-eu.s3.amazonaws.com%2Fprod%2F758ded82-a15c-4%2FMTAzODItdmF.jpg | 52.210.231.227 | 200 OK | 0 B |
URL GET HTTP/2www.micrasoft-395office.com/log?id=37cf237cfa&campaign_guid=a30f5f4537&msg=window.account_logo%20is%20set%20to%20https%3A%2F%2Fts-lp-eu.s3.amazonaws.com%2Fprod%2F758ded82-a15c-4%2FMTAzODItdmF.jpg IP52.210.231.227:443
Requested byhttps://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /log?id=37cf237cfa&campaign_guid=a30f5f4537&msg=window.account_logo%20is%20set%20to%20https%3A%2F%2Fts-lp-eu.s3.amazonaws.com%2Fprod%2F758ded82-a15c-4%2FMTAzODItdmF.jpg HTTP/1.1
Host: www.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=37cf237cfa; link_clicked_37cf237cfa=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 06 May 2024 04:27:31 GMT
content-type: image/gif; charset=utf-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: fe52cf7e-4f39-4582-bea9-e939e6a0bfa6
x-runtime: 0.001985
x-host-info: lw-prod-eu-i-034fcb0b4e2cb4302, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.micrasoft-395office.com/trace?id=6337cf22337cfaa2&msg=Skipping%20WindowsMediaPlayer%20detection&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 | 52.210.231.227 | 200 OK | 0 B |
URL GET HTTP/2www.micrasoft-395office.com/trace?id=6337cf22337cfaa2&msg=Skipping%20WindowsMediaPlayer%20detection&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 IP52.210.231.227:443
Requested byhttps://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trace?id=6337cf22337cfaa2&msg=Skipping%20WindowsMediaPlayer%20detection&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 HTTP/1.1
Host: www.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=37cf237cfa; link_clicked_37cf237cfa=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 06 May 2024 04:27:31 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: ce4bf4fd-96e6-40da-a2fa-b0920868946a
x-runtime: 0.001069
x-host-info: lw-prod-eu-i-0acc5e90dd72f7192, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| d25q7gseii1o1q.cloudfront.net/training/how_it_works/malware-infect.png | 143.204.42.177 | 200 OK | 4.3 kB |
URL GET HTTP/1.1d25q7gseii1o1q.cloudfront.net/training/how_it_works/malware-infect.png IP143.204.42.177:443
Requested byhttps://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 CertificateIssuerAmazon Subject*.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File typePNG image data, 203 x 110, 8-bit/color RGBA, non-interlaced Hashdc2be8899631a535000a52f7d86d4947 4d192245f72b4f2c82a07a338050baa1a40b82e7 b7bf0daa121bf5923d1d8ea3b97197248df7c71ae72cafc060a0963bbdb56d3e
GET /training/how_it_works/malware-infect.png HTTP/1.1
Host: d25q7gseii1o1q.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 4314
Connection: keep-alive
Date: Sun, 05 May 2024 19:44:39 GMT
Last-Modified: Fri, 30 May 2014 19:21:21 GMT
ETag: "dc2be8899631a535000a52f7d86d4947"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: x9ogyMgJn34HyQZHBe1ovVsaGGwl7y4ZZgehHvzVAcDSqG-B7R2_Zg==
Age: 31372
|
|
| ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js | 142.250.74.170 | 200 OK | 93 kB |
URL GET HTTP/2ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js IP142.250.74.170:443
Requested byhttps://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ajax/libs/jquery/1.8.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33621
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 20:42:51 GMT
expires: Fri, 02 May 2025 20:42:51 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 287080
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.micrasoft-395office.com/trace?id=6337cf22337cfaa2&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Viewer&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 | 52.210.231.227 | 200 OK | 0 B |
URL GET HTTP/2www.micrasoft-395office.com/trace?id=6337cf22337cfaa2&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Viewer&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 IP52.210.231.227:443
Requested byhttps://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trace?id=6337cf22337cfaa2&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Viewer&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 HTTP/1.1
Host: www.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=37cf237cfa; link_clicked_37cf237cfa=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 06 May 2024 04:27:31 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: e527b78b-6411-4510-a74c-cc78cea8ec6b
x-runtime: 0.002026
x-host-info: lw-prod-eu-i-06164ae2ecae76ca0, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.micrasoft-395office.com/trace?id=6337cf22337cfaa2&msg=Skipping%20RealPlayer%20detection&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 | 52.210.231.227 | 200 OK | 0 B |
URL GET HTTP/2www.micrasoft-395office.com/trace?id=6337cf22337cfaa2&msg=Skipping%20RealPlayer%20detection&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 IP52.210.231.227:443
Requested byhttps://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trace?id=6337cf22337cfaa2&msg=Skipping%20RealPlayer%20detection&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 HTTP/1.1
Host: www.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=37cf237cfa; link_clicked_37cf237cfa=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 06 May 2024 04:27:31 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: c6a5f9ac-4ea0-4597-baa3-7af39e9ee34a
x-runtime: 0.001891
x-host-info: lw-prod-eu-i-034fcb0b4e2cb4302, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.micrasoft-395office.com/trace?id=6337cf22337cfaa2&msg=training_page_no_browser_post&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 | 52.210.231.227 | 200 OK | 0 B |
URL GET HTTP/2www.micrasoft-395office.com/trace?id=6337cf22337cfaa2&msg=training_page_no_browser_post&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 IP52.210.231.227:443
Requested byhttps://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trace?id=6337cf22337cfaa2&msg=training_page_no_browser_post&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 HTTP/1.1
Host: www.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=37cf237cfa; link_clicked_37cf237cfa=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 06 May 2024 04:27:31 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 093d5642-53ca-4aa8-9359-d3f46ffe3eab
x-runtime: 0.001604
x-host-info: lw-prod-eu-i-034fcb0b4e2cb4302, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.micrasoft-395office.com/trace?id=6337cf22337cfaa2&msg=redirect_url%20is%20undefined&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 | 52.210.231.227 | 200 OK | 0 B |
URL GET HTTP/2www.micrasoft-395office.com/trace?id=6337cf22337cfaa2&msg=redirect_url%20is%20undefined&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 IP52.210.231.227:443
Requested byhttps://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trace?id=6337cf22337cfaa2&msg=redirect_url%20is%20undefined&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 HTTP/1.1
Host: www.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=37cf237cfa; link_clicked_37cf237cfa=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 06 May 2024 04:27:31 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: a3e3bac3-2ee5-4e99-914d-fb31f85ca7dc
x-runtime: 0.001458
x-host-info: lw-prod-eu-i-06164ae2ecae76ca0, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.micrasoft-395office.com/trace?id=6337cf22337cfaa2&msg=Skipping%20java%20detection&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 | 52.210.231.227 | 200 OK | 0 B |
URL GET HTTP/2www.micrasoft-395office.com/trace?id=6337cf22337cfaa2&msg=Skipping%20java%20detection&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 IP52.210.231.227:443
Requested byhttps://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 CertificateIssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trace?id=6337cf22337cfaa2&msg=Skipping%20java%20detection&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4 HTTP/1.1
Host: www.micrasoft-395office.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.micrasoft-395office.com/load_training?guid=6337cf22337cfaa2&correlation_id=8da2bd79-a9ed-4891-bee5-0817bb182df4
DNT: 1
Connection: keep-alive
Cookie: EXFILGUID=37cf237cfa; link_clicked_37cf237cfa=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 06 May 2024 04:27:31 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: b411f61e-41a3-43c3-b928-fd5a9acd06cd
x-runtime: 0.001955
x-host-info: lw-prod-eu-i-06164ae2ecae76ca0, ; 7ab042967e623923e817fbc8931e097004f737c7
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|