login.micrasoft-office365.com/d260fff8e5131cb2?l=8
52.20.28.170200 OK 12 kB URL HTTP/1.1 login.micrasoft-office365.com/d260fff8e5131cb2?l=8
IP 52.20.28.170:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (31070)
Hash 5d7e28a6b8b84b829e8f5c1ea617e504
5fb490c5260ed726c491573760ef343935dadea7
71eed74de7c5bba02393b488e69b4e3045d80ebc9a0fcbde39be3c106b853b57
GET /d260fff8e5131cb2?l=8 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:18 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
ETag: W/"03b9a0e002541d77722d4a931f152a3f"
Cache-Control: max-age=0, private, must-revalidate
Set-Cookie: EXFILGUID=60fff5131c; path=/
link_clicked_60fff5131c=1; path=/
X-Request-Id: a7707cdc-dbd8-4f39-a32c-dbd2d9ab25b3
X-Runtime: 0.015428
X-Host-Info: lw-prod-us-i-0127738a57bfad526, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/
18.164.68.15200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 18.164.68.15:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 01 Oct 2022 04:02:25 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f138cee49761f5f7e3b88ec7b66614ee.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: KFdeJQrqCIreQDxV9p8iwhlhWkDt-X26Yk7ETSYhMEX4FTe-cLnG4w==
Age: 2633
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6dd4587c98aef98ad0939030a6976a7f
92dc5966ac2deb0c3ac7fdd02bf8d28f9239801e
a382476d14b6ae14003333e7acdfbbd9ae8775d4c1a7d5c31116f33987043cff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A382476D14B6AE14003333E7ACDFBBD9AE8775D4C1A7D5C31116F33987043CFF"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12869
Expires: Sat, 01 Oct 2022 08:20:47 GMT
Date: Sat, 01 Oct 2022 04:46:18 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
18.164.68.14200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 18.164.68.14:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 01 Oct 2022 03:33:18 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 c3941d2249641ec51690205d7b1084ac.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P4
x-amz-cf-id: PZtpsm-k7X6GQFOpV8xvW_KUg8G3450ftTu4c7Gk2OpZ7lfTXrmOew==
age: 4382
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 01 Oct 2022 04:46:18 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ef57d3747eeb3319369eb5c11141bc76
785adcab6fbac6813ef5233798e60ad12508ab12
10ef2e6ab889f07bb50ba058b8b3ac0be9ed1118af422d4ebe47927b6af3793c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4834
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 01 Oct 2022 04:46:18 GMT
Last-Modified: Sat, 01 Oct 2022 03:25:44 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
18.165.196.229200 OK 3.0 kB URL HTTP/1.1 d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
IP 18.165.196.229:0
File type ASCII text, with very long lines (6636), with no line terminators
Hash 6103bb5e4ec6141e19e1100caafc780c
1396838ef637042cbf702f6b5fdcd0281d93feb9
ccba3500aa323de51765587835fcd4842d46e4e2384e5cfd067506d0b6fc8a78
GET /bugsnag-2.min.js HTTP/1.1
Host: d2wy8f7a9ursnm.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 2962
Connection: keep-alive
Last-Modified: Wed, 10 Aug 2016 00:30:49 GMT
Content-Encoding: gzip
Accept-Ranges: bytes
Server: AmazonS3
Date: Thu, 29 Sep 2022 05:57:53 GMT
Cache-Control: public, max-age=604800
ETag: "6103bb5e4ec6141e19e1100caafc780c"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 04bb33465149b34afca4988622dca584.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: rBNtIh0HMiMc2YcAjm1cWLUfNOjZVBk_bhfhwHiKrU4XHxyfZL7lig==
Age: 168506
java.com/js/deployJava.js
96.6.16.111302 Found 0 B URL HTTP/2 java.com/js/deployJava.js
IP 96.6.16.111:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/deployJava.js HTTP/1.1
Host: java.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://login.micrasoft-office365.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: AkamaiGHost
content-length: 0
location: https://www.java.com/js/deployJava.js
cache-control: max-age=86400
expires: Sun, 02 Oct 2022 04:46:18 GMT
date: Sat, 01 Oct 2022 04:46:18 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
akamai-grn: 0.bc4d2417.1664599578.10df1563
set-cookie: akaalb_OCE_Failover=1664599638~op=JCOM_OCE:oceProdappJcomProdOrigin|~rv=15~m=oceProdappJcomProdOrigin:0|~os=2708f36cb43ca861e42dc0215e4669c5~id=7bad075f76f177ff5a2d5e74eacddcb6; path=/; Expires=Sat, 01 Oct 2022 04:47:18 GMT; Secure; SameSite=None
x-xss-protection: 1
X-Firefox-Spdy: h2
login.micrasoft-office365.com/assets/all.js?g=60fff5131c
52.20.28.170200 OK 7.2 kB URL HTTP/1.1 login.micrasoft-office365.com/assets/all.js?g=60fff5131c
IP 52.20.28.170:0
Hash db7c58fc21f4bbb0900fed3889f61df2
24047c64e0dbdbcc8eef175a42dc1911f7f8a6aa
5a1dcea95a97b018b93cc58089502fd2069d508c02088c0c6a49533fef91afb7
GET /assets/all.js?g=60fff5131c HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/d260fff8e5131cb2?l=8
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:18 GMT
Content-Type: application/javascript
Content-Length: 7191
Connection: keep-alive
Last-Modified: Thu, 25 Aug 2022 13:19:40 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Server: ThreatSim-Web-Server
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public
Access-Control-Allow-Origin: *
login.micrasoft-office365.com/assets/ajax/libs/jquery/1.9.1/jquery.min.js
52.20.28.170200 OK 33 kB URL HTTP/1.1 login.micrasoft-office365.com/assets/ajax/libs/jquery/1.9.1/jquery.min.js
IP 52.20.28.170:0
File type ASCII text, with very long lines (32089)
Hash 1dca01c6231917aabe380a98f67dae36
c6c800587eadd27a45cd29ef6d05742182e1454c
47126bab74ac1fd0c429292dfde3face2f931752c30e527888763166088b451c
GET /assets/ajax/libs/jquery/1.9.1/jquery.min.js HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/d260fff8e5131cb2?l=8
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:18 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 25 Aug 2022 13:19:40 GMT
Vary: Accept-Encoding
Server: ThreatSim-Web-Server
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public
Access-Control-Allow-Origin: *
Content-Encoding: gzip
www.java.com/js/deployJava.js
96.6.16.111200 OK 5.5 kB URL HTTP/2 www.java.com/js/deployJava.js
IP 96.6.16.111:0
File type HTML document, ASCII text, with very long lines (18444), with no line terminators
Hash 7f24f47af4c9617cb4d6f5642bf5938f
2b5514af68aeead50ee564396a4eae2997e54939
59ccf883b6624b37724c791977919c9116d1025c1a20def63f4fb8984d47b3e1
GET /js/deployJava.js HTTP/1.1
Host: www.java.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://login.micrasoft-office365.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-disposition: attachment; filename="deployJava.js";filename*=UTF-8''deployJava.js
content-encoding: gzip
etag: D07B023847CD4DC5C4ED4AB4FC46AD47BDD6E99A0663:19
x-content-type-options: nosniff
x-oracle-dms-ecid: b53b70d7-8e10-469f-a56c-440abaee13cc-0469beae
x-oracle-dms-rid: 0
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
content-length: 5512
vary: Accept-Encoding
unused62: 8096267
cache-control: public, max-age=86400
expires: Sun, 02 Oct 2022 04:46:18 GMT
date: Sat, 01 Oct 2022 04:46:18 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=36
akamai-grn: 0.bc4d2417.1664599578.10df1572
set-cookie: akaalb_OCE_Failover=1664599638~op=JCOM_OCE:oceProdappJcomProdOrigin|~rv=47~m=oceProdappJcomProdOrigin:0|~os=2708f36cb43ca861e42dc0215e4669c5~id=b0dee084d0b727e280761b349ffd83e0; path=/; Expires=Sat, 01 Oct 2022 04:47:18 GMT; Secure; SameSite=None
x-xss-protection: 1
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
18.165.196.18200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 18.165.196.18:0
Hash d69bcbbfd0d99ada42f4bd2899d1e388
b27f58d764abc3b45e1b85dc1470e357bc6c95bb
9d10935d7a08ce1ad7b0ad0c0b0be11aa53756e68b55a68423b023f205c953cc
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 01 Oct 2022 04:46:18 GMT
Last-Modified: Sat, 01 Oct 2022 03:18:29 GMT
Server: ECS (nyb/1D24)
X-Cache: Miss from cloudfront
Via: 1.1 d1187be634e389e2e876be936bba8e74.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: GgGFYJ9u7k5t3cGbhc1mCiOb7MeVnwi5_HcZd_x_WzVQzMrjpNBgiA==
Age: 5269
ocsp.sca1b.amazontrust.com/
18.165.196.18200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 18.165.196.18:0
Hash d69bcbbfd0d99ada42f4bd2899d1e388
b27f58d764abc3b45e1b85dc1470e357bc6c95bb
9d10935d7a08ce1ad7b0ad0c0b0be11aa53756e68b55a68423b023f205c953cc
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 01 Oct 2022 04:46:18 GMT
Last-Modified: Sat, 01 Oct 2022 03:34:29 GMT
Server: ECS (nyb/1D11)
X-Cache: Miss from cloudfront
Via: 1.1 955b5f6b59fedae13d00dcc66f7085f2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: N6bPjuhV6lDpraGXXpNcR-_1NujtoXXJEnDkYg-Pm60LF0kLvBKlVA==
Age: 4309
ocsp.sca1b.amazontrust.com/
18.165.196.18200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 18.165.196.18:0
Hash d69bcbbfd0d99ada42f4bd2899d1e388
b27f58d764abc3b45e1b85dc1470e357bc6c95bb
9d10935d7a08ce1ad7b0ad0c0b0be11aa53756e68b55a68423b023f205c953cc
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 01 Oct 2022 04:46:18 GMT
Last-Modified: Sat, 01 Oct 2022 03:37:49 GMT
Server: ECS (nyb/1D19)
X-Cache: Miss from cloudfront
Via: 1.1 04bb33465149b34afca4988622dca584.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: CvyYha3qAgJ4DVAKtN7tE4NqLC_Bcm22vklQxyTBMuGcauAK4UXQ8Q==
Age: 4109
ocsp.sca1b.amazontrust.com/
18.165.196.18200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 18.165.196.18:0
Hash d69bcbbfd0d99ada42f4bd2899d1e388
b27f58d764abc3b45e1b85dc1470e357bc6c95bb
9d10935d7a08ce1ad7b0ad0c0b0be11aa53756e68b55a68423b023f205c953cc
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 01 Oct 2022 04:46:18 GMT
Last-Modified: Sat, 01 Oct 2022 03:34:29 GMT
Server: ECS (nyb/1D23)
X-Cache: Miss from cloudfront
Via: 1.1 cb9d66c261e91793be744f629d6e309e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: ui1vj_yVl_fyZegoL9AnrIVqMXBAKUzdKZVZVwlZDilRJ0UZqxFO4A==
Age: 4309
ocsp.sca1b.amazontrust.com/
18.165.196.18200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 18.165.196.18:0
Hash d69bcbbfd0d99ada42f4bd2899d1e388
b27f58d764abc3b45e1b85dc1470e357bc6c95bb
9d10935d7a08ce1ad7b0ad0c0b0be11aa53756e68b55a68423b023f205c953cc
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 01 Oct 2022 04:46:18 GMT
Last-Modified: Sat, 01 Oct 2022 03:37:33 GMT
Server: ECS (nyb/1D14)
X-Cache: Miss from cloudfront
Via: 1.1 507372273c5029d1ae2439349f7f1458.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: fkowWDO5SaiD7fdZ4hZbjL4YIoQh-PnvCHCXIuEGeRNKCKa98x2eng==
Age: 4125
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
18.164.68.15200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 18.164.68.15:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Sat, 01 Oct 2022 04:33:04 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sat, 01 Oct 2022 05:08:40 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 c3ac810888cb46ee4166354c2171bcde.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: bDzTbZFIePGgvm0foxbLltNh6vD0c2nmjhVqd98KhrUo3BNcbxYZoA==
Age: 805
tslp.s3.amazonaws.com/detect/flash.js?guid=60fff5131c&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.216.249.236200 OK 6.7 kB URL HTTP/1.1 tslp.s3.amazonaws.com/detect/flash.js?guid=60fff5131c&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.216.249.236:0
Hash f9ad9a096894ba248e4a1f73e7eba1be
f2449ce5f7a5c42ffdcc5f087a75b2513e73592c
a26d01d5912459798481786640dc44fd7605d09f2f9e6dd24720205efcab6861
GET /detect/flash.js?guid=60fff5131c&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://login.micrasoft-office365.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: IA53+MMN6s7r978bSiQLKfNTJwjeGb3AXHgjkYR6bBSDzlXHM4z5ihxCUpzkCLYqbVoKeRl+x+o=
x-amz-request-id: FQ2GK3NB8N6YYWG5
Date: Sat, 01 Oct 2022 04:46:19 GMT
Last-Modified: Wed, 15 Feb 2017 03:54:01 GMT
ETag: "f9ad9a096894ba248e4a1f73e7eba1be"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 6680
tslp.s3.amazonaws.com/detect/realplayer.js?guid=60fff5131c&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.216.249.236200 OK 9.8 kB URL HTTP/1.1 tslp.s3.amazonaws.com/detect/realplayer.js?guid=60fff5131c&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.216.249.236:0
Hash 3d7be656672c16a34806c13388410325
c391646c980c60d75c35b33a974c97ae88114eef
88be902cc76b5ec1ec932b6ae93457b6b0ca69d7a36bfadefc2f24db225dc238
GET /detect/realplayer.js?guid=60fff5131c&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://login.micrasoft-office365.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: zusYqj4iAOUzJqx5WBYmXRx6FtVl9ZaNKIfjwe8ljXf82Fi4hM464qnsbtVyj8FVJXnHc535D9Y=
x-amz-request-id: FQ2GBSJQZ6ATFRQ4
Date: Sat, 01 Oct 2022 04:46:19 GMT
Last-Modified: Wed, 15 Feb 2017 14:45:02 GMT
ETag: "3d7be656672c16a34806c13388410325"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 9775
tslp.s3.amazonaws.com/detect/quicktime.js?guid=60fff5131c&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.216.249.236200 OK 7.0 kB URL HTTP/1.1 tslp.s3.amazonaws.com/detect/quicktime.js?guid=60fff5131c&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.216.249.236:0
File type ASCII text, with very long lines (322)
Hash ee73f2f47d51116dc40b85a6b57eaf20
6c42011667bac1fa6c3272a11b510f22962d72a2
6ae53963f41133561c78b4332b564c01f551c471cd91d980436a9f5dacdd8f19
GET /detect/quicktime.js?guid=60fff5131c&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://login.micrasoft-office365.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: hpg8IYE+K/a9cu6yh94TzPXLN7Xb4ByYOyorSh1I+zo+YOkfYMASIxefuSqyusH1ogrHzCm9Fco=
x-amz-request-id: FQ2S7Z9QPAH1NCT0
Date: Sat, 01 Oct 2022 04:46:19 GMT
Last-Modified: Wed, 15 Feb 2017 14:41:05 GMT
ETag: "ee73f2f47d51116dc40b85a6b57eaf20"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 6999
tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=60fff5131c&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.216.249.236200 OK 50 kB URL HTTP/1.1 tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=60fff5131c&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.216.249.236:0
File type ASCII text, with very long lines (306)
Hash 00a513f07603df01e3b99be00f370754
f0c03b1c50f39c95075df687cd55f18861631526
4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a
GET /detect/plugin_detect.js?guid=60fff5131c&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://login.micrasoft-office365.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 2xhdAV1Kz0IHqnILx31+XO4manqSUE9tGK+g+3X8pN3LipI4pGPhBGb9GE58lrYKDLinMmGWgzU=
x-amz-request-id: FQ2PXP1GZC0M4D94
Date: Sat, 01 Oct 2022 04:46:19 GMT
Last-Modified: Wed, 15 Feb 2017 17:56:07 GMT
ETag: "00a513f07603df01e3b99be00f370754"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 50085
tslp.s3.amazonaws.com/detect/pdf.js?guid=60fff5131c&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.216.249.236200 OK 23 kB URL HTTP/1.1 tslp.s3.amazonaws.com/detect/pdf.js?guid=60fff5131c&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.216.249.236:0
Hash 0d5882d41c8b6e40059c8d9acbcf1518
53103565f3c07416fc691583a43a91943dbf0809
d9b7c6163477008469af64b211e2dbd4f4171b85b51e3714f11c99f9ba2c32f9
GET /detect/pdf.js?guid=60fff5131c&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://login.micrasoft-office365.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 6ofHg4gK7jaDCj0DAtvWg7oSqUgNGnGyz8wKlSMRrbbXyIByZ1fy0mzJkt9StdlzkPEuhQHIdvw=
x-amz-request-id: FQ2YGHC2K3R9S8WP
Date: Sat, 01 Oct 2022 04:46:19 GMT
Last-Modified: Wed, 15 Feb 2017 14:39:34 GMT
ETag: "0d5882d41c8b6e40059c8d9acbcf1518"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 22855
tslp.s3.amazonaws.com/detect/java.js?guid=60fff5131c&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.216.249.236200 OK 51 kB URL HTTP/1.1 tslp.s3.amazonaws.com/detect/java.js?guid=60fff5131c&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.216.249.236:0
Hash 2bec0061039dc3fb25fc20aaf611d5b9
dfc11b0662ac5950d309e2615e887032dd1dde0c
4805fc6abdad8075af2165e241b781c3073d4769ae725e4004bf79064acb5f24
GET /detect/java.js?guid=60fff5131c&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://login.micrasoft-office365.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: n1ZTwxIvFfq8Ai3VSEjNyMLt5lTG2nulZIhcB972BB0FCtumXn3KNGZ0DCW4GCoDcp7BV+8xy7w=
x-amz-request-id: FQ2P2SY6M3S76H8X
Date: Sat, 01 Oct 2022 04:46:19 GMT
Last-Modified: Wed, 15 Feb 2017 14:38:28 GMT
ETag: "2bec0061039dc3fb25fc20aaf611d5b9"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 50717
tslp.s3.amazonaws.com/detect/silverlight.js?guid=60fff5131c&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.216.249.236200 OK 4.2 kB URL HTTP/1.1 tslp.s3.amazonaws.com/detect/silverlight.js?guid=60fff5131c&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.216.249.236:0
Hash e6dd596d2bc204ea573b868b92028c26
fa58bba4c9a01b3764a881949a8423b773d8a338
0730a7e6770925fa4232096e4d9874514985ec791a63fe873f0e4e3cd7722381
GET /detect/silverlight.js?guid=60fff5131c&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://login.micrasoft-office365.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: omV98DryNyV6UIxHeWLCUU8El8LF68nrXR3vJqvD4Dt3vU3+mZ7W/FUPd3/2gH72MrkCCVW+wmU=
x-amz-request-id: JQ3MGXPKFCW9NJNM
Date: Sat, 01 Oct 2022 04:46:20 GMT
Last-Modified: Wed, 15 Feb 2017 18:00:03 GMT
ETag: "e6dd596d2bc204ea573b868b92028c26"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 4234
tslp.s3.amazonaws.com/detect/wmp.js?guid=60fff5131c&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.216.249.236200 OK 5.9 kB URL HTTP/1.1 tslp.s3.amazonaws.com/detect/wmp.js?guid=60fff5131c&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.216.249.236:0
Hash ffd2cc77bb64d40beeb5d561fffe1f79
6cb535641677d27e4de591ceb3c4e2f408826e7d
cdb16ca3ddd3cead71121799751fa80d3033375abcdbc5fc84d35fb82c7fc9de
GET /detect/wmp.js?guid=60fff5131c&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://login.micrasoft-office365.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: qLobTcYUjd11R9qkCRkeC0+iAPUfB3pvp6t5p/toPBq1HmYiu04GnwmH2zAZaSgTnjY0OyR49YI=
x-amz-request-id: JQ3PDVDRNTWPB4YG
Date: Sat, 01 Oct 2022 04:46:20 GMT
Last-Modified: Wed, 15 Feb 2017 15:07:14 GMT
ETag: "ffd2cc77bb64d40beeb5d561fffe1f79"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 5941
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d1be374a29f94481ff2c021e35f4eaa0
e05e92d94b5e434e9935e560fd8dc33bdc393aea
37a5132d2183f5c3bfaac5c89df691fea72cac4423110df88bdeb231f430deee
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1646
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 01 Oct 2022 04:46:19 GMT
Last-Modified: Sat, 01 Oct 2022 04:18:53 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
login.micrasoft-office365.com/trace?id=60fff5131c&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=60fff5131c&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=60fff5131c&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/d260fff8e5131cb2?l=8
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 2f8627c8-10de-4d3f-9997-a2da1075ddb5
X-Runtime: 0.002534
X-Host-Info: lw-prod-us-i-08b8680cf3c18b5b1, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/trace?id=60fff5131c&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=60fff5131c&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=60fff5131c&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/d260fff8e5131cb2?l=8
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 8bfb7db8-aa32-4da8-ad9a-971bb59d2b69
X-Runtime: 0.002696
X-Host-Info: lw-prod-us-i-0127738a57bfad526, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/trace?id=60fff5131c&msg=BrowserDetect%20-%20os_version%20%3D%20&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=60fff5131c&msg=BrowserDetect%20-%20os_version%20%3D%20&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=60fff5131c&msg=BrowserDetect%20-%20os_version%20%3D%20&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/d260fff8e5131cb2?l=8
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 7c29938b-ca4c-41c4-be2c-7d39de534a2b
X-Runtime: 0.002589
X-Host-Info: lw-prod-us-i-036429de2146341a4, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/secure/browser_post
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/secure/browser_post
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
POST /secure/browser_post HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/d260fff8e5131cb2?l=8
X-NewRelic-ID: XQ4GVVFACQAAU1dSDgQCVA==
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6Ijk4MTQ3IiwiYXAiOiIxMzA3NjEzMzY2IiwiaWQiOiJjNTc5ZWY5MDc0MzdjNThiIiwidHIiOiJmNzViNTZlZWMwOTE3NmQwYmVlNGZjYTdhNjU4ZWZmZSIsInRpIjoxNjY0NTk5NTc1Nzg3LCJ0ayI6IjE1MDY5MjQifX0=
traceparent: 00-f75b56eec09176d0bee4fca7a658effe-c579ef907437c58b-01
tracestate: 1506924@nr=0-1-98147-1307613366-c579ef907437c58b----1664599575787
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 1079
Origin: http://login.micrasoft-office365.com
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:19 GMT
Content-Type: image/gif; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Vary: Accept-Encoding, Accept
Cache-Control: no-cache
X-Request-Id: f163559c-b877-4a69-8efb-56b26f1dceef
X-Runtime: 0.007228
X-Host-Info: lw-prod-us-i-0fd22a97a28557dff, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/trace?id=60fff5131c&msg=BrowserDetect%20-%20browser_version%20%3D%2096&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=60fff5131c&msg=BrowserDetect%20-%20browser_version%20%3D%2096&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=60fff5131c&msg=BrowserDetect%20-%20browser_version%20%3D%2096&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/d260fff8e5131cb2?l=8
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 0a400295-8b52-44b0-87c7-eebdfde49814
X-Runtime: 0.003148
X-Host-Info: lw-prod-us-i-0127738a57bfad526, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/trace?id=60fff5131c&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=60fff5131c&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=60fff5131c&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/d260fff8e5131cb2?l=8
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 98d0609f-7265-499a-bc66-b274a4c2334c
X-Runtime: 0.002264
X-Host-Info: lw-prod-us-i-08b8680cf3c18b5b1, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/trace?id=60fff5131c&msg=BrowserDetect%20-%20browser%20%3D%20Firefox&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=60fff5131c&msg=BrowserDetect%20-%20browser%20%3D%20Firefox&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=60fff5131c&msg=BrowserDetect%20-%20browser%20%3D%20Firefox&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/d260fff8e5131cb2?l=8
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 78727ec7-6cd7-42ae-a33a-a10bbafcb897
X-Runtime: 0.002703
X-Host-Info: lw-prod-us-i-08b8680cf3c18b5b1, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/trace?id=60fff5131c&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=60fff5131c&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=60fff5131c&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/d260fff8e5131cb2?l=8
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 81e6287a-b204-4168-9bc2-67c89e3da1df
X-Runtime: 0.003470
X-Host-Info: lw-prod-us-i-0127738a57bfad526, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/trace?id=60fff5131c&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=60fff5131c&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=60fff5131c&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/d260fff8e5131cb2?l=8
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: bc19f047-61af-457c-a58c-2ad6ea674b66
X-Runtime: 0.002618
X-Host-Info: lw-prod-us-i-0fd22a97a28557dff, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
push.services.mozilla.com/
100.20.30.105101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 100.20.30.105:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: r2w0db4LnA431f7S9rIG8A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: GF7qRk3ADI0tl9WnRzdxAmhwHxg=
login.micrasoft-office365.com/trace?id=60fff5131c&msg=BrowserDetect%20-%20width%20%3D%201280&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=60fff5131c&msg=BrowserDetect%20-%20width%20%3D%201280&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=60fff5131c&msg=BrowserDetect%20-%20width%20%3D%201280&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/d260fff8e5131cb2?l=8
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 9e5d1f09-52e9-4719-88b8-6548410d1c4e
X-Runtime: 0.003566
X-Host-Info: lw-prod-us-i-036429de2146341a4, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/trace?id=60fff5131c&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=60fff5131c&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=60fff5131c&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/d260fff8e5131cb2?l=8
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: f478b8c5-819a-4117-bd26-b80220095e1b
X-Runtime: 0.003275
X-Host-Info: lw-prod-us-i-036429de2146341a4, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/trace?id=60fff5131c&msg=BrowserDetect%20-%20height%20%3D%201024&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=60fff5131c&msg=BrowserDetect%20-%20height%20%3D%201024&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=60fff5131c&msg=BrowserDetect%20-%20height%20%3D%201024&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/d260fff8e5131cb2?l=8
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 49e68c0e-d0be-4ea2-8ae4-b636e33b0d79
X-Runtime: 0.002257
X-Host-Info: lw-prod-us-i-08b8680cf3c18b5b1, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/trace?id=60fff5131c&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=60fff5131c&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=60fff5131c&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/d260fff8e5131cb2?l=8
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: aa2c52d9-bcac-43b7-aeea-33e371457bc3
X-Runtime: 0.002195
X-Host-Info: lw-prod-us-i-0127738a57bfad526, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/trace?id=60fff5131c&msg=java_version_pl%20%3D%20unknown&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=60fff5131c&msg=java_version_pl%20%3D%20unknown&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=60fff5131c&msg=java_version_pl%20%3D%20unknown&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/d260fff8e5131cb2?l=8
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: c58bad5b-a6d6-4630-8eeb-1246ceff8ae5
X-Runtime: 0.002319
X-Host-Info: lw-prod-us-i-0fd22a97a28557dff, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/trace?id=60fff5131c&msg=java_version_jres%20%3D%20unknown&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=60fff5131c&msg=java_version_jres%20%3D%20unknown&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=60fff5131c&msg=java_version_jres%20%3D%20unknown&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/d260fff8e5131cb2?l=8
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 2038cd4f-fddb-4695-8afd-b601350bdaf3
X-Runtime: 0.002335
X-Host-Info: lw-prod-us-i-0fd22a97a28557dff, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/trace?id=60fff5131c&msg=java_version%20%3D%20undefined&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=60fff5131c&msg=java_version%20%3D%20undefined&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=60fff5131c&msg=java_version%20%3D%20undefined&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/d260fff8e5131cb2?l=8
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 9cddfe81-eea3-49cb-b187-ea6f3af5e200
X-Runtime: 0.002601
X-Host-Info: lw-prod-us-i-036429de2146341a4, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/trace?id=60fff5131c&msg=Loading%20flash%20version&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=60fff5131c&msg=Loading%20flash%20version&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=60fff5131c&msg=Loading%20flash%20version&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/d260fff8e5131cb2?l=8
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 963cecc7-f64e-4018-aae5-5abae6c67de4
X-Runtime: 0.003072
X-Host-Info: lw-prod-us-i-08b8680cf3c18b5b1, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/trace?id=60fff5131c&msg=flash%20%3D%20unknown&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=60fff5131c&msg=flash%20%3D%20unknown&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=60fff5131c&msg=flash%20%3D%20unknown&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/d260fff8e5131cb2?l=8
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: a1a02c10-5c1b-4dc7-b410-496a2c16699d
X-Runtime: 0.003090
X-Host-Info: lw-prod-us-i-08b8680cf3c18b5b1, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/trace?id=60fff5131c&msg=Could%20not%20find%20AdobeReader%20version&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=60fff5131c&msg=Could%20not%20find%20AdobeReader%20version&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=60fff5131c&msg=Could%20not%20find%20AdobeReader%20version&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/d260fff8e5131cb2?l=8
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 85b534e2-5beb-4a86-a6e4-dcc1fca6a3de
X-Runtime: 0.003158
X-Host-Info: lw-prod-us-i-0127738a57bfad526, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/trace?id=60fff5131c&msg=Loading%20pdf%20version&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=60fff5131c&msg=Loading%20pdf%20version&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=60fff5131c&msg=Loading%20pdf%20version&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/d260fff8e5131cb2?l=8
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: e42a93d7-a63b-4ba4-863d-0ed46aa68d3d
X-Runtime: 0.002774
X-Host-Info: lw-prod-us-i-0127738a57bfad526, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/trace?id=60fff5131c&msg=pdf%20%3D%20unknown&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=60fff5131c&msg=pdf%20%3D%20unknown&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=60fff5131c&msg=pdf%20%3D%20unknown&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/d260fff8e5131cb2?l=8
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 956e61ac-9e8d-4330-8afe-abc852dbcda4
X-Runtime: 0.002362
X-Host-Info: lw-prod-us-i-0fd22a97a28557dff, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/trace?id=60fff5131c&msg=Loading%20quicktime%20version&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=60fff5131c&msg=Loading%20quicktime%20version&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=60fff5131c&msg=Loading%20quicktime%20version&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/d260fff8e5131cb2?l=8
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: f82b096f-bd48-4f3e-905d-0200020b4450
X-Runtime: 0.002828
X-Host-Info: lw-prod-us-i-036429de2146341a4, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/trace?id=60fff5131c&msg=quicktime%20%3D%20unknown&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=60fff5131c&msg=quicktime%20%3D%20unknown&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=60fff5131c&msg=quicktime%20%3D%20unknown&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/d260fff8e5131cb2?l=8
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 4182d52d-e44c-4485-a4d7-d6f83c1e304e
X-Runtime: 0.001838
X-Host-Info: lw-prod-us-i-0fd22a97a28557dff, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/trace?id=60fff5131c&msg=Loading%20Silverlight%20version&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=60fff5131c&msg=Loading%20Silverlight%20version&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=60fff5131c&msg=Loading%20Silverlight%20version&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/d260fff8e5131cb2?l=8
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: ec6bcadc-27c2-4b0d-bcf4-82e3fcf3b3d0
X-Runtime: 0.002058
X-Host-Info: lw-prod-us-i-0127738a57bfad526, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/trace?id=60fff5131c&msg=realplayer%20%3D%20unknown&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=60fff5131c&msg=realplayer%20%3D%20unknown&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=60fff5131c&msg=realplayer%20%3D%20unknown&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/d260fff8e5131cb2?l=8
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 5baee591-ceab-4a46-b645-8b6c9574aead
X-Runtime: 0.021535
X-Host-Info: lw-prod-us-i-036429de2146341a4, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/trace?id=60fff5131c&msg=Loading%20RealPlayer%20version&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=60fff5131c&msg=Loading%20RealPlayer%20version&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=60fff5131c&msg=Loading%20RealPlayer%20version&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/d260fff8e5131cb2?l=8
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 6b1c283d-705f-452e-bc9a-e843b992f419
X-Runtime: 0.021890
X-Host-Info: lw-prod-us-i-08b8680cf3c18b5b1, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/trace?id=60fff5131c&msg=silverlight%20%3D%20unknown&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=60fff5131c&msg=silverlight%20%3D%20unknown&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=60fff5131c&msg=silverlight%20%3D%20unknown&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/d260fff8e5131cb2?l=8
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 5ef48621-eee8-4c75-9f72-c55da18adb1d
X-Runtime: 0.002531
X-Host-Info: lw-prod-us-i-0fd22a97a28557dff, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/trace?id=60fff5131c&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=60fff5131c&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=60fff5131c&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/d260fff8e5131cb2?l=8
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 2aa97fe6-3244-4629-8530-6e4a18ae7393
X-Runtime: 0.002243
X-Host-Info: lw-prod-us-i-036429de2146341a4, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/trace?id=60fff5131c&msg=wmp%20%3D%20unknown&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=60fff5131c&msg=wmp%20%3D%20unknown&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=60fff5131c&msg=wmp%20%3D%20unknown&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/d260fff8e5131cb2?l=8
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 93ec25b9-2bb7-4081-b5e8-ff5c13854999
X-Runtime: 0.002563
X-Host-Info: lw-prod-us-i-08b8680cf3c18b5b1, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/trace?id=60fff5131c&msg=redirecting%20to%20%2Fload_training%3Fguid%3D5960ffff85131c80%26correlation_id%3Df0eb8f2c-be1a-4119-89f2-db7b40ea3249&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=60fff5131c&msg=redirecting%20to%20%2Fload_training%3Fguid%3D5960ffff85131c80%26correlation_id%3Df0eb8f2c-be1a-4119-89f2-db7b40ea3249&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=60fff5131c&msg=redirecting%20to%20%2Fload_training%3Fguid%3D5960ffff85131c80%26correlation_id%3Df0eb8f2c-be1a-4119-89f2-db7b40ea3249&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/d260fff8e5131cb2?l=8
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 61440e4f-f295-4415-bd4f-5fc67493d19c
X-Runtime: 0.002729
X-Host-Info: lw-prod-us-i-08b8680cf3c18b5b1, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/trace?id=60fff5131c&msg=browser_post_successful&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=60fff5131c&msg=browser_post_successful&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=60fff5131c&msg=browser_post_successful&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/d260fff8e5131cb2?l=8
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 34af0f95-854d-4879-bf3f-190372b03633
X-Runtime: 0.002994
X-Host-Info: lw-prod-us-i-0127738a57bfad526, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/trace?id=60fff5131c&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=60fff5131c&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=60fff5131c&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/d260fff8e5131cb2?l=8
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 75f0fed2-964b-409b-9c37-6475e6f74ae7
X-Runtime: 0.002054
X-Host-Info: lw-prod-us-i-0127738a57bfad526, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/favicon.ico
52.20.28.170200 OK 0 B URL HTTP/1.1 login.micrasoft-office365.com/favicon.ico
IP 52.20.28.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/d260fff8e5131cb2?l=8
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:19 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Last-Modified: Thu, 25 Aug 2022 13:19:40 GMT
ETag: "630776ec-0"
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
login.micrasoft-office365.com/load_training?guid=5960ffff85131c80&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 14 kB URL HTTP/1.1 login.micrasoft-office365.com/load_training?guid=5960ffff85131c80&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (31070)
Hash 45a47f24e23ec6846a8a58a77dd3ee8c
295b8201dbc064bb5956c8529b08375702837bb9
7016c5a485eb9bf47a7676475b9ca03fba0e23822fa0bfa988620a9eefca78d5
GET /load_training?guid=5960ffff85131c80&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/d260fff8e5131cb2?l=8
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:20 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
ETag: W/"ae585a8209e2476ddad7b55a0315ef66"
Cache-Control: max-age=0, private, must-revalidate
X-Request-Id: c3f8d978-ae3e-4823-a736-5ce589c8c173
X-Runtime: 0.014876
X-Host-Info: lw-prod-us-i-08b8680cf3c18b5b1, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 1384e669a9e259cccf32489be673e7c4
7f982ae66621ff7e5855f2b025e3ae034706ec33
eb462a28dbd7e93cd13a170acfcbf35babb3b7ef7e7d1ddeb30d377630ea30f8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Oct 2022 04:46:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 1384e669a9e259cccf32489be673e7c4
7f982ae66621ff7e5855f2b025e3ae034706ec33
eb462a28dbd7e93cd13a170acfcbf35babb3b7ef7e7d1ddeb30d377630ea30f8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Oct 2022 04:46:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
216.58.211.10200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
IP 216.58.211.10:0
File type Unicode text, UTF-8 text, with very long lines (65480)
Hash b582b2eca79a750948dbb3777aeaaadb
bf0ea1c8a7b4a55779cbb3df1f1d75cc19910e9f
04c7f19e1ae294cc641f6c497653b5c13c41b258559f5f05b790032ccca16c82
GET /ajax/libs/jquery/1.8.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://login.micrasoft-office365.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33621
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 16:27:21 GMT
expires: Thu, 28 Sep 2023 16:27:21 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 217139
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
login.micrasoft-office365.com/assets/ajax/libs/jquery/1.11.0/jquery.min.js
52.20.28.170200 OK 33 kB URL HTTP/1.1 login.micrasoft-office365.com/assets/ajax/libs/jquery/1.11.0/jquery.min.js
IP 52.20.28.170:0
File type ASCII text, with very long lines (32341)
Hash 47fef3745452b8af6196adc0e73084f0
482da2d6a2499d3127eb3dc073bc80c530a047fd
416a096f0dce236c69c9376cb7571be669d610767262a9b940d3d34a34ee1058
GET /assets/ajax/libs/jquery/1.11.0/jquery.min.js HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/load_training?guid=5960ffff85131c80&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:20 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 25 Aug 2022 13:19:40 GMT
Vary: Accept-Encoding
Server: ThreatSim-Web-Server
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/assets/all.js?guid=60fff5131c&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 7.2 kB URL HTTP/1.1 login.micrasoft-office365.com/assets/all.js?guid=60fff5131c&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash db7c58fc21f4bbb0900fed3889f61df2
24047c64e0dbdbcc8eef175a42dc1911f7f8a6aa
5a1dcea95a97b018b93cc58089502fd2069d508c02088c0c6a49533fef91afb7
GET /assets/all.js?guid=60fff5131c&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/load_training?guid=5960ffff85131c80&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:20 GMT
Content-Type: application/javascript
Content-Length: 7191
Connection: keep-alive
Last-Modified: Thu, 25 Aug 2022 13:19:40 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Server: ThreatSim-Web-Server
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public
Access-Control-Allow-Origin: *
tslp.s3.amazonaws.com/training/embedded/css/url.css
52.216.249.236200 OK 6.4 kB URL HTTP/1.1 tslp.s3.amazonaws.com/training/embedded/css/url.css
IP 52.216.249.236:0
File type ASCII text, with very long lines (412)
Hash 0560febf38cfe916ab8ffbee8ce4e9fc
5e41bb9b576db52bcea94264b9929a286a20a0f4
18fd69a3bb1fc61221c8d6c3bbbd177c38a21d96392bf2b403ddd9969615cf22
GET /training/embedded/css/url.css HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://login.micrasoft-office365.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: zfQpIRpCPxljLoGmHsiB8Zbw2HvJwP/sV8rrhxb4SkRUgMFotnDJoGZ1XlI5W9/xDwG50Y27Tnk=
x-amz-request-id: CSAPXGMHQ8G2E9GC
Date: Sat, 01 Oct 2022 04:46:21 GMT
Last-Modified: Fri, 26 Aug 2022 14:07:46 GMT
ETag: "0560febf38cfe916ab8ffbee8ce4e9fc"
x-amz-server-side-encryption: AES256
x-amz-version-id: jWFW6Vb_IckPQFjf7Ej9_NT_HlQSyGGs
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Content-Length: 6367
tslp.s3.amazonaws.com/training/teachable_moments/css/langdrop.css
52.216.249.236200 OK 1.7 kB URL HTTP/1.1 tslp.s3.amazonaws.com/training/teachable_moments/css/langdrop.css
IP 52.216.249.236:0
Hash bc7f970ad0f163bc72c9ae9aa09e1cde
bf67b0d0f3bb4038caf1021a692b6eb6024c3e02
5243766eedfcba70128c2931dbef8875f942b81e39002d80dc0110167d4ef742
GET /training/teachable_moments/css/langdrop.css HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://login.micrasoft-office365.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: MTbaIS9X24fuL4KFCywtlIt8wCbmEsa3LOaoGQNNd+fqUVVpHXWFKM+CzoltoiWprI43su1WTt0=
x-amz-request-id: CSARD7K70A7R83TB
Date: Sat, 01 Oct 2022 04:46:21 GMT
Last-Modified: Fri, 26 Aug 2022 14:07:49 GMT
ETag: "bc7f970ad0f163bc72c9ae9aa09e1cde"
x-amz-server-side-encryption: AES256
x-amz-version-id: OhzuQr9n0bqd2zskiPVZjmnmHAmPcoAx
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Content-Length: 1713
tslp.s3.amazonaws.com/languages/language.18071.js
52.216.249.236200 OK 8.2 kB URL HTTP/1.1 tslp.s3.amazonaws.com/languages/language.18071.js
IP 52.216.249.236:0
Hash 8b9a9d305bd69c962b600c08f3c69edf
9a907e240cdf81d8265c9fb1322cfe10ed027288
73f360f08e8c2a1719c098491e17d53cdaa98d246585bfd0285a2afad75c51a7
GET /languages/language.18071.js HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://login.micrasoft-office365.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: unCp8ju5PGyJY+GsyTZ/hntiFMfMbmMKeOORfuJdXVA2vSql5mTTySbmyJBzsVHUA19WpXm3rNw=
x-amz-request-id: CSARD2MCYRA3Q6Q9
Date: Sat, 01 Oct 2022 04:46:21 GMT
Last-Modified: Fri, 26 Aug 2022 14:07:38 GMT
ETag: "8b9a9d305bd69c962b600c08f3c69edf"
x-amz-server-side-encryption: AES256
x-amz-version-id: U_kpSjDDW4npfowvZPZnd2_aKVkUaKPA
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Length: 8207
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 1384e669a9e259cccf32489be673e7c4
7f982ae66621ff7e5855f2b025e3ae034706ec33
eb462a28dbd7e93cd13a170acfcbf35babb3b7ef7e7d1ddeb30d377630ea30f8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Oct 2022 04:46:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 1384e669a9e259cccf32489be673e7c4
7f982ae66621ff7e5855f2b025e3ae034706ec33
eb462a28dbd7e93cd13a170acfcbf35babb3b7ef7e7d1ddeb30d377630ea30f8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Oct 2022 04:46:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tslp.s3.amazonaws.com/assets/js/training.js
52.216.249.236200 OK 352 B URL HTTP/1.1 tslp.s3.amazonaws.com/assets/js/training.js
IP 52.216.249.236:0
Hash 029ab28ca3c245dc425e3f3f6599d480
845057d3630d0a06e797a7049b3e9658d7650af1
8a1170223599205267c6ee3a3072855f1727461d9dd1066bb94f39180f963af9
GET /assets/js/training.js HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/
Connection: keep-alive
HTTP/1.1 200 OK
x-amz-id-2: 5yTB8bLdhPN2sZbOcpb+AzCW6cvNA1GfuBQA1vhds6gakh3E1IW1YufawpqqOEEfJvBFpKXapew=
x-amz-request-id: CSAZYYQRRV6N2B8E
Date: Sat, 01 Oct 2022 04:46:21 GMT
Last-Modified: Fri, 26 Aug 2022 14:07:38 GMT
ETag: "029ab28ca3c245dc425e3f3f6599d480"
x-amz-server-side-encryption: AES256
x-amz-version-id: 6KvPBARKn9Wl5VW3Hl_LtK2bIq68QrGH
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Length: 352
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 51e8be01fe1e4cf7fbec97f2268fe684
25edd63df37f972dbdd8d149b26c4be60179d32b
d364b01cf59a8eafc6ed2e79eab3c22b7daa341240a5dcbd272b8b48d530aeee
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Oct 2022 04:46:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 51e8be01fe1e4cf7fbec97f2268fe684
25edd63df37f972dbdd8d149b26c4be60179d32b
d364b01cf59a8eafc6ed2e79eab3c22b7daa341240a5dcbd272b8b48d530aeee
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Oct 2022 04:46:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.163200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://login.micrasoft-office365.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 03:08:55 GMT
expires: Sun, 01 Oct 2023 03:08:55 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
age: 5845
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15230
Expires: Sat, 01 Oct 2022 09:00:10 GMT
Date: Sat, 01 Oct 2022 04:46:20 GMT
Connection: keep-alive
tslp.s3.amazonaws.com/training/production/314/hooks-a3eab7.png
52.216.249.236200 OK 5.0 kB URL HTTP/1.1 tslp.s3.amazonaws.com/training/production/314/hooks-a3eab7.png
IP 52.216.249.236:0
File type PNG image data, 188 x 232, 8-bit/color RGBA, non-interlaced\012- data
Hash 3e598c505586e70346fa62d104dd540f
497e981085a062e5e4972635e775c740fb701ad1
7789f06bcf267ab54b9bc9c64ea04877c46aa141f67a21a501d908447fd95ebb
GET /training/production/314/hooks-a3eab7.png HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tslp.s3.amazonaws.com/training/embedded/css/url.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
x-amz-id-2: n44bfAbYE3De4Pca/WCJOehuB1uIaeAklEUd/oRdQDodgkCixc/dWQv/OsfKli6HV3u9VLqZlsU=
x-amz-request-id: CSANJBNGKNSK7J3E
Date: Sat, 01 Oct 2022 04:46:21 GMT
Last-Modified: Fri, 26 Aug 2022 14:07:48 GMT
ETag: "3e598c505586e70346fa62d104dd540f"
x-amz-server-side-encryption: AES256
x-amz-version-id: .YGCnRqbXkaDTSLNT7EWxvKvKu.lg1.r
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 5003
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff75296c6-86fa-46e7-b1f9-5afb645a7a08.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff75296c6-86fa-46e7-b1f9-5afb645a7a08.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6d5dcd5bfb41659d9b347d19af17853b
feafba2465f9b352eef2a2dc57e7c52446ff2cc0
10904009b4b7b80c6931ea54981bc5ee51b5b71b5407da20e2d22962d9fab32e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff75296c6-86fa-46e7-b1f9-5afb645a7a08.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11252
x-amzn-requestid: 53406cae-6d5f-4700-ac5a-c26bb7762252
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPtTgEsHoAMF53w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633628e3-5a23515e02caea594e05e6a9;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 23:23:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: sZ9hZoWRNQHI7VbLr5ygsJeXKr0OsnbSSas1v0O_vXKSEUK6canMKA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 16:23:58 GMT
age: 44542
etag: "feafba2465f9b352eef2a2dc57e7c52446ff2cc0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a3fdfee-41fa-48e2-a92a-744050d16fbe.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a3fdfee-41fa-48e2-a92a-744050d16fbe.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1d55a4b7e79062b396f5fd06b44cd637
8b72969c2c5cff7c8200e8c8a4b3d504565a97fd
338682591e594c0cf51fd671a43ff1b0d265b2713dc8504f05b00f93ddf5c57e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a3fdfee-41fa-48e2-a92a-744050d16fbe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13384
x-amzn-requestid: c643d8db-041f-4e98-888d-63375dde9721
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZM65TEujIAMFpmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63350b6e-232161f74a65138a122f7cf7;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 03:05:18 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0qGoRJUOZ5pSfaO1f7DWFB-oRI7zkyIFFfAcbOWNhy3p2EKCD1VdwA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 03:52:25 GMT
age: 3235
etag: "8b72969c2c5cff7c8200e8c8a4b3d504565a97fd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15230
Expires: Sat, 01 Oct 2022 09:00:10 GMT
Date: Sat, 01 Oct 2022 04:46:20 GMT
Connection: keep-alive
login.micrasoft-office365.com/trace?id=undefined&msg=window.tracking_id%20is%20not%20set%2C%20let%27s%20get%20it&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=undefined&msg=window.tracking_id%20is%20not%20set%2C%20let%27s%20get%20it&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=undefined&msg=window.tracking_id%20is%20not%20set%2C%20let%27s%20get%20it&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/load_training?guid=5960ffff85131c80&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:20 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 11ddf0da-a42f-42b3-ab75-39c589cd9833
X-Runtime: 0.002409
X-Host-Info: lw-prod-us-i-0fd22a97a28557dff, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/trace?id=unknown&msg=get-id%20is%20undefined&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=unknown&msg=get-id%20is%20undefined&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=unknown&msg=get-id%20is%20undefined&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/load_training?guid=5960ffff85131c80&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:20 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: a14da31c-1eea-4430-a8f0-e390535d0537
X-Runtime: 0.003880
X-Host-Info: lw-prod-us-i-036429de2146341a4, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/trace?id=unknown&msg=did%20not%20find%20guid%20in%20last%20part%20of%20location&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=unknown&msg=did%20not%20find%20guid%20in%20last%20part%20of%20location&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=unknown&msg=did%20not%20find%20guid%20in%20last%20part%20of%20location&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/load_training?guid=5960ffff85131c80&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:20 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 12b13826-33ca-4ac5-865e-4551cf5a2076
X-Runtime: 0.003977
X-Host-Info: lw-prod-us-i-036429de2146341a4, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F979b163e-e6cb-49a1-a2a2-de55e3c86685.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F979b163e-e6cb-49a1-a2a2-de55e3c86685.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 72a92d7de4dd5ccce4cdf54dd132b948
bb9a3611d2eb51e0eef79106f1497e3f460a03cb
7654b1824c07d1c121e288c19ea587eff25579333a783978bc73dc37cc9b35a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F979b163e-e6cb-49a1-a2a2-de55e3c86685.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6655
x-amzn-requestid: ade9e38b-a622-4ec5-b8be-29d4ba80d883
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZP6jHGNioAMFVbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63363e13-02fb28271686b4c97d95bde3;Sampled=0
x-amzn-remapped-date: Fri, 30 Sep 2022 00:53:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wwTf6va45g9yXUUnmddByF22fmAQCX6ZVK6PwpElVK41tesFsq0mlA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 13:43:10 GMT
age: 54190
etag: "bb9a3611d2eb51e0eef79106f1497e3f460a03cb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15230
Expires: Sat, 01 Oct 2022 09:00:10 GMT
Date: Sat, 01 Oct 2022 04:46:20 GMT
Connection: keep-alive
login.micrasoft-office365.com/training_screenshot?guid=60fff5131c&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 12 kB URL HTTP/1.1 login.micrasoft-office365.com/training_screenshot?guid=60fff5131c&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (31070)
Hash fd16dd569dfc64a796154cdf91df383a
6f8666c62a2a54f82cc8385b96b6c181c4ad6d60
1bb9d8ef37dad8ddbe3db3dde49fb24b711093b3147565009c27e36b07aa28c4
GET /training_screenshot?guid=60fff5131c&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/load_training?guid=5960ffff85131c80&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:20 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
ETag: W/"6f7d6b3a08916ecb9893aa65f26cb0a2"
Cache-Control: max-age=0, private, must-revalidate
X-Request-Id: 50b12ed6-301b-4411-8896-a6bcbc95bbcc
X-Runtime: 0.005868
X-Host-Info: lw-prod-us-i-08b8680cf3c18b5b1, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/log?id=60fff5131c&campaign_guid=a53f3209ef&msg=Loading%20embedded%20html
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/log?id=60fff5131c&campaign_guid=a53f3209ef&msg=Loading%20embedded%20html
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /log?id=60fff5131c&campaign_guid=a53f3209ef&msg=Loading%20embedded%20html HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/load_training?guid=5960ffff85131c80&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:20 GMT
Content-Type: image/gif; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: f2f3ef1a-696c-43e7-8ad3-1d71eaa2478b
X-Runtime: 0.002127
X-Host-Info: lw-prod-us-i-08b8680cf3c18b5b1, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: f0791b53-3c5f-4d94-954d-992a529ebb60
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPnunF35oAMFYbg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63361ff6-2adb303349153ced73ccecf6;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 22:45:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RGS_T9Cwl5Vjs_bxngHRomiYppE5fLe0SnH19VEfc5-PCT5tb5ku1A==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 04:40:52 GMT
age: 328
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5960ffff85131c80&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/load_training?guid=5960ffff85131c80&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:20 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: b50c238e-8847-4363-b03d-cd70f1a791f7
X-Runtime: 0.002654
X-Host-Info: lw-prod-us-i-0127738a57bfad526, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15230
Expires: Sat, 01 Oct 2022 09:00:10 GMT
Date: Sat, 01 Oct 2022 04:46:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15230
Expires: Sat, 01 Oct 2022 09:00:10 GMT
Date: Sat, 01 Oct 2022 04:46:20 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7a423b5-e320-4013-8cd9-2455b244e410.jpeg
34.120.237.76200 OK 3.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7a423b5-e320-4013-8cd9-2455b244e410.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e22123802c6c1a89ff2b12b8ebb4478a
069a451b50182aed754301cbc2eb776abe469a52
4edccb57b366cf6460219d86ea13dd54cb0bcf3581604a5139859bf809df2b13
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7a423b5-e320-4013-8cd9-2455b244e410.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3069
x-amzn-requestid: 957bbcc7-0ce0-42b6-bec6-588f9e1c6369
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZSxLCH6DoAMFaHA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63376246-5a514967208e92343e0f3778;Sampled=0
x-amzn-remapped-date: Fri, 30 Sep 2022 21:40:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: tnGcmRZcp0_ckYfYvD37C_1Vswk5FoLIhno4dWw39OJ3fqmhIMss2Q==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 22:15:59 GMT
age: 23421
etag: "069a451b50182aed754301cbc2eb776abe469a52"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fc3f7b5-4c80-4662-ba8b-7997bdbdb6a3.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fc3f7b5-4c80-4662-ba8b-7997bdbdb6a3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0d31a422078d02bda318c693c05a58dc
2df7db53629c7adda2c0a4dfe9c17791b73a75e1
a07fe4e135b52da6dfa9d8a55684f0a3bf5f5ce52c4064c8ab37836a939902a9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fc3f7b5-4c80-4662-ba8b-7997bdbdb6a3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8299
x-amzn-requestid: 91eed6b6-632f-472b-93d7-4192425fcdfd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZSxLDF0SoAMFWgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63376246-17bb04894cc786555d693ec3;Sampled=0
x-amzn-remapped-date: Fri, 30 Sep 2022 21:40:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 8JvNUZRyYeZjd4ZxOrGMCbJxVf46NRhiHXsFvCAZn2QeUkdCzKoYbw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 22:15:58 GMT
age: 23422
etag: "2df7db53629c7adda2c0a4dfe9c17791b73a75e1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
login.micrasoft-office365.com/log?id=60fff5131c&campaign_guid=a53f3209ef&msg=embeddedhtmlemail%20id%20exists%20with%20environment%20%3D%20production
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/log?id=60fff5131c&campaign_guid=a53f3209ef&msg=embeddedhtmlemail%20id%20exists%20with%20environment%20%3D%20production
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /log?id=60fff5131c&campaign_guid=a53f3209ef&msg=embeddedhtmlemail%20id%20exists%20with%20environment%20%3D%20production HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/load_training?guid=5960ffff85131c80&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:20 GMT
Content-Type: image/gif; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: ffa391b2-65cf-4293-8c37-3cd1e6ebc4eb
X-Runtime: 0.002661
X-Host-Info: lw-prod-us-i-0fd22a97a28557dff, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=Loading%20flash%20version&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=Loading%20flash%20version&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5960ffff85131c80&msg=Loading%20flash%20version&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/load_training?guid=5960ffff85131c80&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:20 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 88dca6e9-b6b1-4fd1-804d-439db3d3c114
X-Runtime: 0.002623
X-Host-Info: lw-prod-us-i-036429de2146341a4, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=Loading%20RealPlayer%20version&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=Loading%20RealPlayer%20version&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5960ffff85131c80&msg=Loading%20RealPlayer%20version&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/load_training?guid=5960ffff85131c80&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:20 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 587cacde-799b-47f7-b919-74cb3fb4c1ad
X-Runtime: 0.002559
X-Host-Info: lw-prod-us-i-0127738a57bfad526, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
tslp.s3.amazonaws.com/training/embedded/translations/url/en-us.json
52.216.249.236200 OK 1.9 kB URL HTTP/1.1 tslp.s3.amazonaws.com/training/embedded/translations/url/en-us.json
IP 52.216.249.236:0
File type JSON data\012- HTML document, Unicode text, UTF-8 text, with very long lines (464)
Hash 5113dad20241201a33ab81b33233bd01
d39173a84981b0bb8efd20d22040e1fd5edd831b
6029db4e8a8928f728f865f2cb26f295ec030e46f621f8296d3af91481e01c27
GET /training/embedded/translations/url/en-us.json HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/
Origin: http://login.micrasoft-office365.com
Connection: keep-alive
HTTP/1.1 200 OK
x-amz-id-2: YHcvHxN0qW2hpem8APRgLjZzV7IHJFXn/ygE881Iqk3Ma1CM2UlR98QSWXDN/Za1JCLR5Jhb5fs=
x-amz-request-id: CSAT908ZSVXB3JYN
Date: Sat, 01 Oct 2022 04:46:21 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Last-Modified: Thu, 28 Jul 2022 16:04:00 GMT
ETag: "5113dad20241201a33ab81b33233bd01"
x-amz-server-side-encryption: AES256
x-amz-version-id: xV8j7ipjt7r5IXF867C5WtwFqd2iPiM7
Accept-Ranges: bytes
Content-Type: application/json
Server: AmazonS3
Content-Length: 1895
login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5960ffff85131c80&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/load_training?guid=5960ffff85131c80&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:20 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 50a1d744-ccdf-4885-a209-1b3d5628384a
X-Runtime: 0.002403
X-Host-Info: lw-prod-us-i-0fd22a97a28557dff, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/log?id=60fff5131c&campaign_guid=a53f3209ef&msg=logo_object%20does%20not%20exist
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/log?id=60fff5131c&campaign_guid=a53f3209ef&msg=logo_object%20does%20not%20exist
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /log?id=60fff5131c&campaign_guid=a53f3209ef&msg=logo_object%20does%20not%20exist HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/load_training?guid=5960ffff85131c80&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:20 GMT
Content-Type: image/gif; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 68264d13-87b9-44a9-91dd-c28bfbef70e4
X-Runtime: 0.002784
X-Host-Info: lw-prod-us-i-08b8680cf3c18b5b1, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5960ffff85131c80&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/load_training?guid=5960ffff85131c80&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:20 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 947a8f54-a9db-4635-8ba9-46f6fe58e31e
X-Runtime: 0.002367
X-Host-Info: lw-prod-us-i-0127738a57bfad526, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=BrowserDetect%20-%20browser%20%3D%20Firefox&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=BrowserDetect%20-%20browser%20%3D%20Firefox&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5960ffff85131c80&msg=BrowserDetect%20-%20browser%20%3D%20Firefox&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/load_training?guid=5960ffff85131c80&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:20 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: d8a0559f-034c-474b-ad5b-e7cb2a94bd21
X-Runtime: 0.002444
X-Host-Info: lw-prod-us-i-0fd22a97a28557dff, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=BrowserDetect%20-%20browser_version%20%3D%2096&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=BrowserDetect%20-%20browser_version%20%3D%2096&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5960ffff85131c80&msg=BrowserDetect%20-%20browser_version%20%3D%2096&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/load_training?guid=5960ffff85131c80&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:20 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: cf12ced2-0e84-4b7b-a185-74230d009410
X-Runtime: 0.002811
X-Host-Info: lw-prod-us-i-036429de2146341a4, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5960ffff85131c80&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/load_training?guid=5960ffff85131c80&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:20 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 56504abd-f86b-4a96-9ff5-1f3a3f273f1d
X-Runtime: 0.002068
X-Host-Info: lw-prod-us-i-036429de2146341a4, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=BrowserDetect%20-%20os_version%20%3D%20&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=BrowserDetect%20-%20os_version%20%3D%20&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5960ffff85131c80&msg=BrowserDetect%20-%20os_version%20%3D%20&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/load_training?guid=5960ffff85131c80&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:20 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 5a86f2bc-edec-439d-95a0-c8a94838aa68
X-Runtime: 0.004362
X-Host-Info: lw-prod-us-i-08b8680cf3c18b5b1, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5960ffff85131c80&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/load_training?guid=5960ffff85131c80&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:20 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: c102740a-818a-418e-8f76-2c3521df0cab
X-Runtime: 0.004182
X-Host-Info: lw-prod-us-i-08b8680cf3c18b5b1, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=BrowserDetect%20-%20width%20%3D%201280&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=BrowserDetect%20-%20width%20%3D%201280&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5960ffff85131c80&msg=BrowserDetect%20-%20width%20%3D%201280&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/load_training?guid=5960ffff85131c80&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:20 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: fb5f5525-8431-4833-b3a9-d823c14cf975
X-Runtime: 0.002325
X-Host-Info: lw-prod-us-i-0127738a57bfad526, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5960ffff85131c80&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/load_training?guid=5960ffff85131c80&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:21 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 8e89eda5-bdd3-4b83-ad9f-01d3d323f402
X-Runtime: 0.002520
X-Host-Info: lw-prod-us-i-0fd22a97a28557dff, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5960ffff85131c80&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/load_training?guid=5960ffff85131c80&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:21 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 2fd63975-6c03-4e31-b067-d03922db80be
X-Runtime: 0.002379
X-Host-Info: lw-prod-us-i-036429de2146341a4, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=BrowserDetect%20-%20height%20%3D%201024&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=BrowserDetect%20-%20height%20%3D%201024&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5960ffff85131c80&msg=BrowserDetect%20-%20height%20%3D%201024&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/load_training?guid=5960ffff85131c80&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:21 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: f5bc2a0c-5a84-44b6-9187-5625ae147203
X-Runtime: 0.002119
X-Host-Info: lw-prod-us-i-0127738a57bfad526, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5960ffff85131c80&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/load_training?guid=5960ffff85131c80&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:21 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 97de349c-b35a-40da-b616-2a3778632a37
X-Runtime: 0.002329
X-Host-Info: lw-prod-us-i-0fd22a97a28557dff, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=java_version_pl%20%3D%20unknown&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=java_version_pl%20%3D%20unknown&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5960ffff85131c80&msg=java_version_pl%20%3D%20unknown&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/load_training?guid=5960ffff85131c80&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:21 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: eb712230-792b-45ef-9171-212f85939ec7
X-Runtime: 0.002725
X-Host-Info: lw-prod-us-i-08b8680cf3c18b5b1, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=java_version%20%3D%20undefined&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=java_version%20%3D%20undefined&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5960ffff85131c80&msg=java_version%20%3D%20undefined&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/load_training?guid=5960ffff85131c80&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:21 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 33d6dec3-174d-4fb4-9828-930bd084b306
X-Runtime: 0.001927
X-Host-Info: lw-prod-us-i-0127738a57bfad526, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=java_version_jres%20%3D%20unknown&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=java_version_jres%20%3D%20unknown&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5960ffff85131c80&msg=java_version_jres%20%3D%20unknown&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/load_training?guid=5960ffff85131c80&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:21 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 4bd2e656-203c-42d6-ac40-07d4b5a7d25a
X-Runtime: 0.002130
X-Host-Info: lw-prod-us-i-0fd22a97a28557dff, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=Loading%20pdf%20version&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=Loading%20pdf%20version&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5960ffff85131c80&msg=Loading%20pdf%20version&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/load_training?guid=5960ffff85131c80&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:21 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 81df0ae1-8905-49d3-a02d-13c46ba8d353
X-Runtime: 0.002396
X-Host-Info: lw-prod-us-i-036429de2146341a4, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 51e8be01fe1e4cf7fbec97f2268fe684
25edd63df37f972dbdd8d149b26c4be60179d32b
d364b01cf59a8eafc6ed2e79eab3c22b7daa341240a5dcbd272b8b48d530aeee
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Oct 2022 04:46:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=flash%20%3D%20unknown&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=flash%20%3D%20unknown&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5960ffff85131c80&msg=flash%20%3D%20unknown&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/load_training?guid=5960ffff85131c80&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:21 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 8123c0a4-3b68-40a8-bdb7-18a7f666dea4
X-Runtime: 0.002336
X-Host-Info: lw-prod-us-i-036429de2146341a4, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=pdf%20%3D%20unknown&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=pdf%20%3D%20unknown&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5960ffff85131c80&msg=pdf%20%3D%20unknown&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/load_training?guid=5960ffff85131c80&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:21 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 511bf782-80be-4948-bf31-074ecc9ad3f9
X-Runtime: 0.003395
X-Host-Info: lw-prod-us-i-08b8680cf3c18b5b1, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=Could%20not%20find%20AdobeReader%20version&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=Could%20not%20find%20AdobeReader%20version&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5960ffff85131c80&msg=Could%20not%20find%20AdobeReader%20version&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/load_training?guid=5960ffff85131c80&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:21 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 03466182-686c-469b-8146-f5dd1ec6b85d
X-Runtime: 0.003189
X-Host-Info: lw-prod-us-i-08b8680cf3c18b5b1, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=quicktime%20%3D%20unknown&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=quicktime%20%3D%20unknown&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5960ffff85131c80&msg=quicktime%20%3D%20unknown&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/load_training?guid=5960ffff85131c80&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:21 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 6b98caec-fdf7-4f9f-8a35-a796c01778d2
X-Runtime: 0.002461
X-Host-Info: lw-prod-us-i-0127738a57bfad526, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=Loading%20quicktime%20version&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=Loading%20quicktime%20version&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5960ffff85131c80&msg=Loading%20quicktime%20version&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/load_training?guid=5960ffff85131c80&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:21 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 3c7a1505-0f74-426c-a29b-11b567b215ad
X-Runtime: 0.002418
X-Host-Info: lw-prod-us-i-0fd22a97a28557dff, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=realplayer%20%3D%20unknown&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=realplayer%20%3D%20unknown&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5960ffff85131c80&msg=realplayer%20%3D%20unknown&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/load_training?guid=5960ffff85131c80&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:21 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 5e3dd776-95ec-4f12-a79d-b88c3fadf56a
X-Runtime: 0.002349
X-Host-Info: lw-prod-us-i-036429de2146341a4, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=Loading%20Silverlight%20version&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=Loading%20Silverlight%20version&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5960ffff85131c80&msg=Loading%20Silverlight%20version&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/load_training?guid=5960ffff85131c80&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:21 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 9e64cd3d-0e14-4247-a1f1-e63667b5d6a2
X-Runtime: 0.002520
X-Host-Info: lw-prod-us-i-0127738a57bfad526, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
ts-uploads.s3.amazonaws.com/training/production/1500/picture1-df1a84.jpg
52.216.249.236200 OK 4.1 kB URL HTTP/1.1 ts-uploads.s3.amazonaws.com/training/production/1500/picture1-df1a84.jpg
IP 52.216.249.236:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, baseline, precision 8, 251x93, components 3\012- data
Hash ea46cb288381f3cb54c5b1d732d7bb9d
d4d3c8bf013c428d22a235983a5348fbaedd72f6
b414c2bfb48bc69a8bae56a1b26923f63606205a133e324cd878f4777a85dae9
GET /training/production/1500/picture1-df1a84.jpg HTTP/1.1
Host: ts-uploads.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://login.micrasoft-office365.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: Y31YlbVrIjzfiPUGiUBXODBFqPmtyIlWaXkgW9DSID8YYkicQny/MB6BibfpsgKWdymR2xNzGPk=
x-amz-request-id: F958GJKY6RASXDD6
Date: Sat, 01 Oct 2022 04:46:22 GMT
Last-Modified: Thu, 22 Sep 2022 13:39:42 GMT
ETag: "ea46cb288381f3cb54c5b1d732d7bb9d"
x-amz-server-side-encryption: AES256
x-amz-version-id: ZCcbKemKBpCelqKmtqPKI4H3f9AgRqhA
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 4127
login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=silverlight%20%3D%20unknown&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=silverlight%20%3D%20unknown&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5960ffff85131c80&msg=silverlight%20%3D%20unknown&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/load_training?guid=5960ffff85131c80&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:21 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 9ea48516-4eb9-46ea-b6a0-71598f888537
X-Runtime: 0.002233
X-Host-Info: lw-prod-us-i-0fd22a97a28557dff, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=wmp%20%3D%20unknown&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=wmp%20%3D%20unknown&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5960ffff85131c80&msg=wmp%20%3D%20unknown&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/load_training?guid=5960ffff85131c80&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:21 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 0168b8b1-0673-43f6-b907-f018a21a5b10
X-Runtime: 0.002392
X-Host-Info: lw-prod-us-i-08b8680cf3c18b5b1, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5960ffff85131c80&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/load_training?guid=5960ffff85131c80&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:21 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: cdd66a01-fecc-4bb5-b73e-90f495184599
X-Runtime: 0.002087
X-Host-Info: lw-prod-us-i-0127738a57bfad526, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=redirect_url%20is%20undefined&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=redirect_url%20is%20undefined&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5960ffff85131c80&msg=redirect_url%20is%20undefined&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/load_training?guid=5960ffff85131c80&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:21 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: fb3e84df-f0f3-4981-90dd-a30472db69f9
X-Runtime: 0.002334
X-Host-Info: lw-prod-us-i-0fd22a97a28557dff, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
js-agent.newrelic.com/nr-spa-1216.min.js
151.101.86.137200 OK 18 kB URL HTTP/2 js-agent.newrelic.com/nr-spa-1216.min.js
IP 151.101.86.137:0
File type ASCII text, with very long lines (32010)
Hash 6561a2403142205f966207d61576f1a6
1310e72f494e12ab63a4280fc1600a2c89dc9bb8
0e496fcab0b9120938373e271fa6631b7da17adf33f8a490637467c170a3e37a
GET /nr-spa-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://login.micrasoft-office365.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TAwVDFAylU9PwNPPW/eXC4UyIMC8EQ1d6JNW9Q+uXGnPmL1fuimq9M3lAe733gCMeKNDiCQX1YM=
x-amz-request-id: SYTECJR5CMD8NJ8E
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "63e2df852d15ab21d7ff8fc4363222e8"
x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sat, 01 Oct 2022 04:46:21 GMT
via: 1.1 varnish
x-served-by: cache-bma1682-BMA
x-cache: HIT
x-cache-hits: 1169
x-timer: S1664599581.354552,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 18216
X-Firefox-Spdy: h2
login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=training_page_no_browser_post&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
52.20.28.170200 OK 20 B URL HTTP/1.1 login.micrasoft-office365.com/trace?id=5960ffff85131c80&msg=training_page_no_browser_post&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
IP 52.20.28.170:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5960ffff85131c80&msg=training_page_no_browser_post&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249 HTTP/1.1
Host: login.micrasoft-office365.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.micrasoft-office365.com/load_training?guid=5960ffff85131c80&correlation_id=f0eb8f2c-be1a-4119-89f2-db7b40ea3249
Connection: keep-alive
Cookie: EXFILGUID=60fff5131c; link_clicked_60fff5131c=1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:21 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: db64f489-3601-41b2-8ec0-0e39255b5316
X-Runtime: 0.002199
X-Host-Info: lw-prod-us-i-036429de2146341a4, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 50bb6e5ed98bde3dfc643b073a2ec0c3
21aa48bc9cd77e5aab135c26de42877704b813cf
fb7837f6c3f04ca4aa17deaf31fac8a94fcffcb03c13d12b60deb68bbb78b697
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4948
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 01 Oct 2022 04:46:21 GMT
Last-Modified: Sat, 01 Oct 2022 03:23:53 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
bam.nr-data.net/1/4b7a74eb40?a=1307609552&v=1216.487a282&to=dVtXQkUKCFpTQxtNFlddV19ZAjteQlxYZgFbVVBaGBYMWUE%3D&rst=727&ck=1&ref=http://login.micrasoft-office365.com/training_screenshot&ap=6&be=135&fe=644&dc=144&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1664599577246,%22n%22:0,%22f%22:1,%22dn%22:1,%22dne%22:1,%22c%22:1,%22ce%22:1,%22rq%22:15,%22rp%22:119,%22rpe%22:119,%22dl%22:124,%22di%22:143,%22ds%22:143,%22de%22:144,%22dc%22:642,%22l%22:642,%22le%22:646%7D,%22navigation%22:%7B%7D%7D&fcp=132&jsonp=NREUM.setToken
162.247.241.14200 OK 77 B URL HTTP/1.1 bam.nr-data.net/1/4b7a74eb40?a=1307609552&v=1216.487a282&to=dVtXQkUKCFpTQxtNFlddV19ZAjteQlxYZgFbVVBaGBYMWUE%3D&rst=727&ck=1&ref=http://login.micrasoft-office365.com/training_screenshot&ap=6&be=135&fe=644&dc=144&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1664599577246,%22n%22:0,%22f%22:1,%22dn%22:1,%22dne%22:1,%22c%22:1,%22ce%22:1,%22rq%22:15,%22rp%22:119,%22rpe%22:119,%22dl%22:124,%22di%22:143,%22ds%22:143,%22de%22:144,%22dc%22:642,%22l%22:642,%22le%22:646%7D,%22navigation%22:%7B%7D%7D&fcp=132&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash f1442f5831dbbe0210da2d7a4180d6b8
2ade23c6c7a001c66f0c0a9a101ec152747b434e
c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
GET /1/4b7a74eb40?a=1307609552&v=1216.487a282&to=dVtXQkUKCFpTQxtNFlddV19ZAjteQlxYZgFbVVBaGBYMWUE%3D&rst=727&ck=1&ref=http://login.micrasoft-office365.com/training_screenshot&ap=6&be=135&fe=644&dc=144&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1664599577246,%22n%22:0,%22f%22:1,%22dn%22:1,%22dne%22:1,%22c%22:1,%22ce%22:1,%22rq%22:15,%22rp%22:119,%22rpe%22:119,%22dl%22:124,%22di%22:143,%22ds%22:143,%22de%22:144,%22dc%22:642,%22l%22:642,%22le%22:646%7D,%22navigation%22:%7B%7D%7D&fcp=132&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://login.micrasoft-office365.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:21 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 75328dd7d81ffabc-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=55e41736688139f5; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
bam.nr-data.net/events/1/4b7a74eb40?a=1307609552&v=1216.487a282&to=dVtXQkUKCFpTQxtNFlddV19ZAjteQlxYZgFbVVBaGBYMWUE%3D&rst=922&ck=1&ref=http://login.micrasoft-office365.com/training_screenshot
162.247.241.14200 OK 24 B URL HTTP/1.1 bam.nr-data.net/events/1/4b7a74eb40?a=1307609552&v=1216.487a282&to=dVtXQkUKCFpTQxtNFlddV19ZAjteQlxYZgFbVVBaGBYMWUE%3D&rst=922&ck=1&ref=http://login.micrasoft-office365.com/training_screenshot
IP 162.247.241.14:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
POST /events/1/4b7a74eb40?a=1307609552&v=1216.487a282&to=dVtXQkUKCFpTQxtNFlddV19ZAjteQlxYZgFbVVBaGBYMWUE%3D&rst=922&ck=1&ref=http://login.micrasoft-office365.com/training_screenshot HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://login.micrasoft-office365.com/
content-type: text/plain
Content-Length: 179
Origin: http://login.micrasoft-office365.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:21 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 75328dd8e873fabc-OSL
Access-Control-Allow-Origin: http://login.micrasoft-office365.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare
d25q7gseii1o1q.cloudfront.net/training/fish/mail.png
18.165.196.172200 OK 926 B URL HTTP/1.1 d25q7gseii1o1q.cloudfront.net/training/fish/mail.png
IP 18.165.196.172:0
File type PNG image data, 48 x 48, 4-bit colormap, non-interlaced\012- data
Hash 3c506b80d78539262795c9ba59a0631a
0b7ef5bdeade81c3ffc8abc8ef8a17f7566a10f4
a35de3a30e58bf477febca8b47225959f48fd384faf088a218d6bf2251f06cbe
GET /training/fish/mail.png HTTP/1.1
Host: d25q7gseii1o1q.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tslp.s3.amazonaws.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 926
Connection: keep-alive
Last-Modified: Fri, 30 May 2014 15:01:28 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Sat, 01 Oct 2022 04:46:22 GMT
ETag: "3c506b80d78539262795c9ba59a0631a"
X-Cache: RefreshHit from cloudfront
Via: 1.1 04bb33465149b34afca4988622dca584.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: I5a6OWTrJc0RbMrltiaU93XZ3baCBdHihdV6fgWFu6MFp_ae2K-Uqg==
bam.nr-data.net/1/4b7a74eb40?a=1307609552&v=1216.487a282&to=dVtXQkUKCFpTQxtNFlddV19ZAktFXl5D&rst=1603&ck=1&ref=http://login.micrasoft-office365.com/load_training&ap=15&be=139&fe=1581&dc=431&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1664599576804,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22ce%22:0,%22rq%22:9,%22rp%22:120,%22rpe%22:120,%22dl%22:123,%22di%22:430,%22ds%22:430,%22de%22:463,%22dc%22:1581,%22l%22:1581,%22le%22:1582%7D,%22navigation%22:%7B%7D%7D&fcp=422&jsonp=NREUM.setToken
162.247.241.14200 OK 73 B URL HTTP/1.1 bam.nr-data.net/1/4b7a74eb40?a=1307609552&v=1216.487a282&to=dVtXQkUKCFpTQxtNFlddV19ZAktFXl5D&rst=1603&ck=1&ref=http://login.micrasoft-office365.com/load_training&ap=15&be=139&fe=1581&dc=431&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1664599576804,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22ce%22:0,%22rq%22:9,%22rp%22:120,%22rpe%22:120,%22dl%22:123,%22di%22:430,%22ds%22:430,%22de%22:463,%22dc%22:1581,%22l%22:1581,%22le%22:1582%7D,%22navigation%22:%7B%7D%7D&fcp=422&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash 814f8120cdf5a972bdb0fd5521a92a5d
47f7b3cd340d1fe91766ff27602e319a79bcd14c
5f520e553ae6a634e84b7c8c8d36908d2efa441d716834fd98c012c402b1c3c8
GET /1/4b7a74eb40?a=1307609552&v=1216.487a282&to=dVtXQkUKCFpTQxtNFlddV19ZAktFXl5D&rst=1603&ck=1&ref=http://login.micrasoft-office365.com/load_training&ap=15&be=139&fe=1581&dc=431&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1664599576804,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22ce%22:0,%22rq%22:9,%22rp%22:120,%22rpe%22:120,%22dl%22:123,%22di%22:430,%22ds%22:430,%22de%22:463,%22dc%22:1581,%22l%22:1581,%22le%22:1582%7D,%22navigation%22:%7B%7D%7D&fcp=422&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://login.micrasoft-office365.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:21 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 75328dda78defabc-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=4c183cc2bbde2b6e; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
bam.nr-data.net/events/1/4b7a74eb40?a=1307609552&v=1216.487a282&to=dVtXQkUKCFpTQxtNFlddV19ZAktFXl5D&rst=1776&ck=1&ref=http://login.micrasoft-office365.com/load_training
162.247.241.14200 OK 24 B URL HTTP/1.1 bam.nr-data.net/events/1/4b7a74eb40?a=1307609552&v=1216.487a282&to=dVtXQkUKCFpTQxtNFlddV19ZAktFXl5D&rst=1776&ck=1&ref=http://login.micrasoft-office365.com/load_training
IP 162.247.241.14:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
POST /events/1/4b7a74eb40?a=1307609552&v=1216.487a282&to=dVtXQkUKCFpTQxtNFlddV19ZAktFXl5D&rst=1776&ck=1&ref=http://login.micrasoft-office365.com/load_training HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://login.micrasoft-office365.com/
content-type: text/plain
Content-Length: 286
Origin: http://login.micrasoft-office365.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:22 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 75328ddb8c881c12-OSL
Access-Control-Allow-Origin: http://login.micrasoft-office365.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare
bam.nr-data.net/resources/1/4b7a74eb40?a=1307609552&v=1216.487a282&to=dVtXQkUKCFpTQxtNFlddV19ZAktFXl5D&rst=1764&ck=1&ref=http://login.micrasoft-office365.com/load_training&st=1664599576804
162.247.241.14200 OK 36 B URL HTTP/1.1 bam.nr-data.net/resources/1/4b7a74eb40?a=1307609552&v=1216.487a282&to=dVtXQkUKCFpTQxtNFlddV19ZAktFXl5D&rst=1764&ck=1&ref=http://login.micrasoft-office365.com/load_training&st=1664599576804
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash e0d6e776ffd630639490058eb6b07069
4d6f84ae872bb81a65172dfd534263a07de90d15
d7bda5b797d8f369ba574f08cde90e5283b66e3ae42636205a092fdeaf493b03
POST /resources/1/4b7a74eb40?a=1307609552&v=1216.487a282&to=dVtXQkUKCFpTQxtNFlddV19ZAktFXl5D&rst=1764&ck=1&ref=http://login.micrasoft-office365.com/load_training&st=1664599576804 HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://login.micrasoft-office365.com/
content-type: text/plain
Content-Length: 1061
Origin: http://login.micrasoft-office365.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 04:46:22 GMT
Content-Type: text/plain
Content-Length: 36
Connection: keep-alive
CF-Ray: 75328ddb6930fabc-OSL
Access-Control-Allow-Origin: http://login.micrasoft-office365.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare
fonts.googleapis.com/css?family=Open+Sans:400,700
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,700
IP 142.250.74.10:0
GET /css?family=Open+Sans:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://login.micrasoft-office365.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 01 Oct 2022 04:46:20 GMT
date: Sat, 01 Oct 2022 04:46:20 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2