Overview

URL etrade.tradeinternationai.com/95f5f4fac75b518a?l=42
IP18.215.9.130
ASNAMAZON-AES
Location United States
Report completed2022-09-30 18:26:00 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (14)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2022-09-30 15:21:19 UTC 93.184.220.29
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-09-30 17:00:01 UTC 143.204.55.36
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-30 04:56:26 UTC 34.117.237.239
mnemonic passive DNS ocsp.sca1b.amazontrust.com (6) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 54.230.245.39
mnemonic passive DNS tslp.s3.amazonaws.com (10) 209358 2014-06-02 15:25:44 UTC 2022-09-30 08:36:05 UTC 52.217.81.52
mnemonic passive DNS bam-cell.nr-data.net (1) 365 2020-10-12 23:06:03 UTC 2022-09-30 05:01:43 UTC 162.247.241.2
mnemonic passive DNS d2wy8f7a9ursnm.cloudfront.net (1) 0 2017-03-15 22:06:01 UTC 2022-09-30 07:20:39 UTC 143.204.42.14 Unknown ranking
mnemonic passive DNS www.java.com (1) 54045 2013-12-07 06:28:33 UTC 2022-09-30 06:38:14 UTC 96.6.16.111
mnemonic passive DNS r3.o.lencr.org (2) 344 2020-12-02 08:52:13 UTC 2022-09-30 04:55:29 UTC 23.36.76.226
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-30 05:34:07 UTC 143.204.55.25
mnemonic passive DNS etrade.tradeinternationai.com (61) 0 2022-08-01 18:32:41 UTC 2022-09-30 18:16:36 UTC 18.215.9.130 Unknown ranking
mnemonic passive DNS java.com (1) 15670 2017-04-01 15:11:23 UTC 2022-09-30 06:38:13 UTC 96.6.16.111
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-30 05:12:28 UTC 52.38.227.80
mnemonic passive DNS js-agent.newrelic.com (1) 378 2017-01-30 05:00:15 UTC 2022-09-30 05:51:47 UTC 151.101.86.137


Recent reports on same IP/ASN/Domain/Screenshot

Last 2 reports on IP: 18.215.9.130

Date UQ / IDS / BL URL IP
2022-10-01 04:46:29 +0000
0 - 0 - 0 login.micrasoft-office365.com/d260fff8e5131cb2?l=8 18.215.9.130
2022-09-30 18:26:00 +0000
0 - 0 - 0 etrade.tradeinternationai.com/95f5f4fac75b518 (...) 18.215.9.130

Last 5 reports on ASN: AMAZON-AES

Date UQ / IDS / BL URL IP
2022-12-03 20:02:52 +0000
9 - 0 - 11 officadobe738hr.edns.biz/ 54.86.10.46
2022-12-03 19:45:20 +0000
0 - 0 - 1 letsgiveherwings.in/ 44.200.155.137
2022-12-03 19:44:32 +0000
0 - 0 - 2 ring-checkered-swordfish.glitch.me/ 54.209.182.143
2022-12-03 19:44:19 +0000
0 - 0 - 1 www.letsgiveherwings.in/ 44.200.155.137
2022-12-03 19:15:37 +0000
0 - 0 - 6 rizeq.adthereis.buzz/ABTYCBA?tag_id=836666&su (...) 52.20.131.174

Last 1 reports on domain: tradeinternationai.com

Date UQ / IDS / BL URL IP
2022-09-30 18:26:00 +0000
0 - 0 - 0 etrade.tradeinternationai.com/95f5f4fac75b518 (...) 18.215.9.130

No other reports with similar screenshot



JavaScript

Executed Scripts (24)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (91)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 30 Sep 2022 18:16:09 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Po6bkTaroVFqJgXDscXeOKcv4I-V12HeO0vaOKEQnSNw6UVN14BFow==
Age: 580


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    1b3053fa528e28810f8a2cc9284cc921
Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a
Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "763E2DADFDD286A51327CD2000CA335E30CD0B9B7267875D22CA33F7556BA200"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17248
Expires: Fri, 30 Sep 2022 23:13:17 GMT
Date: Fri, 30 Sep 2022 18:25:49 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.25
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 30 Sep 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: R4g8Lt7NP8VSsdeuwzhmSBfBIj1kvDu6fl24Gd66WE0QFrHyYdWFQQ==
age: 46642
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 30 Sep 2022 18:25:50 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.39
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Fri, 30 Sep 2022 18:25:50 GMT
Server: ECS (dcb/7F15)
X-Cache: Miss from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Cv8l9hDoqSrbCybo5yl9BsoN53M864wcyiGeYL-qF9PWrZYDF8Nv3Q==

                                        
                                            GET /bugsnag-2.min.js HTTP/1.1 
Host: d2wy8f7a9ursnm.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.42.14
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Length: 2962
Connection: keep-alive
Last-Modified: Wed, 10 Aug 2016 00:30:49 GMT
Content-Encoding: gzip
Accept-Ranges: bytes
Server: AmazonS3
Date: Tue, 27 Sep 2022 15:53:21 GMT
Cache-Control: public, max-age=604800
ETag: "6103bb5e4ec6141e19e1100caafc780c"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: sVjJcIMv9t5Sl5J7--QtiEKGgn9-y6s2x10IMeAlbd1td5Gz6-XzqA==
Age: 268350


--- Additional Info ---
Magic:  ASCII text, with very long lines (6636), with no line terminators
Size:   2962
Md5:    6103bb5e4ec6141e19e1100caafc780c
Sha1:   1396838ef637042cbf702f6b5fdcd0281d93feb9
Sha256: ccba3500aa323de51765587835fcd4842d46e4e2384e5cfd067506d0b6fc8a78
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6294
Cache-Control: 'max-age=158059'
Date: Fri, 30 Sep 2022 18:25:50 GMT
Last-Modified: Fri, 30 Sep 2022 16:40:56 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 30 Sep 2022 17:29:34 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Fri, 30 Sep 2022 17:54:23 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: KbE_UmdWPX4_p90g7VX0IS7L4eCb4N3QlK418JMrPx-Vs4z8e1BG2g==
Age: 3377


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /assets/all.js?g=f5f4f75b51 HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/95f5f4fac75b518a?l=42
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 30 Sep 2022 18:25:50 GMT
content-length: 7191
last-modified: Thu, 25 Aug 2022 13:19:40 GMT
vary: Accept-Encoding
content-encoding: gzip
server: ThreatSim-Web-Server
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   7191
Md5:    db7c58fc21f4bbb0900fed3889f61df2
Sha1:   24047c64e0dbdbcc8eef175a42dc1911f7f8a6aa
Sha256: 5a1dcea95a97b018b93cc58089502fd2069d508c02088c0c6a49533fef91afb7
                                        
                                            GET /js/deployJava.js HTTP/1.1 
Host: java.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         96.6.16.111
HTTP/2 302 Found
                                        
server: AkamaiGHost
content-length: 0
location: https://www.java.com/js/deployJava.js
cache-control: max-age=86400
expires: Sat, 01 Oct 2022 18:25:50 GMT
date: Fri, 30 Sep 2022 18:25:50 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
akamai-grn: 0.bc4d2417.1664562350.105b7e29
set-cookie: akaalb_OCE_Failover=1664562410~op=JCOM_OCE:oceProdappJcomProdOrigin|~rv=69~m=oceProdappJcomProdOrigin:0|~os=2708f36cb43ca861e42dc0215e4669c5~id=b9b8ee7e9d37c3a36019a744cdcc1b41; path=/; Expires=Fri, 30 Sep 2022 18:26:50 GMT; Secure; SameSite=None
x-xss-protection: 1
X-Firefox-Spdy: h2

                                        
                                            GET /js/deployJava.js HTTP/1.1 
Host: www.java.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         96.6.16.111
HTTP/2 200 OK
content-type: application/javascript
                                        
content-disposition: attachment; filename="deployJava.js";filename*=UTF-8''deployJava.js
content-encoding: gzip
etag: D07B023847CD4DC5C4ED4AB4FC46AD47BDD6E99A0663:19
x-content-type-options: nosniff
x-oracle-dms-ecid: b53b70d7-8e10-469f-a56c-440abaee13cc-0469beae
x-oracle-dms-rid: 0
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
content-length: 5512
vary: Accept-Encoding
unused62: 8096267
cache-control: public, max-age=86400
expires: Sat, 01 Oct 2022 18:25:50 GMT
date: Fri, 30 Sep 2022 18:25:50 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=4
akamai-grn: 0.bc4d2417.1664562350.105b7ede
set-cookie: akaalb_OCE_Failover=1664562410~op=JCOM_OCE:oceProdappJcomProdOrigin|~rv=98~m=oceProdappJcomProdOrigin:0|~os=2708f36cb43ca861e42dc0215e4669c5~id=c7a8399bd86e8b9086fad681f1a14446; path=/; Expires=Fri, 30 Sep 2022 18:26:50 GMT; Secure; SameSite=None
x-xss-protection: 1
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (18444), with no line terminators
Size:   5512
Md5:    7f24f47af4c9617cb4d6f5642bf5938f
Sha1:   2b5514af68aeead50ee564396a4eae2997e54939
Sha256: 59ccf883b6624b37724c791977919c9116d1025c1a20def63f4fb8984d47b3e1
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.39
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 30 Sep 2022 18:25:50 GMT
Last-Modified: Fri, 30 Sep 2022 17:45:40 GMT
Server: ECS (nyb/1D12)
X-Cache: Miss from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: RoKFMk2FoRUP6uOzLr7wIKjmC6bSZxSChRaydiF36G1sGYMuQ6_DCQ==
Age: 2410

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.39
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 30 Sep 2022 18:25:50 GMT
Last-Modified: Fri, 30 Sep 2022 17:10:41 GMT
Server: ECS (nyb/1D31)
X-Cache: Miss from cloudfront
Via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: -L9vkDEgouTIjkRNSNvfDn-dacS_snkS-Y72tODZ8vxaE7CBU1us4g==
Age: 4509

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.39
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 30 Sep 2022 18:25:50 GMT
Last-Modified: Fri, 30 Sep 2022 17:50:11 GMT
Server: ECS (bsa/EB1F)
X-Cache: Miss from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 1S6TuZXCQgnD8WZ714xaMAo6Xoaci5mKk91EH4trvt-tVdyvwEZgFQ==
Age: 2139

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.39
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 30 Sep 2022 18:25:50 GMT
Last-Modified: Fri, 30 Sep 2022 16:50:12 GMT
Server: ECS (bsa/EB13)
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: DzhNIzAXFzo7mFSlQoOrfovObcR0LV2LdB54yN0XbZUDVzRm5PFV4g==
Age: 5738

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.39
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 30 Sep 2022 18:25:50 GMT
Last-Modified: Fri, 30 Sep 2022 17:13:51 GMT
Server: ECS (bsa/EB14)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: jrc8WKupFWlIgfS1apfoyRv8CZCAkLTrZxr0zQcP4QVjfX5S0e_zsQ==
Age: 4319

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1067
Cache-Control: 'max-age=158059'
Date: Fri, 30 Sep 2022 18:25:50 GMT
Last-Modified: Fri, 30 Sep 2022 18:08:03 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /detect/realplayer.js?guid=f5f4f75b51&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: tslp.s3.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         52.217.81.52
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: LCCiFtRc/J5i1SBu3oZXU0AAIlbuYNzcTouFJrRWZB79GFIhY/YLrchIzvVXnxxIaEge0WGJDys=
x-amz-request-id: 06WJ22ME4VW96QBY
Date: Fri, 30 Sep 2022 18:25:51 GMT
Last-Modified: Wed, 15 Feb 2017 14:45:02 GMT
ETag: "3d7be656672c16a34806c13388410325"
x-amz-version-id: null
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 9775


--- Additional Info ---
Magic:  ASCII text
Size:   9775
Md5:    3d7be656672c16a34806c13388410325
Sha1:   c391646c980c60d75c35b33a974c97ae88114eef
Sha256: 88be902cc76b5ec1ec932b6ae93457b6b0ca69d7a36bfadefc2f24db225dc238
                                        
                                            GET /detect/flash.js?guid=f5f4f75b51&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: tslp.s3.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         52.217.81.52
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: m8K1ShgpofXLuYnSSJDCQJIwmWTw25Snha7uBaahG8QULY6Qpkr4IxGuIXssPsaKtuDEBllmTe0=
x-amz-request-id: 06WNSQ72Y3N599HS
Date: Fri, 30 Sep 2022 18:25:51 GMT
Last-Modified: Wed, 15 Feb 2017 03:54:01 GMT
ETag: "f9ad9a096894ba248e4a1f73e7eba1be"
x-amz-version-id: null
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 6680


--- Additional Info ---
Magic:  ASCII text
Size:   6680
Md5:    f9ad9a096894ba248e4a1f73e7eba1be
Sha1:   f2449ce5f7a5c42ffdcc5f087a75b2513e73592c
Sha256: a26d01d5912459798481786640dc44fd7605d09f2f9e6dd24720205efcab6861
                                        
                                            GET /detect/quicktime.js?guid=f5f4f75b51&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: tslp.s3.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         52.217.81.52
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: Ai/pWn4vfuL4y+LIkijNDUz7TmKcdfnkft9MoHNqjSsda6Axiie2vMD/kcexwnM4Cj0TCEr5QRg=
x-amz-request-id: 06WVDA8AKQ0VMJXG
Date: Fri, 30 Sep 2022 18:25:51 GMT
Last-Modified: Wed, 15 Feb 2017 14:41:05 GMT
ETag: "ee73f2f47d51116dc40b85a6b57eaf20"
x-amz-version-id: null
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 6999


--- Additional Info ---
Magic:  ASCII text, with very long lines (322)
Size:   6999
Md5:    ee73f2f47d51116dc40b85a6b57eaf20
Sha1:   6c42011667bac1fa6c3272a11b510f22962d72a2
Sha256: 6ae53963f41133561c78b4332b564c01f551c471cd91d980436a9f5dacdd8f19
                                        
                                            GET /detect/plugin_detect.js?guid=f5f4f75b51&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: tslp.s3.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         52.217.81.52
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: WKM3QtnLpfvZHrOiLquTL4l6kTXKDpAbWxg/tvTqKuz8Brc4YiMAmqA9KnaQtX7W6prza39/pA0=
x-amz-request-id: 06WS9X19FSVC6FSJ
Date: Fri, 30 Sep 2022 18:25:51 GMT
Last-Modified: Wed, 15 Feb 2017 17:56:07 GMT
ETag: "00a513f07603df01e3b99be00f370754"
x-amz-version-id: null
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 50085


--- Additional Info ---
Magic:  ASCII text, with very long lines (306)
Size:   50085
Md5:    00a513f07603df01e3b99be00f370754
Sha1:   f0c03b1c50f39c95075df687cd55f18861631526
Sha256: 4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a
                                        
                                            GET /detect/pdf.js?guid=f5f4f75b51&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: tslp.s3.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         52.217.81.52
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: yQN0yBHcv9uxq5L/2T7+8SocJiV7vI5ueoaQHZDMnc9wUoucN6LhaJ2N1wf6ifobDtkDSyFck10=
x-amz-request-id: 06WQ1WWW6WWGQ781
Date: Fri, 30 Sep 2022 18:25:51 GMT
Last-Modified: Wed, 15 Feb 2017 14:39:34 GMT
ETag: "0d5882d41c8b6e40059c8d9acbcf1518"
x-amz-version-id: null
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 22855


--- Additional Info ---
Magic:  ASCII text
Size:   22855
Md5:    0d5882d41c8b6e40059c8d9acbcf1518
Sha1:   53103565f3c07416fc691583a43a91943dbf0809
Sha256: d9b7c6163477008469af64b211e2dbd4f4171b85b51e3714f11c99f9ba2c32f9
                                        
                                            GET /detect/java.js?guid=f5f4f75b51&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: tslp.s3.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         52.217.81.52
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: 4KxQcSi+kyBcxgbXcdMXAxUT7Y6mLGzG8vPdsEzmibh/wP36XYrgUiXz0/cb9+MgO8dXfIYKTkE=
x-amz-request-id: 06WXP70EMTXTABAP
Date: Fri, 30 Sep 2022 18:25:51 GMT
Last-Modified: Wed, 15 Feb 2017 14:38:28 GMT
ETag: "2bec0061039dc3fb25fc20aaf611d5b9"
x-amz-version-id: null
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 50717


--- Additional Info ---
Magic:  ASCII text
Size:   50717
Md5:    2bec0061039dc3fb25fc20aaf611d5b9
Sha1:   dfc11b0662ac5950d309e2615e887032dd1dde0c
Sha256: 4805fc6abdad8075af2165e241b781c3073d4769ae725e4004bf79064acb5f24
                                        
                                            GET /detect/silverlight.js?guid=f5f4f75b51&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: tslp.s3.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         52.217.81.52
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: 2LtmxvXz7cKMtQWsKCT6s+XFyqEfpejG5MPaoPB7mpVR2Z10htbznwK5dnASLnxpBDX/+yiHMH8=
x-amz-request-id: 06WKB8FEAM7MZ082
Date: Fri, 30 Sep 2022 18:25:51 GMT
Last-Modified: Wed, 15 Feb 2017 18:00:03 GMT
ETag: "e6dd596d2bc204ea573b868b92028c26"
x-amz-version-id: null
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 4234


--- Additional Info ---
Magic:  ASCII text
Size:   4234
Md5:    e6dd596d2bc204ea573b868b92028c26
Sha1:   fa58bba4c9a01b3764a881949a8423b773d8a338
Sha256: 0730a7e6770925fa4232096e4d9874514985ec791a63fe873f0e4e3cd7722381
                                        
                                            GET /detect/wmp.js?guid=f5f4f75b51&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: tslp.s3.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         52.217.81.52
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: 6+a6tkORqsrXSWpVLmC/OqFJ3bXVgJfDdmVSXGl6m8kdyaatMUiKNP5MgeQ3+n4mLDDunKedFVw=
x-amz-request-id: 06WMKP48HYV58VP5
Date: Fri, 30 Sep 2022 18:25:51 GMT
Last-Modified: Wed, 15 Feb 2017 15:07:14 GMT
ETag: "ffd2cc77bb64d40beeb5d561fffe1f79"
x-amz-version-id: null
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 5941


--- Additional Info ---
Magic:  ASCII text
Size:   5941
Md5:    ffd2cc77bb64d40beeb5d561fffe1f79
Sha1:   6cb535641677d27e4de591ceb3c4e2f408826e7d
Sha256: cdb16ca3ddd3cead71121799751fa80d3033375abcdbc5fc84d35fb82c7fc9de
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: iykOnJOlp7BhA8rj4lItKw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.38.227.80
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: jTNDEqrS3VJtR6idq6Vg1/JF+2I=

                                        
                                            GET /trace?id=f5f4f75b51&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/95f5f4fac75b518a?l=42
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 30 Sep 2022 18:25:50 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 58e13232-e423-4cd4-b7a7-b6568ddf8ca8
x-runtime: 0.002533
x-host-info: lw-prod-us-i-0fd22a97a28557dff, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2

                                        
                                            POST /secure/browser_post HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/95f5f4fac75b518a?l=42
X-NewRelic-ID: XQ4GVVFACQAAU1dSDgQCVA==
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6Ijk4MTQ3IiwiYXAiOiIxMzA3NjEzMzY2IiwiaWQiOiI3ZWRjOTg0NTgzZDBiMWRmIiwidHIiOiI5Njc1NjdkN2M5ZDk0MzgxMjBhYTg5YTI5ODk2ZDYzOCIsInRpIjoxNjY0NTYyMzQ3NjkyLCJ0ayI6IjE1MDY5MjQifX0=
traceparent: 00-967567d7c9d9438120aa89a29896d638-7edc984583d0b1df-01
tracestate: 1506924@nr=0-1-98147-1307613366-7edc984583d0b1df----1664562347692
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 1079
Origin: https://etrade.tradeinternationai.com
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: image/gif; charset=utf-8
                                        
date: Fri, 30 Sep 2022 18:25:51 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
vary: Accept-Encoding, Accept
cache-control: no-cache
x-request-id: 66724a3d-e3b2-4f98-a049-128f43611511
x-runtime: 0.012668
x-host-info: lw-prod-us-i-036429de2146341a4, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2

                                        
                                            GET /trace?id=f5f4f75b51&msg=Could%20not%20find%20AdobeReader%20version&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/95f5f4fac75b518a?l=42
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 30 Sep 2022 18:25:51 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 7c2f4101-2ff1-429a-bffa-df3d3c9e7219
x-runtime: 0.006967
x-host-info: lw-prod-us-i-0127738a57bfad526, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2

                                        
                                            GET /trace?id=f5f4f75b51&msg=Loading%20quicktime%20version&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/95f5f4fac75b518a?l=42
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 30 Sep 2022 18:25:51 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 4df18f2b-c324-444b-84e8-2b19c23bd77b
x-runtime: 0.003456
x-host-info: lw-prod-us-i-036429de2146341a4, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11327
Expires: Fri, 30 Sep 2022 21:34:39 GMT
Date: Fri, 30 Sep 2022 18:25:52 GMT
Connection: keep-alive

                                        
                                            GET /trace?id=f5f4f75b51&msg=quicktime%20%3D%20unknown&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/95f5f4fac75b518a?l=42
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 30 Sep 2022 18:25:51 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: c3cd0149-580f-4226-bc32-c85e1c94abb2
x-runtime: 0.001832
x-host-info: lw-prod-us-i-08b8680cf3c18b5b1, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2

                                        
                                            GET /trace?id=f5f4f75b51&msg=BrowserDetect%20-%20height%20%3D%201024&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/95f5f4fac75b518a?l=42
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 30 Sep 2022 18:25:51 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: d6378ff2-c31e-4c8e-8101-420b3f3f6830
x-runtime: 0.007595
x-host-info: lw-prod-us-i-08b8680cf3c18b5b1, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   14093
Md5:    fda9a665c40d62faa6049e1cb506cc30
Sha1:   00da96242a6d314698101a512e9b158a111c1b90
Sha256: e69994258c978f9c9ae2de922617134a5c885d89a12a9bde7eaad3aed73a90f2
                                        
                                            GET /trace?id=f5f4f75b51&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/95f5f4fac75b518a?l=42
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 30 Sep 2022 18:25:51 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 3bb2f54b-40df-44a3-a03f-2b3734e04621
x-runtime: 0.005746
x-host-info: lw-prod-us-i-036429de2146341a4, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   5126
Md5:    afb988ee8f3cf6040b3fb97ce65fceda
Sha1:   bd677e8821d303e28b04d648128754fcce5f2399
Sha256: 14bf677347e5a96d64d0a49a9398c46b4365495f13f059093dbd5cb37b5ed4d4
                                        
                                            GET /trace?id=f5f4f75b51&msg=java_version_jres%20%3D%20unknown&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/95f5f4fac75b518a?l=42
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 30 Sep 2022 18:25:51 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: ca8a29d2-8a0d-457b-9082-30080a522497
x-runtime: 0.004083
x-host-info: lw-prod-us-i-08b8680cf3c18b5b1, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   8079
Md5:    9320dbaa9ab87e957897edcec80f746b
Sha1:   c195cb8431f21a3f2063365cea9d229fcb73b8c5
Sha256: bf12b9aebd4a06648b3ff7bfe42b05a3b4c2fcae73670d646f9dbb2c5efcf3c8
                                        
                                            GET /trace?id=f5f4f75b51&msg=BrowserDetect%20-%20width%20%3D%201280&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/95f5f4fac75b518a?l=42
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 30 Sep 2022 18:25:51 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: b25ff385-ef59-4197-8545-b4372582ab50
x-runtime: 0.001703
x-host-info: lw-prod-us-i-036429de2146341a4, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   6742
Md5:    b7a22b6fa5b4906243476af735a7d15d
Sha1:   e855f9167344994787071940a7e36dcee684a7bb
Sha256: f582e79a69c1abaa0310deaf20bf4844d448a11633f277f42f8362d3ed397588
                                        
                                            GET /trace?id=f5f4f75b51&msg=java_version%20%3D%20undefined&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/95f5f4fac75b518a?l=42
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 30 Sep 2022 18:25:51 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: e4e2368f-63fc-483b-8adc-5cd67603b756
x-runtime: 0.004312
x-host-info: lw-prod-us-i-0127738a57bfad526, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   10400
Md5:    1f1fbe85699eab37b14248f43cf55f9f
Sha1:   8611b793181674a9b93c729d86a1856275a56fa7
Sha256: 6787f70e7342f3edf9026b9ebaab23296d8a5a5f1f83b14bfbe1b3c9ed9c2777
                                        
                                            GET /trace?id=f5f4f75b51&msg=flash%20%3D%20unknown&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/95f5f4fac75b518a?l=42
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 30 Sep 2022 18:25:51 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 328a064e-a11f-4b69-9c84-15c9ee2b11db
x-runtime: 0.002740
x-host-info: lw-prod-us-i-036429de2146341a4, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   16031
Md5:    5bbde3b3a54d27d43e86093cfcfd974b
Sha1:   8d969adda495d0f2b68021efc6734ca7116d22a8
Sha256: f08a133f2e4689b103574e13f81d99661a38c032f51d2e6077339b833fbf8458
                                        
                                            GET /assets/all.js?guid=f5f4f75b51&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/load_training?guid=42f5f4f2475b51a8&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 30 Sep 2022 18:25:52 GMT
content-length: 7191
last-modified: Thu, 25 Aug 2022 13:19:40 GMT
vary: Accept-Encoding
content-encoding: gzip
server: ThreatSim-Web-Server
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   7191
Md5:    db7c58fc21f4bbb0900fed3889f61df2
Sha1:   24047c64e0dbdbcc8eef175a42dc1911f7f8a6aa
Sha256: 5a1dcea95a97b018b93cc58089502fd2069d508c02088c0c6a49533fef91afb7
                                        
                                            GET /training/production/314/email-link-825ff1.png HTTP/1.1 
Host: tslp.s3.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         52.217.81.52
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: 1Y/WXp2vzkhGGKVCqt1KmeRkiuKyW7CfMxGULyEy2B9xQ/B7VJ57TmvrV4wS6F8EmgsmGhZ8xcE=
x-amz-request-id: GF21W7N5ZR8PZPX9
Date: Fri, 30 Sep 2022 18:25:53 GMT
Last-Modified: Thu, 24 Oct 2019 12:45:20 GMT
ETag: "669af43ab1f782235899ca3b267c6a59"
x-amz-version-id: Qu2oiCk2hDnN088.2PlgydVBeWPtVnE5
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 13426


--- Additional Info ---
Magic:  PNG image data, 315 x 237, 8-bit/color RGBA, non-interlaced\012- data
Size:   13426
Md5:    669af43ab1f782235899ca3b267c6a59
Sha1:   db45f9b3f9e2461e70849334f25f3fac8ce717b4
Sha256: e4e3f828d50fbfe9f6f7783802a424b638f89c8c66f881afdb5490f0f3dc995a
                                        
                                            GET /training/production/314/comp-bad83b.png HTTP/1.1 
Host: tslp.s3.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         52.217.81.52
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: FQ2e73Kj0mGKY5t9UmmdUIqYdOHFB6KYs6M8hy0TogNxVHc408djokL8j0PJe/PUsaALRveghAo=
x-amz-request-id: GF23QSCYNFQ26B6F
Date: Fri, 30 Sep 2022 18:25:53 GMT
Last-Modified: Thu, 24 Oct 2019 12:44:47 GMT
ETag: "f7e292234bb684ffd2aab275f00efd18"
x-amz-version-id: BBSZr6_NZTUHwqDxWBkl204iQ6MXfpU5
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 4481


--- Additional Info ---
Magic:  PNG image data, 304 x 172, 8-bit/color RGBA, non-interlaced\012- data
Size:   4481
Md5:    f7e292234bb684ffd2aab275f00efd18
Sha1:   923026e0a2ca42495eef9460613300b7af50950b
Sha256: 9c33c855ff5d739fb06705fd05aff042724a4135c911993d222c5f700ef308c2
                                        
                                            GET /trace?id=f5f4f75b51&msg=Loading%20RealPlayer%20version&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/95f5f4fac75b518a?l=42
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 30 Sep 2022 18:25:51 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 739687c9-1e36-4ca0-86c9-6a9e352a6b8d
x-runtime: 0.001874
x-host-info: lw-prod-us-i-0127738a57bfad526, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   13012
Md5:    2924d237de5883585bc420043abc251f
Sha1:   18ff4b1ae3cca5c02e0ccc31c547a25c417a2dc7
Sha256: 484183f026716be8154988d1b2cff6dddf73a76c8e29cc44dc11f46c6baf2299
                                        
                                            GET /trace?id=f5f4f75b51&msg=wmp%20%3D%20unknown&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/95f5f4fac75b518a?l=42
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 30 Sep 2022 18:25:51 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: bd7451e9-ecc0-49b4-a81c-9a63aa8a8193
x-runtime: 0.001830
x-host-info: lw-prod-us-i-0fd22a97a28557dff, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   4233
Md5:    b19cad5c3f88417d2b8677950fff3eb9
Sha1:   5b9b01802cb1e01d4e8fba34ddea649a413022e0
Sha256: dbb7e2cb5f043184db6df86b3b18925aada8b209a5dce259a23380626b316374
                                        
                                            GET /nr-spa-1216.min.js HTTP/1.1 
Host: js-agent.newrelic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.86.137
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: TAwVDFAylU9PwNPPW/eXC4UyIMC8EQ1d6JNW9Q+uXGnPmL1fuimq9M3lAe733gCMeKNDiCQX1YM=
x-amz-request-id: SYTECJR5CMD8NJ8E
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "63e2df852d15ab21d7ff8fc4363222e8"
x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Fri, 30 Sep 2022 18:25:52 GMT
via: 1.1 varnish
x-served-by: cache-bma1651-BMA
x-cache: HIT
x-cache-hits: 2146
x-timer: S1664562353.691974,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 18216
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32010)
Size:   18216
Md5:    6561a2403142205f966207d61576f1a6
Sha1:   1310e72f494e12ab63a4280fc1600a2c89dc9bb8
Sha256: 0e496fcab0b9120938373e271fa6631b7da17adf33f8a490637467c170a3e37a
                                        
                                            GET /trace?id=f5f4f75b51&msg=realplayer%20%3D%20unknown&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/95f5f4fac75b518a?l=42
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 30 Sep 2022 18:25:51 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: d3a82908-9755-471f-8ee6-2f36d4bd1192
x-runtime: 0.001720
x-host-info: lw-prod-us-i-0fd22a97a28557dff, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2

                                        
                                            GET /1/4b7a74eb40?a=980074831&v=1216.487a282&to=dVtXQkUKCFpTQxtYFF8bTURWDApfWFZrTR1GUUoZRA0LQQ%3D%3D&rst=747&ck=1&ref=https://etrade.tradeinternationai.com/load_training&ap=17&be=144&fe=645&dc=339&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1664562348708,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22s%22:0,%22ce%22:0,%22rq%22:9,%22rp%22:125,%22rpe%22:125,%22dl%22:127,%22di%22:319,%22ds%22:339,%22de%22:354,%22dc%22:643,%22l%22:643,%22le%22:646%7D,%22navigation%22:%7B%7D%7D&fcp=371&jsonp=NREUM.setToken HTTP/1.1 
Host: bam-cell.nr-data.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         162.247.241.2
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Date: Fri, 30 Sep 2022 18:25:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 752f00f0d928b527-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=90446a5bd3184a9d; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l0pADMx6obC7MvM7w89kh%2FMCd5qpX9oKgPZDWfEoSRcEQvzINxOG8y5npKkh%2BZBzzegEZmNMosA8qXk%2FK6plFZdHDIAiJPW9LgyDqEbtSeGJcRduCI%2BIqhIu1MDuAQXvJVqf23Ov"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   72
Md5:    107d93e382e2c9b00fbf9fb0edc65d86
Sha1:   77e750e3ebf9706f4f6dd253785602d70be17c6c
Sha256: a1ee50b689ea433a0acdccbf4ee4629e9ea3f9c4bcdd21effb334359a2f9e937
                                        
                                            GET /trace?id=f5f4f75b51&msg=pdf%20%3D%20unknown&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/95f5f4fac75b518a?l=42
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 30 Sep 2022 18:25:51 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: fbd3663f-cb60-4830-a6d4-f888294648bc
x-runtime: 0.002853
x-host-info: lw-prod-us-i-0fd22a97a28557dff, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2

                                        
                                            GET /trace?id=42f5f4f2475b51a8&msg=BrowserDetect%20-%20browser%20%3D%20Firefox&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/load_training?guid=42f5f4f2475b51a8&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 30 Sep 2022 18:25:52 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: c6a200c5-0bbf-405c-85cb-58cb3d669c1a
x-runtime: 0.002276
x-host-info: lw-prod-us-i-0127738a57bfad526, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /trace?id=42f5f4f2475b51a8&msg=Loading%20pdf%20version&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/load_training?guid=42f5f4f2475b51a8&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 30 Sep 2022 18:25:52 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: ca60cd68-09de-493e-9ff8-96e2ceae0dc1
x-runtime: 0.007366
x-host-info: lw-prod-us-i-08b8680cf3c18b5b1, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /trace?id=f5f4f75b51&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/95f5f4fac75b518a?l=42
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 30 Sep 2022 18:25:51 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 2be5aa0e-4132-4a7f-9b91-fbca47f13534
x-runtime: 0.001732
x-host-info: lw-prod-us-i-0127738a57bfad526, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /trace?id=42f5f4f2475b51a8&msg=wmp%20%3D%20unknown&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/load_training?guid=42f5f4f2475b51a8&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 30 Sep 2022 18:25:52 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: af9f5c20-7c05-420d-8b0f-4feb5b6bada8
x-runtime: 0.004588
x-host-info: lw-prod-us-i-0fd22a97a28557dff, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /trace?id=42f5f4f2475b51a8&msg=quicktime%20%3D%20unknown&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/load_training?guid=42f5f4f2475b51a8&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 30 Sep 2022 18:25:52 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 5508a602-fbf0-47d9-b9c0-41f18443d790
x-runtime: 0.012817
x-host-info: lw-prod-us-i-08b8680cf3c18b5b1, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /assets/ajax/libs/jquery/1.9.1/jquery.min.js HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/95f5f4fac75b518a?l=42
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 30 Sep 2022 18:25:50 GMT
last-modified: Thu, 25 Aug 2022 13:19:40 GMT
vary: Accept-Encoding
server: ThreatSim-Web-Server
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /trace?id=f5f4f75b51&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/95f5f4fac75b518a?l=42
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 30 Sep 2022 18:25:50 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 6fdd8627-9739-4505-b2ae-3a6dc966d0be
x-runtime: 0.001973
x-host-info: lw-prod-us-i-036429de2146341a4, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /trace?id=f5f4f75b51&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/95f5f4fac75b518a?l=42
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 30 Sep 2022 18:25:51 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 1d74b2c1-40ca-498d-8b1a-73f041c14079
x-runtime: 0.006188
x-host-info: lw-prod-us-i-0127738a57bfad526, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /trace?id=42f5f4f2475b51a8&msg=Loading%20quicktime%20version&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/load_training?guid=42f5f4f2475b51a8&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 30 Sep 2022 18:25:52 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: ee436d55-8a2b-4d1e-b94e-f856b4a98aa5
x-runtime: 0.005822
x-host-info: lw-prod-us-i-036429de2146341a4, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /trace?id=42f5f4f2475b51a8&msg=realplayer%20%3D%20unknown&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/load_training?guid=42f5f4f2475b51a8&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 30 Sep 2022 18:25:52 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 275fc363-d86f-435f-a410-42ea52066843
x-runtime: 0.004928
x-host-info: lw-prod-us-i-0fd22a97a28557dff, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /trace?id=42f5f4f2475b51a8&msg=pdf%20%3D%20unknown&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/load_training?guid=42f5f4f2475b51a8&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 30 Sep 2022 18:25:52 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: f61feea6-4278-4188-872e-eb69e9562c84
x-runtime: 0.006129
x-host-info: lw-prod-us-i-0fd22a97a28557dff, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /trace?id=unknown&msg=did%20not%20find%20guid%20in%20last%20part%20of%20location&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/load_training?guid=42f5f4f2475b51a8&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 30 Sep 2022 18:25:52 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: fb84baab-5eac-4f77-a719-b86097d19b24
x-runtime: 0.002598
x-host-info: lw-prod-us-i-0127738a57bfad526, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /trace?id=f5f4f75b51&msg=java_version_pl%20%3D%20unknown&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/95f5f4fac75b518a?l=42
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 30 Sep 2022 18:25:51 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 1e09922f-377f-48cf-b818-5e86ff4fe5d2
x-runtime: 0.003404
x-host-info: lw-prod-us-i-0fd22a97a28557dff, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /trace?id=f5f4f75b51&msg=Loading%20flash%20version&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/95f5f4fac75b518a?l=42
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 30 Sep 2022 18:25:51 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: e2624976-f0b4-43af-9d71-45bc3210dc4f
x-runtime: 0.007145
x-host-info: lw-prod-us-i-0fd22a97a28557dff, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /trace?id=f5f4f75b51&msg=redirecting%20to%20%2Fload_training%3Fguid%3D42f5f4f2475b51a8%26correlation_id%3Dc97591fe-70b1-4d32-b7db-dde18a92992d&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/95f5f4fac75b518a?l=42
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 30 Sep 2022 18:25:51 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: d384f377-f9a4-4169-959f-64e3c2cd1cbe
x-runtime: 0.003321
x-host-info: lw-prod-us-i-08b8680cf3c18b5b1, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /trace?id=f5f4f75b51&msg=Loading%20Silverlight%20version&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/95f5f4fac75b518a?l=42
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 30 Sep 2022 18:25:51 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: ce4a7b6b-749a-404e-adcb-bb15d5256e05
x-runtime: 0.006387
x-host-info: lw-prod-us-i-036429de2146341a4, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /trace?id=f5f4f75b51&msg=Loading%20pdf%20version&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/95f5f4fac75b518a?l=42
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 30 Sep 2022 18:25:51 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: a8ac6035-a419-4f53-9b03-5fc5ba3e1b36
x-runtime: 0.011745
x-host-info: lw-prod-us-i-08b8680cf3c18b5b1, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /trace?id=42f5f4f2475b51a8&msg=training_page_no_browser_post&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/load_training?guid=42f5f4f2475b51a8&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 30 Sep 2022 18:25:52 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 30be9c47-70e0-4703-928f-d471d827db96
x-runtime: 0.004037
x-host-info: lw-prod-us-i-036429de2146341a4, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /95f5f4fac75b518a?l=42 HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Fri, 30 Sep 2022 18:25:50 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
etag: W/"29f7d01fe85d1a8a73b1cd4fdfe62b12"
cache-control: max-age=0, private, must-revalidate
set-cookie: EXFILGUID=f5f4f75b51; path=/ link_clicked_f5f4f75b51=1; path=/
x-request-id: 1a81a4dd-2e79-4617-83aa-02d8defd501a
x-runtime: 0.013603
x-host-info: lw-prod-us-i-0fd22a97a28557dff, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /trace?id=f5f4f75b51&msg=BrowserDetect%20-%20browser_version%20%3D%2096&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/95f5f4fac75b518a?l=42
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 30 Sep 2022 18:25:51 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 394b0f21-f38a-4f52-bb65-2c5685500ddc
x-runtime: 0.004292
x-host-info: lw-prod-us-i-0fd22a97a28557dff, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /trace?id=42f5f4f2475b51a8&msg=Loading%20flash%20version&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/load_training?guid=42f5f4f2475b51a8&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 30 Sep 2022 18:25:52 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: c5411e58-caec-4c0b-879f-1c04e38b4e49
x-runtime: 0.004918
x-host-info: lw-prod-us-i-0fd22a97a28557dff, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /trace?id=42f5f4f2475b51a8&msg=BrowserDetect%20-%20browser_version%20%3D%2096&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/load_training?guid=42f5f4f2475b51a8&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 30 Sep 2022 18:25:52 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: b623d4a2-09df-4647-bbef-4144d0576429
x-runtime: 0.002005
x-host-info: lw-prod-us-i-0fd22a97a28557dff, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /trace?id=42f5f4f2475b51a8&msg=java_version_jres%20%3D%20unknown&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/load_training?guid=42f5f4f2475b51a8&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 30 Sep 2022 18:25:52 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 72aa5d56-560c-430a-bbc8-20580c62030a
x-runtime: 0.007184
x-host-info: lw-prod-us-i-08b8680cf3c18b5b1, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /trace?id=42f5f4f2475b51a8&msg=flash%20%3D%20unknown&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/load_training?guid=42f5f4f2475b51a8&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 30 Sep 2022 18:25:52 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 397422b7-b2c5-47bd-a51f-2b84d3343c1a
x-runtime: 0.003937
x-host-info: lw-prod-us-i-036429de2146341a4, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /trace?id=f5f4f75b51&msg=BrowserDetect%20-%20browser%20%3D%20Firefox&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/95f5f4fac75b518a?l=42
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 30 Sep 2022 18:25:50 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: de3e693c-0db8-4e36-b564-b83a65258e3e
x-runtime: 0.002387
x-host-info: lw-prod-us-i-0127738a57bfad526, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /trace?id=f5f4f75b51&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/95f5f4fac75b518a?l=42
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 30 Sep 2022 18:25:51 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 7b2bc029-5912-4a68-9bea-44e255f5abf9
x-runtime: 0.002081
x-host-info: lw-prod-us-i-0127738a57bfad526, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /trace?id=42f5f4f2475b51a8&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/load_training?guid=42f5f4f2475b51a8&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 30 Sep 2022 18:25:52 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 79571b9a-7e56-439d-921b-96bff0ab401c
x-runtime: 0.001926
x-host-info: lw-prod-us-i-036429de2146341a4, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /trace?id=42f5f4f2475b51a8&msg=Loading%20RealPlayer%20version&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/load_training?guid=42f5f4f2475b51a8&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 30 Sep 2022 18:25:52 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: c8c59a97-16ff-4cc0-bff7-c1aadc8c5e2f
x-runtime: 0.002873
x-host-info: lw-prod-us-i-0127738a57bfad526, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /trace?id=f5f4f75b51&msg=BrowserDetect%20-%20os_version%20%3D%20&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/95f5f4fac75b518a?l=42
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 30 Sep 2022 18:25:51 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: ba28ff09-3e40-4e7e-8cbe-817cc3680c30
x-runtime: 0.002354
x-host-info: lw-prod-us-i-08b8680cf3c18b5b1, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /trace?id=42f5f4f2475b51a8&msg=BrowserDetect%20-%20height%20%3D%201024&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/load_training?guid=42f5f4f2475b51a8&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 30 Sep 2022 18:25:52 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: c6a06253-37f9-4ef0-bdc1-15f8217fa08c
x-runtime: 0.008415
x-host-info: lw-prod-us-i-08b8680cf3c18b5b1, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /trace?id=42f5f4f2475b51a8&msg=BrowserDetect%20-%20width%20%3D%201280&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/load_training?guid=42f5f4f2475b51a8&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 30 Sep 2022 18:25:52 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 9ae693b3-a0be-4932-8790-03382119d614
x-runtime: 0.003205
x-host-info: lw-prod-us-i-036429de2146341a4, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /trace?id=42f5f4f2475b51a8&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/load_training?guid=42f5f4f2475b51a8&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 30 Sep 2022 18:25:52 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 55be275b-ecee-4669-9661-81a96c9e507f
x-runtime: 0.002846
x-host-info: lw-prod-us-i-0127738a57bfad526, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /trace?id=42f5f4f2475b51a8&msg=redirect_url%20is%20undefined&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/load_training?guid=42f5f4f2475b51a8&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 30 Sep 2022 18:25:52 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 3a6a005b-acf8-4785-a428-819a57519919
x-runtime: 0.001748
x-host-info: lw-prod-us-i-08b8680cf3c18b5b1, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /trace?id=f5f4f75b51&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/95f5f4fac75b518a?l=42
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 30 Sep 2022 18:25:50 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 33d97d30-6e95-443d-bc5c-455bf99e629e
x-runtime: 0.002382
x-host-info: lw-prod-us-i-08b8680cf3c18b5b1, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /trace?id=undefined&msg=window.tracking_id%20is%20not%20set%2C%20let%27s%20get%20it&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/load_training?guid=42f5f4f2475b51a8&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 30 Sep 2022 18:25:52 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 7316ef1e-396d-47d1-9f36-5d130ed2e768
x-runtime: 0.002326
x-host-info: lw-prod-us-i-036429de2146341a4, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /trace?id=f5f4f75b51&msg=silverlight%20%3D%20unknown&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/95f5f4fac75b518a?l=42
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 30 Sep 2022 18:25:51 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: ce1f67de-6ce3-4737-9bb9-c3d1fe359919
x-runtime: 0.001706
x-host-info: lw-prod-us-i-08b8680cf3c18b5b1, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /trace?id=42f5f4f2475b51a8&msg=java_version_pl%20%3D%20unknown&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/load_training?guid=42f5f4f2475b51a8&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 30 Sep 2022 18:25:52 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 71052955-6034-4f4b-9f71-ea7cbbad0848
x-runtime: 0.003019
x-host-info: lw-prod-us-i-0fd22a97a28557dff, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /trace?id=42f5f4f2475b51a8&msg=java_version%20%3D%20undefined&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/load_training?guid=42f5f4f2475b51a8&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 30 Sep 2022 18:25:52 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 97ad8331-1313-477a-88d9-b78d6b7b166a
x-runtime: 0.003331
x-host-info: lw-prod-us-i-0127738a57bfad526, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /trace?id=42f5f4f2475b51a8&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/load_training?guid=42f5f4f2475b51a8&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 30 Sep 2022 18:25:52 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 247b7b1b-e110-489d-8044-05a182fa71d0
x-runtime: 0.007162
x-host-info: lw-prod-us-i-036429de2146341a4, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /trace?id=42f5f4f2475b51a8&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/load_training?guid=42f5f4f2475b51a8&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 30 Sep 2022 18:25:52 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 0ff4b816-7bcd-459b-a17b-70a826d7196a
x-runtime: 0.002631
x-host-info: lw-prod-us-i-08b8680cf3c18b5b1, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /trace?id=f5f4f75b51&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/95f5f4fac75b518a?l=42
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 30 Sep 2022 18:25:51 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 873c3a10-a5a4-4a62-b6bc-2d209a278434
x-runtime: 0.001712
x-host-info: lw-prod-us-i-036429de2146341a4, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /trace?id=f5f4f75b51&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/95f5f4fac75b518a?l=42
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 30 Sep 2022 18:25:51 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 9442e564-3852-4c89-9748-8dd39a1c6020
x-runtime: 0.002044
x-host-info: lw-prod-us-i-0fd22a97a28557dff, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /trace?id=42f5f4f2475b51a8&msg=Could%20not%20find%20AdobeReader%20version&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/load_training?guid=42f5f4f2475b51a8&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 30 Sep 2022 18:25:52 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 956fe7fe-3a69-4b69-aeb1-5f2555c6be27
x-runtime: 0.003061
x-host-info: lw-prod-us-i-0127738a57bfad526, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /trace?id=42f5f4f2475b51a8&msg=Loading%20Silverlight%20version&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d HTTP/1.1 
Host: etrade.tradeinternationai.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etrade.tradeinternationai.com/load_training?guid=42f5f4f2475b51a8&correlation_id=c97591fe-70b1-4d32-b7db-dde18a92992d
Connection: keep-alive
Cookie: EXFILGUID=f5f4f75b51; link_clicked_f5f4f75b51=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         18.215.9.130
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 30 Sep 2022 18:25:52 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: e48e3cc5-9d65-46e8-9309-56c357427ce8
x-runtime: 0.002656
x-host-info: lw-prod-us-i-036429de2146341a4, ; cb7b0591eac108ad07b079b0fa686194fe64ff8b
server: ThreatSim-Web-Server
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---