Report - login.micrasoft-395office.com/zgy-vign-wwh/a9bc1e936eca71d0?l=107

Report Overview

Submitted URL
login.micrasoft-395office.com/zgy-vign-wwh/a9bc1e936eca71d0?l=107
IP
52.213.98.16
ASN
#16509 AMAZON-02
Submitted
2024-04-23 09:51:29
Access
public
Website Title
You have been Phished!
Final URL
login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
login.micrasoft-395office.com	unknown	2018-06-29	2020-08-25	2024-01-29	31 kB	290 kB	34.248.78.201
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-22	1.1 kB	98 kB	216.58.207.227
www.java.com	54045	1996-06-06	2012-05-22	2024-04-15	419 B	20 kB	23.36.79.9
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-23	453 B	12 kB	142.250.74.106
java.com	15670	1996-06-06	2012-05-21	2024-04-17	415 B	19 kB	95.101.10.112
tslp.s3.amazonaws.com	209358	2005-08-18	2013-09-16	2024-03-26	7.3 kB	283 kB	3.5.16.103
ts-eu-uploads.s3-eu-west-1.amazonaws.com	551527	2005-08-18	2018-06-29	2024-02-23	502 B	6.0 kB	3.5.65.69
d2wy8f7a9ursnm.cloudfront.net	unknown	2008-04-25	2014-05-01	2024-04-21	436 B	7.2 kB	143.204.42.78
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-04-22	446 B	94 kB	142.250.74.42

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

JavaScript (31)

	URL	Size	First Seen	Last Seen
	d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js	6.6 kB	2023-03-07	2024-04-23
Pretty URL d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js IP 143.204.42.78 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:34:53 Last Seen2024-04-23 11:51:31 Times Seen371 Hash 85ff02da974c920ae6bfe5f6a602183f 849d4c02a6a1330e70ef6b53c5e50e56704e664a 9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc Loading...

	login.micrasoft-395office.com/assets/ajax/libs/jquery/1.11.0/jquery.min.js	96 kB	2023-03-07	2024-05-03
Pretty URL login.micrasoft-395office.com/assets/ajax/libs/jquery/1.11.0/jquery.min.js IP 34.248.78.201 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:10 Last Seen2024-05-03 20:40:00 Times Seen18675 Hash 8fc25e27d42774aeae6edbc0a18b72aa b66ed708717bf0b4a005a4d0113af8843ef3b8ff b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682 Loading...

	tslp.s3.amazonaws.com/detect/java.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015	51 kB	2023-03-07	2024-04-29
Pretty URL tslp.s3.amazonaws.com/detect/java.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015 IP 52.217.160.9 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:34:53 Last Seen2024-04-29 03:45:02 Times Seen146 Hash 2bec0061039dc3fb25fc20aaf611d5b9 dfc11b0662ac5950d309e2615e887032dd1dde0c 4805fc6abdad8075af2165e241b781c3073d4769ae725e4004bf79064acb5f24 Loading...

	java.com/js/deployJava.js	18 kB	2023-03-07	2024-04-29
Pretty URL java.com/js/deployJava.js IP 95.101.10.112 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:34:53 Last Seen2024-04-29 03:45:02 Times Seen179 Hash 9c1ae8d324e45716080572dfc20993a3 0afdd5636017b31750dd4e1a41ced118aaa5d3ab 358bb442f5d81ddc8e393d922458a9d84010efee2c346763ae87a45be92224d1 Loading...

	login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10	259 B	2024-04-23	2024-04-23
Pretty URL login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP 34.248.78.201 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-23 11:51:30 Last Seen2024-04-23 11:51:30 Times Seen1 Hash f5ab2431cd96f3ca1c26c8d0b8c34607 8d04f08c1fd9da3bb98d6427124d868e76458e33 782df8a494899fdb900129687d5ecc662b7e33da3efc9127fe48e1f99d62feeb Loading...

	login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10	8.8 kB	2024-04-23	2024-04-23
Pretty URL login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP 34.248.78.201 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-23 11:51:31 Last Seen2024-04-23 11:51:31 Times Seen1 Hash 22d8246c27f695d56f672c4c03b2c9a5 4f4e2e70ad11882ae64ef1272dcd247f78cfc641 49bc6a028ed396a9b64008f90cf1e075492448cd8e13fffb21b778b1437199d7 Loading...

	login.micrasoft-395office.com/assets/all.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015	28 kB	2023-03-07	2024-05-03
Pretty URL login.micrasoft-395office.com/assets/all.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015 IP 34.248.78.201 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:34:53 Last Seen2024-05-03 17:53:46 Times Seen531 Hash 097f74fc8f861ece148262a652ab806a 305ecb552c3ff6bd24b56333fab6e731eb81ed30 39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9 Loading...

	login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10	979 B	2024-04-23	2024-04-23
Pretty URL login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP 34.248.78.201 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-23 11:51:31 Last Seen2024-04-23 11:51:31 Times Seen1 Hash 49c3e98a75e3cae2c40ed8fb36fdfd16 cd17b62277b6a8667f085faceb95ed335624caf1 cfc5414660af8cb1aaf08eeebd35073884c605d96e5c42b8e3a9615d1a86ff79 Loading...

	login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10	4.0 kB	2024-04-23	2024-04-23
Pretty URL login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP 34.248.78.201 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-23 11:51:31 Last Seen2024-04-23 11:51:31 Times Seen1 Hash 6aa1ff699a455d0da5859951cdc122ab 4a6e36007ee6a6f97a1d8df19d9b3f03ea669571 e2e3fe4706ec382b7617824ef470bdd31c4e4178401ea15ff745a51e270ca85d Loading...

	login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10	883 B	2024-04-23	2024-04-23
Pretty URL login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP 34.248.78.201 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-23 11:51:31 Last Seen2024-04-23 11:51:31 Times Seen1 Hash d0e6a98ee26c836610a529c9d3108e4b ad30fa9a9248b1d40aeeb14b29c5dd8d353dc54b 6164bd10602328a6e57f43ed57245fba39a211523818efecb836f1c213408c8e Loading...

	tslp.s3.amazonaws.com/detect/pdf.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015	23 kB	2023-03-07	2024-04-29
Pretty URL tslp.s3.amazonaws.com/detect/pdf.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015 IP 52.217.160.9 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:34:53 Last Seen2024-04-29 03:45:02 Times Seen145 Hash 0d5882d41c8b6e40059c8d9acbcf1518 53103565f3c07416fc691583a43a91943dbf0809 d9b7c6163477008469af64b211e2dbd4f4171b85b51e3714f11c99f9ba2c32f9 Loading...

	tslp.s3.amazonaws.com/detect/silverlight.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015	4.2 kB	2023-03-07	2024-04-29
Pretty URL tslp.s3.amazonaws.com/detect/silverlight.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015 IP 3.5.29.187 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:34:53 Last Seen2024-04-29 03:45:02 Times Seen140 Hash e6dd596d2bc204ea573b868b92028c26 fa58bba4c9a01b3764a881949a8423b773d8a338 0730a7e6770925fa4232096e4d9874514985ec791a63fe873f0e4e3cd7722381 Loading...

	tslp.s3.amazonaws.com/detect/wmp.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015	5.9 kB	2023-03-07	2024-04-29
Pretty URL tslp.s3.amazonaws.com/detect/wmp.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015 IP 3.5.16.103 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:34:53 Last Seen2024-04-29 03:45:02 Times Seen141 Hash ffd2cc77bb64d40beeb5d561fffe1f79 6cb535641677d27e4de591ceb3c4e2f408826e7d cdb16ca3ddd3cead71121799751fa80d3033375abcdbc5fc84d35fb82c7fc9de Loading...

	unknown	46 B	2023-04-11	2024-05-03
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 22:36:29 Last Seen2024-05-03 08:48:20 Times Seen5948 Hash 5c399557f73fcf0024f42259cf94ee17 d2f46cbd088e9b289e63cc23e2377462c6459e3f 254e737260e5ff4f6043abc4ab52ee1f9ea6e9eab066b5c7ac1665c4cf75692b Loading...

	login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10	60 B	2024-04-23	2024-04-23
Pretty URL login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP 34.248.78.201 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-23 11:51:31 Last Seen2024-04-23 11:51:31 Times Seen1 Hash 611999c5c3df23bdcb9fed11a7035302 8eb1316a94527f404068603f3b727d874680e05a 1769bd6efa5d002dd4eb3ef9b82ad80cf43c499746b1f83d09613b660d422704 Loading...

	login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10	33 B	2023-03-07	2024-04-23
Pretty URL login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP 34.248.78.201 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 23:40:31 Last Seen2024-04-23 11:51:31 Times Seen58 Hash fd72869755dcb47bf3faba7ec3a75c5b 259f4b035d2560981123331422d65bca63c1f52b 3bdfdcb8ba03e889f78c369818fa399543c7f4f93ca2d8c09a8cd2db8e52aa3a Loading...

	login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10	34 B	2023-03-07	2024-04-23
Pretty URL login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP 34.248.78.201 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 23:40:31 Last Seen2024-04-23 11:51:31 Times Seen58 Hash 92f9b42564790d4a026995fb43c6e1f6 4f590c66f7518f09f9a82fe51f1575c583fa816a ee535cbe6802b32140e877171595ed49685b71bf81debfe93de6a42bfc726217 Loading...

	tslp.s3.amazonaws.com/languages/language.18071.js	8.2 kB	2023-03-08	2024-04-24
Pretty URL tslp.s3.amazonaws.com/languages/language.18071.js IP 52.217.160.9 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:05:07 Last Seen2024-04-24 17:19:01 Times Seen41 Hash 8b9a9d305bd69c962b600c08f3c69edf 9a907e240cdf81d8265c9fb1322cfe10ed027288 73f360f08e8c2a1719c098491e17d53cdaa98d246585bfd0285a2afad75c51a7 Loading...

	tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015	50 kB	2023-03-07	2024-04-29
Pretty URL tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015 IP 3.5.29.187 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:34:53 Last Seen2024-04-29 03:45:02 Times Seen297 Hash 00a513f07603df01e3b99be00f370754 f0c03b1c50f39c95075df687cd55f18861631526 4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js	93 kB	2023-03-07	2024-05-03
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js IP 142.250.74.42 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:12:05 Last Seen2024-05-03 21:39:58 Times Seen6294 Hash 0b6ecf17e30037994d3ffee51b525914 d09d3a99ed25d0f1fbe6856de9e14ffd33557256 f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729 Loading...

	login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10	32 B	2023-03-07	2024-04-23
Pretty URL login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP 34.248.78.201 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 23:40:31 Last Seen2024-04-23 11:51:31 Times Seen58 Hash e149c3d6252df2fed34066028347e296 d6529b916790e6d4ea035a63bd993d92fcbf2e85 afacc68b5c1dfe8c2b854923b4556b0090392348e05de75ee0200f7e7d7ce6ff Loading...

	tslp.s3.amazonaws.com/detect/quicktime.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015	7.0 kB	2023-03-07	2024-04-29
Pretty URL tslp.s3.amazonaws.com/detect/quicktime.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015 IP 3.5.29.187 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:34:53 Last Seen2024-04-29 03:45:02 Times Seen138 Hash ee73f2f47d51116dc40b85a6b57eaf20 6c42011667bac1fa6c3272a11b510f22962d72a2 6ae53963f41133561c78b4332b564c01f551c471cd91d980436a9f5dacdd8f19 Loading...

	login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10	38 B	2023-03-07	2024-04-23
Pretty URL login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP 34.248.78.201 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 23:40:31 Last Seen2024-04-23 11:51:31 Times Seen58 Hash f466c15081d7f19c968cf1f7ef1fc741 2118afb207a12da97fe66e0ea970ed431d84bfb9 c586bca21e1c55ca384dc198896df6d99a438a67e20c21a88db76eaa7622c1d0 Loading...

	tslp.s3.amazonaws.com/detect/flash.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015	6.7 kB	2023-03-07	2024-04-29
Pretty URL tslp.s3.amazonaws.com/detect/flash.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015 IP 3.5.16.103 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:34:53 Last Seen2024-04-29 03:45:02 Times Seen140 Hash f9ad9a096894ba248e4a1f73e7eba1be f2449ce5f7a5c42ffdcc5f087a75b2513e73592c a26d01d5912459798481786640dc44fd7605d09f2f9e6dd24720205efcab6861 Loading...

	tslp.s3.amazonaws.com/detect/realplayer.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015	9.8 kB	2023-03-07	2024-04-29
Pretty URL tslp.s3.amazonaws.com/detect/realplayer.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015 IP 3.5.29.187 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:34:53 Last Seen2024-04-29 03:45:02 Times Seen136 Hash 3d7be656672c16a34806c13388410325 c391646c980c60d75c35b33a974c97ae88114eef 88be902cc76b5ec1ec932b6ae93457b6b0ca69d7a36bfadefc2f24db225dc238 Loading...

	login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10	39 B	2023-03-07	2024-04-23
Pretty URL login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP 34.248.78.201 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 23:40:31 Last Seen2024-04-23 11:51:31 Times Seen58 Hash 3edb839a93341bd03d3e249073420a45 bc4f12cdb7390d2270eb4c4a3e819ea07dd364a1 ac397a9ea18a741f1d534d591ce5dd79013833a3226c4858ff9b0a9282b971dd Loading...

	login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10	40 B	2023-03-07	2024-04-23
Pretty URL login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP 34.248.78.201 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 23:40:31 Last Seen2024-04-23 11:51:31 Times Seen58 Hash a00e849745f22b50c529e3fed30a9f1e 3ec0b0683851840f2813b2cde77d9a56aeade091 6e20b9c5f65dc393c665ef26c43edd0629fa0f7e3544b95cd7c9918f680fe853 Loading...

	login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10	32 B	2023-03-07	2024-04-23
Pretty URL login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP 34.248.78.201 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 23:40:31 Last Seen2024-04-23 11:51:31 Times Seen58 Hash 5d88ecc7ba7865a272a0cb020115c77a cfb97d36f8fca4309b012d6aff997015a4e2dd7c 2033011fa42439d4d3f9a78037b3d42b84284449e4a4fb691505cd17cd27b93e Loading...

	login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10	926 B	2024-04-23	2024-04-23
Pretty URL login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP 34.248.78.201 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-23 11:51:31 Last Seen2024-04-23 11:51:31 Times Seen1 Hash b031d9347b53a86ae70626f37a7381bd 45c902fe888e8afdff73bf96198e7fd2641608bf de30e8f9d139e3c7f62ac11906497dee7b7af0433824df5a4ed796c54514f02a Loading...

	login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10	92 B	2023-03-08	2024-04-23
Pretty URL login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP 34.248.78.201 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 04:05:07 Last Seen2024-04-23 11:51:31 Times Seen2 Hash dfe8fea5f87413bc04256c1ca1739b91 fbef51944f5560fdde8fa9e46d7eaefe4f26af44 f1731b04cf2410341d195047d919be34f9bd88a710d3265b12dc3128a144d30a Loading...

	tslp.s3.amazonaws.com/assets/js/training.js	352 B	2023-03-07	2024-04-26
Pretty URL tslp.s3.amazonaws.com/assets/js/training.js IP 3.5.29.187 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:34:53 Last Seen2024-04-26 01:09:39 Times Seen67 Hash 029ab28ca3c245dc425e3f3f6599d480 845057d3630d0a06e797a7049b3e9658d7650af1 8a1170223599205267c6ee3a3072855f1727461d9dd1066bb94f39180f963af9 Loading...

HTTP Transactions (69)

	URL	IP	Response	Size
	login.micrasoft-395office.com/assets/all.js?g=bc1e9eca71	34.248.78.201		7.2 kB
URL login.micrasoft-395office.com/assets/all.js?g=bc1e9eca71 IP 34.248.78.201:0 ASN #16509 AMAZON-02 File type JavaScript source, ASCII text Size 7.2 kB (7191 bytes) Hash 097f74fc8f861ece148262a652ab806a 305ecb552c3ff6bd24b56333fab6e731eb81ed30 39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9 HTTP Headers GET /assets/all.js?g=bc1e9eca71 HTTP/1.1 Host: login.micrasoft-395office.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/zgy-vign-wwh/a9bc1e936eca71d0?l=107 DNT: 1 Connection: keep-alive Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK date: Tue, 23 Apr 2024 09:51:03 GMT content-type: application/javascript content-length: 7191 last-modified: Thu, 11 Apr 2024 12:55:27 GMT vary: Accept-Encoding content-encoding: gzip server: ThreatSim-Web-Server expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000, public access-control-allow-origin: * X-Firefox-Spdy: h2`

	tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=bc1e9eca71&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10	3.5.16.103	200 OK	50 kB
URL GET HTTP/1.1 tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=bc1e9eca71&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP 3.5.16.103:443 ASN #14618 AMAZON-AES Requested by https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 Certificate IssuerAmazon Subject.s3.amazonaws.com FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1 ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (306) Size 50 kB (50085 bytes) Hash 00a513f07603df01e3b99be00f370754 f0c03b1c50f39c95075df687cd55f18861631526 4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a HTTP Headers `GET /detect/plugin_detect.js?guid=bc1e9eca71&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1 Host: tslp.s3.amazonaws.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK x-amz-id-2: FMWc7D2F2yl2X3+6PIw8j9IprCfJTFkx+MFfOvQQf6StMOdJCSUtSZviTolf/DHopw/6CsErVdQj1FkJXLUctQ== x-amz-request-id: 3CD96PK70PCVJ36C Date: Tue, 23 Apr 2024 09:51:06 GMT Last-Modified: Wed, 15 Feb 2017 17:56:07 GMT ETag: "00a513f07603df01e3b99be00f370754" x-amz-version-id: null Accept-Ranges: bytes Content-Type: text/javascript Server: AmazonS3 Content-Length: 50085`

	login.micrasoft-395office.com/favicon.ico	34.248.78.201	200 OK	0 B
URL GET HTTP/2 login.micrasoft-395office.com/favicon.ico IP 34.248.78.201:443 ASN #16509 AMAZON-02 Requested by https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 Certificate IssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /favicon.ico HTTP/1.1 Host: login.micrasoft-395office.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/zgy-vign-wwh/a9bc1e936eca71d0?l=107 DNT: 1 Connection: keep-alive Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK date: Tue, 23 Apr 2024 09:51:05 GMT content-type: image/x-icon content-length: 0 last-modified: Thu, 11 Apr 2024 12:55:27 GMT etag: "6617ddbf-0" server: ThreatSim-Web-Server access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2`

	login.micrasoft-395office.com/trace?id=bc1e9eca71&msg=BrowserDetect%20-%20browser%20%3D%20Firefox&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10	34.248.78.201		3.0 kB
URL login.micrasoft-395office.com/trace?id=bc1e9eca71&msg=BrowserDetect%20-%20browser%20%3D%20Firefox&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP 34.248.78.201:0 ASN #16509 AMAZON-02 File type JavaScript source, ASCII text, with very long lines (6636), with no line terminators Size 3.0 kB (2982 bytes) Hash 85ff02da974c920ae6bfe5f6a602183f 849d4c02a6a1330e70ef6b53c5e50e56704e664a 9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc HTTP Headers GET /trace?id=bc1e9eca71&msg=BrowserDetect%20-%20browser%20%3D%20Firefox&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1 Host: login.micrasoft-395office.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/zgy-vign-wwh/a9bc1e936eca71d0?l=107 DNT: 1 Connection: keep-alive Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Tue, 23 Apr 2024 09:51:05 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: 644d6566-8056-4373-abb2-2ad7bc9db3de x-runtime: 0.001622 x-host-info: lw-prod-eu-i-06164ae2ecae76ca0, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	login.micrasoft-395office.com/assets/all.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015	34.248.78.201	200 OK	7.2 kB
URL GET HTTP/2 login.micrasoft-395office.com/assets/all.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015 IP 34.248.78.201:443 ASN #16509 AMAZON-02 Requested by https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 Certificate IssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT File type JavaScript source, ASCII text Size 7.2 kB (7191 bytes) Hash 097f74fc8f861ece148262a652ab806a 305ecb552c3ff6bd24b56333fab6e731eb81ed30 39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9 HTTP Headers GET /assets/all.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015 HTTP/1.1 Host: login.micrasoft-395office.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 DNT: 1 Connection: keep-alive Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK date: Tue, 23 Apr 2024 09:51:07 GMT content-type: application/javascript content-length: 7191 last-modified: Thu, 11 Apr 2024 12:55:30 GMT vary: Accept-Encoding content-encoding: gzip server: ThreatSim-Web-Server expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000, public access-control-allow-origin: * X-Firefox-Spdy: h2`

	login.micrasoft-395office.com/assets/all.js?guid=bc1e9eca71&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10	34.248.78.201	200 OK	7.2 kB
URL GET HTTP/2 login.micrasoft-395office.com/assets/all.js?guid=bc1e9eca71&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP 34.248.78.201:443 ASN #16509 AMAZON-02 Requested by https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 Certificate IssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT File type JavaScript source, ASCII text Size 7.2 kB (7191 bytes) Hash 097f74fc8f861ece148262a652ab806a 305ecb552c3ff6bd24b56333fab6e731eb81ed30 39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9 HTTP Headers GET /assets/all.js?guid=bc1e9eca71&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1 Host: login.micrasoft-395office.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 DNT: 1 Connection: keep-alive Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK date: Tue, 23 Apr 2024 09:51:07 GMT content-type: application/javascript content-length: 7191 last-modified: Thu, 11 Apr 2024 12:55:27 GMT vary: Accept-Encoding content-encoding: gzip server: ThreatSim-Web-Server expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000, public access-control-allow-origin: * X-Firefox-Spdy: h2`

	login.micrasoft-395office.com/assets/ajax/libs/jquery/1.9.1/jquery.min.js	34.248.78.201		66 kB
URL login.micrasoft-395office.com/assets/ajax/libs/jquery/1.9.1/jquery.min.js IP 34.248.78.201:0 ASN #16509 AMAZON-02 File type JavaScript source, ASCII text, with very long lines (32089) Size 66 kB (66413 bytes) Hash 7eef2fd8e979c1f6a9d37b5ec0ac9625 1487da2c7fbab89ad1c6d4798502af58ba859479 7037d9eca0ef430e6d4b0a848d06ceb8644617af872f65427a95a1c24f366761 HTTP Headers GET /assets/ajax/libs/jquery/1.9.1/jquery.min.js HTTP/1.1 Host: login.micrasoft-395office.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/zgy-vign-wwh/a9bc1e936eca71d0?l=107 DNT: 1 Connection: keep-alive Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK date: Tue, 23 Apr 2024 09:51:03 GMT content-type: application/javascript last-modified: Thu, 11 Apr 2024 12:55:27 GMT vary: Accept-Encoding server: ThreatSim-Web-Server expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000, public access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2`

	login.micrasoft-395office.com/trace?id=bc1e9eca71&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10	34.248.78.201		20 B
URL login.micrasoft-395office.com/trace?id=bc1e9eca71&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP 34.248.78.201:0 ASN #16509 AMAZON-02 File type gzip compressed data, max compression, from Unix Size 20 B (20 bytes) Hash 4a4dd3598707603b3f76a2378a4504aa a0fddd5458378c1bf3c10dd2f5c060d1347741ed f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec HTTP Headers GET /trace?id=bc1e9eca71&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1 Host: login.micrasoft-395office.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/zgy-vign-wwh/a9bc1e936eca71d0?l=107 DNT: 1 Connection: keep-alive Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Tue, 23 Apr 2024 09:51:05 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: ddd8a965-9159-4c74-a17d-9a3174e802e3 x-runtime: 0.001339 x-host-info: lw-prod-eu-i-0630ecaca960f15d1, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	login.micrasoft-395office.com/trace?id=bc1e9eca71&msg=BrowserDetect%20-%20browser_version%20%3D%2096&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10	34.248.78.201		10 kB
URL login.micrasoft-395office.com/trace?id=bc1e9eca71&msg=BrowserDetect%20-%20browser_version%20%3D%2096&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP 34.248.78.201:0 ASN #16509 AMAZON-02 File type gzip compressed data, max compression, from Unix Size 10 kB (10101 bytes) Hash d65588a4a449b5ff55c1aeb001b12fa4 d846659a32c9045c1462c40e9e323366d866ed62 27397fbfe80d181a369f71cd9af6b87fa7854ab0dd50536a025839d44d2d7fc1 HTTP Headers GET /trace?id=bc1e9eca71&msg=BrowserDetect%20-%20browser_version%20%3D%2096&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1 Host: login.micrasoft-395office.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/zgy-vign-wwh/a9bc1e936eca71d0?l=107 DNT: 1 Connection: keep-alive Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Tue, 23 Apr 2024 09:51:05 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: b1a8bd4a-0804-429e-b860-8c9eceee5aad x-runtime: 0.001952 x-host-info: lw-prod-eu-i-0acc5e90dd72f7192, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	tslp.s3.amazonaws.com/training/embedded/css/url.css	3.5.16.103	200 OK	6.4 kB
URL GET HTTP/1.1 tslp.s3.amazonaws.com/training/embedded/css/url.css IP 3.5.16.103:443 ASN #14618 AMAZON-AES Requested by https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 Certificate IssuerAmazon Subject.s3.amazonaws.com FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1 ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT File type ASCII text, with very long lines (412) Size 6.4 kB (6367 bytes) Hash 0560febf38cfe916ab8ffbee8ce4e9fc 5e41bb9b576db52bcea94264b9929a286a20a0f4 18fd69a3bb1fc61221c8d6c3bbbd177c38a21d96392bf2b403ddd9969615cf22 HTTP Headers `GET /training/embedded/css/url.css HTTP/1.1 Host: tslp.s3.amazonaws.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/*;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK x-amz-id-2: Cr8gRMZGQ5JZKUaVWHVeMolt8p5KrWzJfKEL8+PtWSAIwbC4gqM4H7G5J6v4ndDSyHU60j6Ftf/tsanw1eIZoA== x-amz-request-id: RE4T9W3FAXZEE760 Date: Tue, 23 Apr 2024 09:51:08 GMT Last-Modified: Fri, 26 Aug 2022 14:07:46 GMT ETag: "0560febf38cfe916ab8ffbee8ce4e9fc" x-amz-server-side-encryption: AES256 x-amz-version-id: jWFW6Vb_IckPQFjf7Ej9_NT_HlQSyGGs Accept-Ranges: bytes Content-Type: text/css Server: AmazonS3 Content-Length: 6367`

	tslp.s3.amazonaws.com/detect/java.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015	52.217.160.9	200 OK	51 kB
URL GET HTTP/1.1 tslp.s3.amazonaws.com/detect/java.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015 IP 52.217.160.9:443 ASN #16509 AMAZON-02 Requested by https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 Certificate IssuerAmazon Subject.s3.amazonaws.com FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1 ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT File type JavaScript source, ASCII text Size 51 kB (50717 bytes) Hash 2bec0061039dc3fb25fc20aaf611d5b9 dfc11b0662ac5950d309e2615e887032dd1dde0c 4805fc6abdad8075af2165e241b781c3073d4769ae725e4004bf79064acb5f24 HTTP Headers `GET /detect/java.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015 HTTP/1.1 Host: tslp.s3.amazonaws.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK x-amz-id-2: tC25fUR6xDBMOL0Fh6RmnqjLqSw4Wg/sTTee7jU1k4GkI4+gT1gIN5nCr/wY/WtO/mEQ4T3V5Oc= x-amz-request-id: RE4N2TXQKF05X5A1 Date: Tue, 23 Apr 2024 09:51:08 GMT Last-Modified: Wed, 15 Feb 2017 14:38:28 GMT ETag: "2bec0061039dc3fb25fc20aaf611d5b9" x-amz-version-id: null Accept-Ranges: bytes Content-Type: text/javascript Server: AmazonS3 Content-Length: 50717`

	login.micrasoft-395office.com/trace?id=bc1e9eca71&msg=BrowserDetect%20-%20os_version%20%3D%20&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10	34.248.78.201		6.7 kB
URL login.micrasoft-395office.com/trace?id=bc1e9eca71&msg=BrowserDetect%20-%20os_version%20%3D%20&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP 34.248.78.201:0 ASN #16509 AMAZON-02 File type gzip compressed data, max compression, from Unix Size 6.7 kB (6700 bytes) Hash 76e58a6289e331a62a86eafc1f78758b f9727eb5d709070e2e3d4424afb47e63f6968c5a c75f54ecf0177241a4a318ec8fde5cbc362399f3f2b14b755681f22628683a5d HTTP Headers GET /trace?id=bc1e9eca71&msg=BrowserDetect%20-%20os_version%20%3D%20&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1 Host: login.micrasoft-395office.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/zgy-vign-wwh/a9bc1e936eca71d0?l=107 DNT: 1 Connection: keep-alive Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Tue, 23 Apr 2024 09:51:05 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: 439b790d-d918-43b4-ab98-5906968a5994 x-runtime: 0.001490 x-host-info: lw-prod-eu-i-034fcb0b4e2cb4302, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	login.micrasoft-395office.com/trace?id=bc1e9eca71&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10	34.248.78.201		50 kB
URL login.micrasoft-395office.com/trace?id=bc1e9eca71&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP 34.248.78.201:0 ASN #16509 AMAZON-02 File type gzip compressed data, max compression, from Unix Size 50 kB (50105 bytes) Hash f2f4fa7eda51f74581438a4c5e7c12e0 33c902a729bbe306c1d3f7fa74d945a4c75c8bdb cc9fce99b13d9f82a8586b345d08cbc1a57112aa2e5b85a86c9062b6910d5028 HTTP Headers GET /trace?id=bc1e9eca71&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1 Host: login.micrasoft-395office.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/zgy-vign-wwh/a9bc1e936eca71d0?l=107 DNT: 1 Connection: keep-alive Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Tue, 23 Apr 2024 09:51:05 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: e19f6fef-8b3c-4ee4-967f-0ab9275a3f4e x-runtime: 0.001284 x-host-info: lw-prod-eu-i-0630ecaca960f15d1, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	login.micrasoft-395office.com/trace?id=bc1e9eca71&msg=BrowserDetect%20-%20plugin%20WebKit%20built-in%20PDF&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10	34.248.78.201		23 kB
URL login.micrasoft-395office.com/trace?id=bc1e9eca71&msg=BrowserDetect%20-%20plugin%20WebKit%20built-in%20PDF&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP 34.248.78.201:0 ASN #16509 AMAZON-02 File type gzip compressed data, max compression, from Unix Size 23 kB (22875 bytes) Hash 0bc582c81c9bd7cc0fc71ad56574a24e 60b471311daaa38eff972065dc1ac441654b27f1 f75f028e64084613e027f2dfab2e3c83be97f056c6782095015a0863a1c0eecb HTTP Headers GET /trace?id=bc1e9eca71&msg=BrowserDetect%20-%20plugin%20WebKit%20built-in%20PDF&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1 Host: login.micrasoft-395office.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/zgy-vign-wwh/a9bc1e936eca71d0?l=107 DNT: 1 Connection: keep-alive Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Tue, 23 Apr 2024 09:51:05 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: 4c3b8697-d7ea-428d-a754-0fe8000b1b5e x-runtime: 0.001901 x-host-info: lw-prod-eu-i-0630ecaca960f15d1, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	login.micrasoft-395office.com/trace?id=bc1e9eca71&msg=BrowserDetect%20-%20height%20%3D%201024&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10	34.248.78.201		5.5 kB
URL login.micrasoft-395office.com/trace?id=bc1e9eca71&msg=BrowserDetect%20-%20height%20%3D%201024&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP 34.248.78.201:0 ASN #16509 AMAZON-02 File type JavaScript source, ASCII text, with very long lines (18444), with no line terminators Size 5.5 kB (5532 bytes) Hash 9c1ae8d324e45716080572dfc20993a3 0afdd5636017b31750dd4e1a41ced118aaa5d3ab 358bb442f5d81ddc8e393d922458a9d84010efee2c346763ae87a45be92224d1 HTTP Headers GET /trace?id=bc1e9eca71&msg=BrowserDetect%20-%20height%20%3D%201024&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1 Host: login.micrasoft-395office.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/zgy-vign-wwh/a9bc1e936eca71d0?l=107 DNT: 1 Connection: keep-alive Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Tue, 23 Apr 2024 09:51:05 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: 25758d5b-68d1-4e79-9f33-f2d7ce89cc6d x-runtime: 0.001808 x-host-info: lw-prod-eu-i-034fcb0b4e2cb4302, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=bc1e9eca71&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10	3.5.29.187	200 OK	50 kB
URL GET HTTP/1.1 tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=bc1e9eca71&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP 3.5.29.187:443 ASN #14618 AMAZON-AES Requested by https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 Certificate IssuerAmazon Subject.s3.amazonaws.com FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1 ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (306) Size 50 kB (50085 bytes) Hash 00a513f07603df01e3b99be00f370754 f0c03b1c50f39c95075df687cd55f18861631526 4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a HTTP Headers `GET /detect/plugin_detect.js?guid=bc1e9eca71&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1 Host: tslp.s3.amazonaws.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK x-amz-id-2: e+64Yv7ty0lqWk1itBa6odwexMDv87o4WBTEGL69EHHAwbWoaQbCqdhuPOIoGQVAYI+k9gKxe9y4CH/G0mfhsQlwgrJTw7O224tF9FzAlG8= x-amz-request-id: RE4P5MCQ8V3F30P9 Date: Tue, 23 Apr 2024 09:51:08 GMT Last-Modified: Wed, 15 Feb 2017 17:56:07 GMT ETag: "00a513f07603df01e3b99be00f370754" x-amz-version-id: null Accept-Ranges: bytes Content-Type: text/javascript Server: AmazonS3 Content-Length: 50085`

	tslp.s3.amazonaws.com/detect/wmp.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015	3.5.16.103	200 OK	5.9 kB
URL GET HTTP/1.1 tslp.s3.amazonaws.com/detect/wmp.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015 IP 3.5.16.103:443 ASN #14618 AMAZON-AES Requested by https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 Certificate IssuerAmazon Subject.s3.amazonaws.com FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1 ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT File type JavaScript source, ASCII text Size 5.9 kB (5941 bytes) Hash ffd2cc77bb64d40beeb5d561fffe1f79 6cb535641677d27e4de591ceb3c4e2f408826e7d cdb16ca3ddd3cead71121799751fa80d3033375abcdbc5fc84d35fb82c7fc9de HTTP Headers `GET /detect/wmp.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015 HTTP/1.1 Host: tslp.s3.amazonaws.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK x-amz-id-2: 2On8eSnqMCUDPi10OYI4HG7PBzJGwU5AcqhV4osiSSuAOBw2JFRUYcNUVRBQ0b77dwn/6G1uWAZ5LSBAel2+Vw== x-amz-request-id: RE4HKY65FQJ9CNA5 Date: Tue, 23 Apr 2024 09:51:08 GMT Last-Modified: Wed, 15 Feb 2017 15:07:14 GMT ETag: "ffd2cc77bb64d40beeb5d561fffe1f79" x-amz-version-id: null Accept-Ranges: bytes Content-Type: text/javascript Server: AmazonS3 Content-Length: 5941`

	login.micrasoft-395office.com/trace?id=bc1e9eca71&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Viewer&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10	34.248.78.201		8.2 kB
URL login.micrasoft-395office.com/trace?id=bc1e9eca71&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Viewer&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP 34.248.78.201:0 ASN #16509 AMAZON-02 File type gzip compressed data, max compression, from Unix Size 8.2 kB (8227 bytes) Hash 52cdb3f9e7c6987ff16bf1c988c987f6 fac8c16271ac48ccd294dbd30df39ebb91b2a2ae ab50d4ac8b0d15ca92aaadf1f668b4769c3afaf30e6dae798cfe5a1acd744f96 HTTP Headers GET /trace?id=bc1e9eca71&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Viewer&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1 Host: login.micrasoft-395office.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/zgy-vign-wwh/a9bc1e936eca71d0?l=107 DNT: 1 Connection: keep-alive Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Tue, 23 Apr 2024 09:51:05 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: ea986aa5-5bba-435e-a016-d56d6ada7792 x-runtime: 0.001570 x-host-info: lw-prod-eu-i-0acc5e90dd72f7192, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	tslp.s3.amazonaws.com/assets/js/training.js	3.5.29.187	200 OK	352 B
URL GET HTTP/1.1 tslp.s3.amazonaws.com/assets/js/training.js IP 3.5.29.187:443 ASN #14618 AMAZON-AES Requested by https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 Certificate IssuerAmazon Subject.s3.amazonaws.com FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1 ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT File type JavaScript source, ASCII text Size 352 B (352 bytes) Hash 029ab28ca3c245dc425e3f3f6599d480 845057d3630d0a06e797a7049b3e9658d7650af1 8a1170223599205267c6ee3a3072855f1727461d9dd1066bb94f39180f963af9 HTTP Headers `GET /assets/js/training.js HTTP/1.1 Host: tslp.s3.amazonaws.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK x-amz-id-2: zxb22iYjFf7z/D8RDi9C6dyhjKviebSTErcNuEhDi5RHQAyNbEIEKu0lNIAh5DnqhuDJnQEB3m8ErASO+DTTotXzyhWDJUcKOMt6zwy2j3M= x-amz-request-id: RE4KR27QNN9MNHAP Date: Tue, 23 Apr 2024 09:51:08 GMT Last-Modified: Fri, 26 Aug 2022 14:07:38 GMT ETag: "029ab28ca3c245dc425e3f3f6599d480" x-amz-server-side-encryption: AES256 x-amz-version-id: 6KvPBARKn9Wl5VW3Hl_LtK2bIq68QrGH Accept-Ranges: bytes Content-Type: application/javascript Server: AmazonS3 Content-Length: 352`

	tslp.s3.amazonaws.com/detect/quicktime.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015	3.5.29.187	200 OK	7.0 kB
URL GET HTTP/1.1 tslp.s3.amazonaws.com/detect/quicktime.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015 IP 3.5.29.187:443 ASN #14618 AMAZON-AES Requested by https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 Certificate IssuerAmazon Subject.s3.amazonaws.com FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1 ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (322) Size 7.0 kB (6999 bytes) Hash ee73f2f47d51116dc40b85a6b57eaf20 6c42011667bac1fa6c3272a11b510f22962d72a2 6ae53963f41133561c78b4332b564c01f551c471cd91d980436a9f5dacdd8f19 HTTP Headers `GET /detect/quicktime.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015 HTTP/1.1 Host: tslp.s3.amazonaws.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK x-amz-id-2: Jig8MTRQVHblT++mIs4UBiXrCiZZ5kLwHdGIpHmltuSt9K5YgucxfeuIdWV0S5lIS7gDBeww4F8rTtzaSqW8HL/5FW5lLwYH6M4CYqJ2Dsg= x-amz-request-id: RE4KZ7FSF2MBFGQ3 Date: Tue, 23 Apr 2024 09:51:08 GMT Last-Modified: Wed, 15 Feb 2017 14:41:05 GMT ETag: "ee73f2f47d51116dc40b85a6b57eaf20" x-amz-version-id: null Accept-Ranges: bytes Content-Type: text/javascript Server: AmazonS3 Content-Length: 6999`

	login.micrasoft-395office.com/trace?id=bc1e9eca71&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10	34.248.78.201		9.8 kB
URL login.micrasoft-395office.com/trace?id=bc1e9eca71&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP 34.248.78.201:0 ASN #16509 AMAZON-02 File type gzip compressed data, max compression, from Unix Size 9.8 kB (9795 bytes) Hash 3bf28611f90271a98147092c62f9813a 55f39985c0c75b98fa66ababed4cb021c29b41e6 86045c3e64cd830e3e9da9540ac37e0e2b41f98ede5f2e767ba46f1d3e2176ce HTTP Headers GET /trace?id=bc1e9eca71&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1 Host: login.micrasoft-395office.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/zgy-vign-wwh/a9bc1e936eca71d0?l=107 DNT: 1 Connection: keep-alive Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Tue, 23 Apr 2024 09:51:05 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: 96855801-49d6-4920-a6fd-947fc46d48c4 x-runtime: 0.001345 x-host-info: lw-prod-eu-i-06164ae2ecae76ca0, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	tslp.s3.amazonaws.com/detect/silverlight.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015	3.5.29.187	200 OK	4.2 kB
URL GET HTTP/1.1 tslp.s3.amazonaws.com/detect/silverlight.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015 IP 3.5.29.187:443 ASN #14618 AMAZON-AES Requested by https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 Certificate IssuerAmazon Subject.s3.amazonaws.com FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1 ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT File type JavaScript source, ASCII text Size 4.2 kB (4234 bytes) Hash e6dd596d2bc204ea573b868b92028c26 fa58bba4c9a01b3764a881949a8423b773d8a338 0730a7e6770925fa4232096e4d9874514985ec791a63fe873f0e4e3cd7722381 HTTP Headers `GET /detect/silverlight.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015 HTTP/1.1 Host: tslp.s3.amazonaws.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK x-amz-id-2: bdqfHdcnqjFKN7UPQtGZZ+NgXHm4oH29oN7Ipcz7usF+07lBPsy3kvHC07y4+Mq+7bxpdluMD2WWP+KWvvefYA/byZz+P+AjSGwzP4UWkLs= x-amz-request-id: RE4JNR37W3RKSW57 Date: Tue, 23 Apr 2024 09:51:08 GMT Last-Modified: Wed, 15 Feb 2017 18:00:03 GMT ETag: "e6dd596d2bc204ea573b868b92028c26" x-amz-version-id: null Accept-Ranges: bytes Content-Type: text/javascript Server: AmazonS3 Content-Length: 4234`

	ts-eu-uploads.s3-eu-west-1.amazonaws.com/training/production/11963/il-mio-progetto-7ea2fe.png	3.5.65.69	200 OK	5.6 kB
URL GET HTTP/1.1 ts-eu-uploads.s3-eu-west-1.amazonaws.com/training/production/11963/il-mio-progetto-7ea2fe.png IP 3.5.65.69:443 ASN #16509 AMAZON-02 Requested by https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 Certificate IssuerAmazon Subject.s3-eu-west-1.amazonaws.com Fingerprint49:42:4E:99:9B:99:CB:89:18:03:B0:67:44:1E:3F:5D:9A:CD:21:1C ValidityWed, 31 Jan 2024 00:00:00 GMT - Wed, 15 Jan 2025 23:59:59 GMT File type PNG image data, 92 x 100, 8-bit/color RGBA, non-interlaced Size 5.6 kB (5636 bytes) Hash aa5fe6a7e7b850509567be1b7b5ec1a5 4ff0dca424c4726d340235a3a04ea4cd23e788f6 e92392b88ac36e39771d2002d7271dbd3013c918c14322fb5b07e3298bebf079 HTTP Headers `GET /training/production/11963/il-mio-progetto-7ea2fe.png HTTP/1.1 Host: ts-eu-uploads.s3-eu-west-1.amazonaws.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK x-amz-id-2: 9ngkQMLMXfK7OaPolL1r6XxHXJNj30/XUimzHAzSd70b9g1hmZFdf6gaxwihXyWDDw2/eDPbyYAbIB4f9ojj0A== x-amz-request-id: SD5576SDBMM6XJVK Date: Tue, 23 Apr 2024 09:51:09 GMT Last-Modified: Wed, 11 Jan 2023 09:07:23 GMT ETag: "aa5fe6a7e7b850509567be1b7b5ec1a5" x-amz-server-side-encryption: AES256 Accept-Ranges: bytes Content-Type: image/png Server: AmazonS3 Content-Length: 5636`

	fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2	216.58.207.227	200 OK	48 kB
URL GET HTTP/2 fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP 216.58.207.227:443 ASN #15169 GOOGLE Requested by https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 Certificate IssuerGoogle Trust Services LLC Subject.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT File type Web Open Font Format (Version 2), TrueType, length 48236, version 1.0 Size 48 kB (48236 bytes) Hash 015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa HTTP Headers GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://login.micrasoft-395office.com DNT: 1 Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 48236 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 18 Apr 2024 02:35:00 GMT expires: Fri, 18 Apr 2025 02:35:00 GMT cache-control: public, max-age=31536000 age: 458168 last-modified: Thu, 14 Dec 2023 02:08:40 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2	216.58.207.227	200 OK	48 kB
URL GET HTTP/2 fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP 216.58.207.227:443 ASN #15169 GOOGLE Requested by https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 Certificate IssuerGoogle Trust Services LLC Subject.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT File type Web Open Font Format (Version 2), TrueType, length 48236, version 1.0 Size 48 kB (48236 bytes) Hash 015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa HTTP Headers GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://login.micrasoft-395office.com DNT: 1 Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 48236 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 18 Apr 2024 02:35:00 GMT expires: Fri, 18 Apr 2025 02:35:00 GMT cache-control: public, max-age=31536000 age: 458168 last-modified: Thu, 14 Dec 2023 02:08:40 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	login.micrasoft-395office.com/favicon.ico	34.248.78.201	200 OK	0 B
URL GET HTTP/2 login.micrasoft-395office.com/favicon.ico IP 34.248.78.201:443 ASN #16509 AMAZON-02 Requested by https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 Certificate IssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /favicon.ico HTTP/1.1 Host: login.micrasoft-395office.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 DNT: 1 Connection: keep-alive Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK date: Tue, 23 Apr 2024 09:51:08 GMT content-type: image/x-icon content-length: 0 last-modified: Thu, 11 Apr 2024 12:55:27 GMT etag: "6617ddbf-0" server: ThreatSim-Web-Server access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2`

	login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10	34.248.78.201	200 OK	491 B
URL GET HTTP/2 login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP 34.248.78.201:443 ASN #16509 AMAZON-02 Requested by https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 Certificate IssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT File type gzip compressed data, max compression, from Unix Size 491 B (491 bytes) Hash f335071fc0dc43230a60348526973c8f f56a941f7e2bfaeaa348db20bcf7609a398b8fb0 d6c4471711a9b22d28f68d944bd1c1a0f0e9014097e658e6d0233a7c779a9841 HTTP Headers GET /trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1 Host: login.micrasoft-395office.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 DNT: 1 Connection: keep-alive Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Tue, 23 Apr 2024 09:51:08 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: 03441a11-bb97-418c-aa0e-0505e0206b6f x-runtime: 0.001597 x-host-info: lw-prod-eu-i-0630ecaca960f15d1, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	login.micrasoft-395office.com/assets/ajax/libs/jquery/1.11.0/jquery.min.js	34.248.78.201	200 OK	35 kB
URL GET HTTP/2 login.micrasoft-395office.com/assets/ajax/libs/jquery/1.11.0/jquery.min.js IP 34.248.78.201:443 ASN #16509 AMAZON-02 Requested by https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 Certificate IssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT File type gzip compressed data, max compression, from Unix Size 35 kB (35272 bytes) Hash e273bbf1684cba335a64710835ee5925 af43f3f68d706fc3d0882fd9545f6f1a0eee0a28 263070d5bf19ee19c8d6163fd8dc35fed48b311592de3f594fec93348054fedb HTTP Headers GET /assets/ajax/libs/jquery/1.11.0/jquery.min.js HTTP/1.1 Host: login.micrasoft-395office.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 DNT: 1 Connection: keep-alive Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK date: Tue, 23 Apr 2024 09:51:08 GMT content-type: application/javascript last-modified: Thu, 11 Apr 2024 12:55:30 GMT vary: Accept-Encoding server: ThreatSim-Web-Server expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000, public access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2`

	www.java.com/js/deployJava.js	23.36.79.9	200 OK	18 kB
URL GET HTTP/2 www.java.com/js/deployJava.js IP 23.36.79.9:443 ASN #20940 Akamai International B.V. Requested by https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 Certificate IssuerDigiCert Inc Subjectjava.com FingerprintD2:86:EC:2F:2D:A7:69:D4:DC:A9:2C:40:B0:01:98:0B:DD:A0:0E:BF ValiditySat, 14 Oct 2023 00:00:00 GMT - Wed, 16 Oct 2024 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (18444), with no line terminators Size 18 kB (18444 bytes) Hash 9c1ae8d324e45716080572dfc20993a3 0afdd5636017b31750dd4e1a41ced118aaa5d3ab 358bb442f5d81ddc8e393d922458a9d84010efee2c346763ae87a45be92224d1 HTTP Headers `GET /js/deployJava.js HTTP/1.1 Host: www.java.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: application/javascript content-disposition: attachment; filename="deployJava.js";filename*=UTF-8''deployJava.js content-encoding: gzip etag: "D07B023847CD4DC5C4ED4AB4FC46AD47BDD6E99A0663:19" x-oracle-dms-ecid: 99e0c31d-6d93-4d4a-9f00-e33f61836c5d-0035da5d x-oracle-dms-rid: 0 last-modified: Thu, 01 Jan 1970 00:00:01 GMT content-length: 5512 cache-control: public, max-age=86400 expires: Wed, 24 Apr 2024 09:51:07 GMT date: Tue, 23 Apr 2024 09:51:07 GMT vary: Accept-Encoding server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1713865867410_388255493_1893489816_62_85278_2_9_21";dur=1 akamai-grn: 0.054f2417.1713865867.70dc5c98 set-cookie: akaalb_OCE_Failover=1713865927~op=JCOM_OCE:oceProdappJcomProdOrigin\|~rv=3~m=oceProdappJcomProdOrigin:0\|~os=2708f36cb43ca861e42dc0215e4669c5~id=7741cf9a590d55bafdbb0e1d4f1b7d67; path=/; Expires=Tue, 23 Apr 2024 09:52:07 GMT; Secure; SameSite=None x-content-type-options: nosniff, nosniff x-xss-protection: 1 X-Firefox-Spdy: h2

	login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10	34.248.78.201	200 OK	0 B
URL GET HTTP/2 login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP 34.248.78.201:443 ASN #16509 AMAZON-02 Requested by https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 Certificate IssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1 Host: login.micrasoft-395office.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 DNT: 1 Connection: keep-alive Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Tue, 23 Apr 2024 09:51:08 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: e54cd1b1-334a-4711-b9f3-1c4b4aa00581 x-runtime: 0.001888 x-host-info: lw-prod-eu-i-034fcb0b4e2cb4302, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20os_version%20%3D%20&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10	34.248.78.201	200 OK	0 B
URL GET HTTP/2 login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20os_version%20%3D%20&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP 34.248.78.201:443 ASN #16509 AMAZON-02 Requested by https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 Certificate IssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20os_version%20%3D%20&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1 Host: login.micrasoft-395office.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 DNT: 1 Connection: keep-alive Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Tue, 23 Apr 2024 09:51:08 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: e55d12f6-e462-4baf-9434-ab349fa4790a x-runtime: 0.001423 x-host-info: lw-prod-eu-i-0630ecaca960f15d1, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10	34.248.78.201	200 OK	24 kB
URL User Request GET HTTP/2 login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP 34.248.78.201:443 ASN #16509 AMAZON-02 Certificate IssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT File type Size 24 kB (24251 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1 Host: login.micrasoft-395office.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/zgy-vign-wwh/a9bc1e936eca71d0?l=107 DNT: 1 Connection: keep-alive Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Tue, 23 Apr 2024 09:51:06 GMT content-type: text/html; charset=utf-8 vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin etag: W/"3139286d0eb44128d7c19b50f60284b5" cache-control: max-age=0, private, must-revalidate x-request-id: d5303e64-7e85-44d4-91b0-accf80f43e0b x-runtime: 0.015096 x-host-info: lw-prod-eu-i-06164ae2ecae76ca0, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	tslp.s3.amazonaws.com/detect/pdf.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015	52.217.160.9	200 OK	23 kB
URL GET HTTP/1.1 tslp.s3.amazonaws.com/detect/pdf.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015 IP 52.217.160.9:443 ASN #16509 AMAZON-02 Requested by https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 Certificate IssuerAmazon Subject.s3.amazonaws.com FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1 ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT File type JavaScript source, ASCII text Size 23 kB (22855 bytes) Hash 0d5882d41c8b6e40059c8d9acbcf1518 53103565f3c07416fc691583a43a91943dbf0809 d9b7c6163477008469af64b211e2dbd4f4171b85b51e3714f11c99f9ba2c32f9 HTTP Headers `GET /detect/pdf.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015 HTTP/1.1 Host: tslp.s3.amazonaws.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK x-amz-id-2: IKrrZTCY/emWIAg6JpZOxBOKRMwRLLcX4u0O/flSgKPeMtjJOG8BqAoX70gSg/I7/AYRuoR9mjs= x-amz-request-id: RE4KHEZ0V4MA8VP4 Date: Tue, 23 Apr 2024 09:51:08 GMT Last-Modified: Wed, 15 Feb 2017 14:39:34 GMT ETag: "0d5882d41c8b6e40059c8d9acbcf1518" x-amz-version-id: null Accept-Ranges: bytes Content-Type: text/javascript Server: AmazonS3 Content-Length: 22855`

	login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10	34.248.78.201	200 OK	0 B
URL GET HTTP/2 login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP 34.248.78.201:443 ASN #16509 AMAZON-02 Requested by https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 Certificate IssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1 Host: login.micrasoft-395office.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 DNT: 1 Connection: keep-alive Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Tue, 23 Apr 2024 09:51:08 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: 36d5318f-68fc-43b1-8b64-63d2026219bf x-runtime: 0.001391 x-host-info: lw-prod-eu-i-06164ae2ecae76ca0, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	tslp.s3.amazonaws.com/detect/realplayer.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015	3.5.29.187	200 OK	9.8 kB
URL GET HTTP/1.1 tslp.s3.amazonaws.com/detect/realplayer.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015 IP 3.5.29.187:443 ASN #14618 AMAZON-AES Requested by https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 Certificate IssuerAmazon Subject.s3.amazonaws.com FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1 ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (10127), with no line terminators Size 9.8 kB (9775 bytes) Hash 0835871d59d36ed958755d159c30fe5b 48e149eb222ee44e33f074190a400cf4d731c73e bb2c6e86b033d916b06384185ab197feb5a5f3c239e80b806e22ae4e69b124ee HTTP Headers `GET /detect/realplayer.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015 HTTP/1.1 Host: tslp.s3.amazonaws.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK x-amz-id-2: c0xBanNbhfYSdWYOhtGuHnwvvIWSO7lLZ8olpBYFbhz/9BiM9Mi/TxFy2QbYoeLuGI8PTq4ORwvuwHW94vDq61MQx8HRkP/CqPxsPwjTHug= x-amz-request-id: RE4ZSHWEP1B8VGZE Date: Tue, 23 Apr 2024 09:51:08 GMT Last-Modified: Wed, 15 Feb 2017 14:45:02 GMT ETag: "3d7be656672c16a34806c13388410325" x-amz-version-id: null Accept-Ranges: bytes Content-Type: text/javascript Server: AmazonS3 Content-Length: 9775`

	login.micrasoft-395office.com/trace?id=undefined&msg=window.tracking_id%20is%20not%20set%2C%20let%27s%20get%20it&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10	34.248.78.201	200 OK	0 B
URL GET HTTP/2 login.micrasoft-395office.com/trace?id=undefined&msg=window.tracking_id%20is%20not%20set%2C%20let%27s%20get%20it&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP 34.248.78.201:443 ASN #16509 AMAZON-02 Requested by https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 Certificate IssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /trace?id=undefined&msg=window.tracking_id%20is%20not%20set%2C%20let%27s%20get%20it&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1 Host: login.micrasoft-395office.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 DNT: 1 Connection: keep-alive Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Tue, 23 Apr 2024 09:51:08 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: 6c153396-eabe-4c22-bb15-b85b0e39211b x-runtime: 0.001951 x-host-info: lw-prod-eu-i-0630ecaca960f15d1, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Viewer&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10	34.248.78.201	200 OK	0 B
URL GET HTTP/2 login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Viewer&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP 34.248.78.201:443 ASN #16509 AMAZON-02 Requested by https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 Certificate IssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Viewer&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1 Host: login.micrasoft-395office.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 DNT: 1 Connection: keep-alive Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Tue, 23 Apr 2024 09:51:08 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: 4d34f38d-a344-40fb-9aed-21736c55adc1 x-runtime: 0.001360 x-host-info: lw-prod-eu-i-034fcb0b4e2cb4302, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	fonts.googleapis.com/css?family=Open+Sans:400,700	142.250.74.106	200 OK	11 kB
URL GET HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,700 IP 142.250.74.106:443 ASN #15169 GOOGLE Requested by https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 Certificate IssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT File type ASCII text, with very long lines (1572) Size 11 kB (11194 bytes) Hash b69c29c8c917c014d6f4b79752d8ce0b 71a580b2e8792ba930815bcca3bda73e7715ca3f 5cccc465f4c8cdcec789a0b28846823f18646206351bc9ff794f1aec7f58f5b0 HTTP Headers `GET /css?family=Open+Sans:400,700 HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Tue, 23 Apr 2024 09:51:07 GMT date: Tue, 23 Apr 2024 09:51:07 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js	143.204.42.78	200 OK	6.6 kB
URL GET HTTP/1.1 d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js IP 143.204.42.78:443 ASN #16509 AMAZON-02 Requested by https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 Certificate IssuerAmazon Subject.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (6819), with no line terminators Size 6.6 kB (6636 bytes) Hash 9e4af143cc4c3acb5f4888660d22658b 0c3904226c334dbd1abcc64d39577f4d17727ea9 bea4602f2348a1008386f581c429a89569a664c0781fd1845d5be2ca66acd73a HTTP Headers `GET /bugsnag-2.min.js HTTP/1.1 Host: d2wy8f7a9ursnm.cloudfront.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Content-Type: application/javascript Content-Length: 2962 Connection: keep-alive Date: Wed, 17 Apr 2024 05:48:33 GMT Last-Modified: Wed, 10 Aug 2016 00:30:49 GMT ETag: "6103bb5e4ec6141e19e1100caafc780c" Cache-Control: public, max-age=604800 Content-Encoding: gzip x-amz-version-id: null Accept-Ranges: bytes Server: AmazonS3 X-Cache: Hit from cloudfront Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: WhFWmJldukAiUQLHhX3YXbxb2cxWvyeZHJXIVFzpv51j4pDnl_0K5g== Age: 532955

	login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=Skipping%20pdf%20detection&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10	34.248.78.201	200 OK	0 B
URL GET HTTP/2 login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=Skipping%20pdf%20detection&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP 34.248.78.201:443 ASN #16509 AMAZON-02 Requested by https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 Certificate IssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /trace?id=f5bc1e96feca7164&msg=Skipping%20pdf%20detection&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1 Host: login.micrasoft-395office.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 DNT: 1 Connection: keep-alive Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Tue, 23 Apr 2024 09:51:08 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: 1c70b594-2379-4fbd-af8d-e6d6bcad84da x-runtime: 0.001765 x-host-info: lw-prod-eu-i-0acc5e90dd72f7192, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=Skipping%20WindowsMediaPlayer%20detection&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10	34.248.78.201	200 OK	0 B
URL GET HTTP/2 login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=Skipping%20WindowsMediaPlayer%20detection&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP 34.248.78.201:443 ASN #16509 AMAZON-02 Requested by https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 Certificate IssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /trace?id=f5bc1e96feca7164&msg=Skipping%20WindowsMediaPlayer%20detection&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1 Host: login.micrasoft-395office.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 DNT: 1 Connection: keep-alive Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Tue, 23 Apr 2024 09:51:08 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: 6b2a1521-7766-4da8-b9c5-07b512294264 x-runtime: 0.001016 x-host-info: lw-prod-eu-i-06164ae2ecae76ca0, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=Skipping%20java%20detection&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10	34.248.78.201	200 OK	0 B
URL GET HTTP/2 login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=Skipping%20java%20detection&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP 34.248.78.201:443 ASN #16509 AMAZON-02 Requested by https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 Certificate IssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /trace?id=f5bc1e96feca7164&msg=Skipping%20java%20detection&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1 Host: login.micrasoft-395office.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 DNT: 1 Connection: keep-alive Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Tue, 23 Apr 2024 09:51:08 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: a303a76c-0fd3-4b55-9155-c95a60d82615 x-runtime: 0.001465 x-host-info: lw-prod-eu-i-034fcb0b4e2cb4302, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	tslp.s3.amazonaws.com/detect/flash.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015	3.5.16.103	200 OK	6.7 kB
URL GET HTTP/1.1 tslp.s3.amazonaws.com/detect/flash.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015 IP 3.5.16.103:443 ASN #14618 AMAZON-AES Requested by https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 Certificate IssuerAmazon Subject.s3.amazonaws.com FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1 ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (6956), with no line terminators Size 6.7 kB (6680 bytes) Hash 4a8c802c6c7b2c9c3fe90f85037107fb b0c892bb068132c52f8d3b8b79b01ea2ce613b0d 041667b6e07a8781f155750c2008c86cd83a76874b6736687a8bf3c49b516f47 HTTP Headers `GET /detect/flash.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015 HTTP/1.1 Host: tslp.s3.amazonaws.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK x-amz-id-2: 3eRslUd6HUOatBp4ZV15FI74T8qisUATupd7xb3QcfSbYjZXJAFOfy8Poab7gUJwBYYbwCReAHy0rMK5cdjsQw== x-amz-request-id: RE4G86R6CPKPM3J7 Date: Tue, 23 Apr 2024 09:51:08 GMT Last-Modified: Wed, 15 Feb 2017 03:54:01 GMT ETag: "f9ad9a096894ba248e4a1f73e7eba1be" x-amz-version-id: null Accept-Ranges: bytes Content-Type: text/javascript Server: AmazonS3 Content-Length: 6680`

	login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10	34.248.78.201	200 OK	0 B
URL GET HTTP/2 login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP 34.248.78.201:443 ASN #16509 AMAZON-02 Requested by https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 Certificate IssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1 Host: login.micrasoft-395office.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 DNT: 1 Connection: keep-alive Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Tue, 23 Apr 2024 09:51:08 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: 6d5bee84-f481-4f2c-899b-e487ffa3a41e x-runtime: 0.001364 x-host-info: lw-prod-eu-i-06164ae2ecae76ca0, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=redirect_url%20is%20undefined&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10	34.248.78.201	200 OK	0 B
URL GET HTTP/2 login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=redirect_url%20is%20undefined&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP 34.248.78.201:443 ASN #16509 AMAZON-02 Requested by https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 Certificate IssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /trace?id=f5bc1e96feca7164&msg=redirect_url%20is%20undefined&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1 Host: login.micrasoft-395office.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 DNT: 1 Connection: keep-alive Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Tue, 23 Apr 2024 09:51:08 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: 9d17135f-4b24-44d0-8f42-54a2cd3c2c86 x-runtime: 0.002347 x-host-info: lw-prod-eu-i-034fcb0b4e2cb4302, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015	3.5.29.187	200 OK	50 kB
URL GET HTTP/1.1 tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015 IP 3.5.29.187:443 ASN #14618 AMAZON-AES Requested by https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 Certificate IssuerAmazon Subject.s3.amazonaws.com FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1 ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (306) Size 50 kB (50085 bytes) Hash 00a513f07603df01e3b99be00f370754 f0c03b1c50f39c95075df687cd55f18861631526 4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a HTTP Headers `GET /detect/plugin_detect.js?guid=c572e58edc&correlation_id=c5e26d53-d506-41cf-be29-772cbc3c1015 HTTP/1.1 Host: tslp.s3.amazonaws.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK x-amz-id-2: wfXfGLkXAA4M7su9bP8uKtG77VsS7F2XXFJC0w3S0Y1W3dttdolSW1stCUhZygGB6CsO6QbaZ7j5ItgywvFh4PEjYjVleJkOxDRQgM3Dai8= x-amz-request-id: RE4Z1MRT0THS0QHG Date: Tue, 23 Apr 2024 09:51:08 GMT Last-Modified: Wed, 15 Feb 2017 17:56:07 GMT ETag: "00a513f07603df01e3b99be00f370754" x-amz-version-id: null Accept-Ranges: bytes Content-Type: text/javascript Server: AmazonS3 Content-Length: 50085`

	login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=training_page_no_browser_post&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10	34.248.78.201	200 OK	0 B
URL GET HTTP/2 login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=training_page_no_browser_post&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP 34.248.78.201:443 ASN #16509 AMAZON-02 Requested by https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 Certificate IssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /trace?id=f5bc1e96feca7164&msg=training_page_no_browser_post&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1 Host: login.micrasoft-395office.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 DNT: 1 Connection: keep-alive Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Tue, 23 Apr 2024 09:51:08 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: 7b93d678-66a5-4e7d-b948-aaffce9e4263 x-runtime: 0.001594 x-host-info: lw-prod-eu-i-0630ecaca960f15d1, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js	142.250.74.42	200 OK	93 kB
URL GET HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js IP 142.250.74.42:443 ASN #15169 GOOGLE Requested by https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 Certificate IssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT File type Size 93 kB (93435 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /ajax/libs/jquery/1.8.2/jquery.min.js HTTP/1.1 Host: ajax.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers" report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} timing-allow-origin: * content-length: 33621 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Tue, 16 Apr 2024 19:23:27 GMT expires: Wed, 16 Apr 2025 19:23:27 GMT cache-control: public, max-age=31536000, stale-while-revalidate=2592000 age: 570460 last-modified: Tue, 03 Mar 2020 19:15:00 GMT content-type: text/javascript; charset=UTF-8 vary: Accept-Encoding alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	tslp.s3.amazonaws.com/languages/language.18071.js	52.217.160.9	200 OK	8.2 kB
URL GET HTTP/1.1 tslp.s3.amazonaws.com/languages/language.18071.js IP 52.217.160.9:443 ASN #16509 AMAZON-02 Requested by https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 Certificate IssuerAmazon Subject.s3.amazonaws.com FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1 ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (8594), with no line terminators Size 8.2 kB (8207 bytes) Hash 99bd9632154dd07b4732a7c1157a486e 8b9ea9d1e6bba430b07f84f2d233b219192c55b4 72e9bd58d7442d1eedf210513f754197f54902f7662adaf4b510b98476712ad3 HTTP Headers `GET /languages/language.18071.js HTTP/1.1 Host: tslp.s3.amazonaws.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK x-amz-id-2: lCqMMEcmQkgWYD+96flLfpN6WNidXxmqNjMIBVAdndxzX8ejQ561T5sWVYaKl0nFEZF0l23PXPY= x-amz-request-id: RE4KE19A95NDWSPM Date: Tue, 23 Apr 2024 09:51:08 GMT Last-Modified: Fri, 26 Aug 2022 14:07:38 GMT ETag: "8b9a9d305bd69c962b600c08f3c69edf" x-amz-server-side-encryption: AES256 x-amz-version-id: U_kpSjDDW4npfowvZPZnd2_aKVkUaKPA Accept-Ranges: bytes Content-Type: application/javascript Server: AmazonS3 Content-Length: 8207`

	login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20plugin%20PDF%20Viewer&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10	34.248.78.201	200 OK	0 B
URL GET HTTP/2 login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20plugin%20PDF%20Viewer&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP 34.248.78.201:443 ASN #16509 AMAZON-02 Requested by https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 Certificate IssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20plugin%20PDF%20Viewer&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1 Host: login.micrasoft-395office.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 DNT: 1 Connection: keep-alive Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Tue, 23 Apr 2024 09:51:08 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: e9ee3600-f51a-47a2-b454-c95ea3b448a8 x-runtime: 0.001397 x-host-info: lw-prod-eu-i-06164ae2ecae76ca0, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=Skipping%20RealPlayer%20detection&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10	34.248.78.201	200 OK	0 B
URL GET HTTP/2 login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=Skipping%20RealPlayer%20detection&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP 34.248.78.201:443 ASN #16509 AMAZON-02 Requested by https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 Certificate IssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /trace?id=f5bc1e96feca7164&msg=Skipping%20RealPlayer%20detection&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1 Host: login.micrasoft-395office.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 DNT: 1 Connection: keep-alive Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Tue, 23 Apr 2024 09:51:08 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: 94f913b2-8761-480b-a463-8f32ceae71e4 x-runtime: 0.001647 x-host-info: lw-prod-eu-i-0acc5e90dd72f7192, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	tslp.s3.amazonaws.com/training/teachable_moments/css/langdrop.css	52.217.160.9	200 OK	1.7 kB
URL GET HTTP/1.1 tslp.s3.amazonaws.com/training/teachable_moments/css/langdrop.css IP 52.217.160.9:443 ASN #16509 AMAZON-02 Requested by https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 Certificate IssuerAmazon Subject.s3.amazonaws.com FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1 ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT File type Unicode text, UTF-8 text, with very long lines (1807), with no line terminators Size 1.7 kB (1713 bytes) Hash 1da3d58e2bd153edfa872b5d5699d3d6 d0f4b9c06925d9fdaac8693a7eb4e7747cc5ecf7 536405beacaec418602e9c249bc4b0aa0ca6fd863ffa3078d705241681705096 HTTP Headers `GET /training/teachable_moments/css/langdrop.css HTTP/1.1 Host: tslp.s3.amazonaws.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/*;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK x-amz-id-2: QsDJPQ43XXTNI7g6JkNjZ1JXwqswsefXh8uRoEYe72pJ8nR9hTLZmfQW1RhfPUvZzCQX+1Qd6bQ= x-amz-request-id: RE4Z1E0JAC524XFC Date: Tue, 23 Apr 2024 09:51:08 GMT Last-Modified: Fri, 26 Aug 2022 14:07:49 GMT ETag: "bc7f970ad0f163bc72c9ae9aa09e1cde" x-amz-server-side-encryption: AES256 x-amz-version-id: OhzuQr9n0bqd2zskiPVZjmnmHAmPcoAx Accept-Ranges: bytes Content-Type: text/css Server: AmazonS3 Content-Length: 1713`

	login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20browser%20%3D%20Firefox&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10	34.248.78.201	200 OK	0 B
URL GET HTTP/2 login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20browser%20%3D%20Firefox&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP 34.248.78.201:443 ASN #16509 AMAZON-02 Requested by https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 Certificate IssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20browser%20%3D%20Firefox&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1 Host: login.micrasoft-395office.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 DNT: 1 Connection: keep-alive Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Tue, 23 Apr 2024 09:51:08 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: 59b936f3-95c1-4660-b67a-a048a18a9635 x-runtime: 0.001688 x-host-info: lw-prod-eu-i-0acc5e90dd72f7192, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	java.com/js/deployJava.js	95.101.10.112	302 Found	18 kB
URL GET HTTP/2 java.com/js/deployJava.js IP 95.101.10.112:443 ASN #20940 Akamai International B.V. Requested by https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 Certificate IssuerDigiCert Inc Subjectjava.com FingerprintD2:86:EC:2F:2D:A7:69:D4:DC:A9:2C:40:B0:01:98:0B:DD:A0:0E:BF ValiditySat, 14 Oct 2023 00:00:00 GMT - Wed, 16 Oct 2024 23:59:59 GMT File type Size 18 kB (18444 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /js/deployJava.js HTTP/1.1 Host: java.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 302 Found server: AkamaiGHost content-length: 0 location: https://www.java.com/js/deployJava.js cache-control: max-age=86400 expires: Wed, 24 Apr 2024 09:51:07 GMT date: Tue, 23 Apr 2024 09:51:07 GMT server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1713865867053_1600457324_78433798_150_67344_1_14_21";dur=1 akamai-grn: 0.6c0a655f.1713865867.4acce06 set-cookie: akaalb_OCE_Failover=1713865927~op=JCOM_OCE:oceProdappJcomProdOrigin\|~rv=92~m=oceProdappJcomProdOrigin:0\|~os=2708f36cb43ca861e42dc0215e4669c5~id=1bc1fd06eb6eca0745f8ac56ba909858; path=/; Expires=Tue, 23 Apr 2024 09:52:07 GMT; Secure; SameSite=None x-content-type-options: nosniff x-xss-protection: 1 X-Firefox-Spdy: h2

	login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10	34.248.78.201	200 OK	0 B
URL GET HTTP/2 login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP 34.248.78.201:443 ASN #16509 AMAZON-02 Requested by https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 Certificate IssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1 Host: login.micrasoft-395office.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 DNT: 1 Connection: keep-alive Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Tue, 23 Apr 2024 09:51:08 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: 5a6155ea-cbd0-4f32-9591-47bce6082a6e x-runtime: 0.002128 x-host-info: lw-prod-eu-i-0acc5e90dd72f7192, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=Skipping%20flash%20detection&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10	34.248.78.201	200 OK	0 B
URL GET HTTP/2 login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=Skipping%20flash%20detection&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP 34.248.78.201:443 ASN #16509 AMAZON-02 Requested by https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 Certificate IssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /trace?id=f5bc1e96feca7164&msg=Skipping%20flash%20detection&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1 Host: login.micrasoft-395office.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 DNT: 1 Connection: keep-alive Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Tue, 23 Apr 2024 09:51:08 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: 4782dd78-98b7-4a40-ac30-0ca39cd40b72 x-runtime: 0.001803 x-host-info: lw-prod-eu-i-06164ae2ecae76ca0, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	tslp.s3.amazonaws.com/training/embedded/translations/url/en-us.json	3.5.27.195	200 OK	1.9 kB
URL GET HTTP/1.1 tslp.s3.amazonaws.com/training/embedded/translations/url/en-us.json IP 3.5.27.195:443 ASN #14618 AMAZON-AES Requested by https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 Certificate IssuerAmazon Subject.s3.amazonaws.com FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1 ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT File type HTML document, Unicode text, UTF-8 text, with very long lines (1965), with no line terminators Size 1.9 kB (1895 bytes) Hash 68b8ed8426d4445995443f2954f79081 0cb4b57d22760dfa6ceb2c9230539710cd7de680 a04c9c65062a4ff0cbfe8b5ef45519a82821b3f21af8fde296c58998878bbc2e HTTP Headers GET /training/embedded/translations/url/en-us.json HTTP/1.1 Host: tslp.s3.amazonaws.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json, text/javascript, /; q=0.01 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/ Origin: https://login.micrasoft-395office.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 200 OK x-amz-id-2: pCXEi61WYoXYwXXMyxntRQLohrVGHl3Ycy1LxVKDSBsvfTj3rF+pEwZiKGIKtTGg0gaPUItWLpgZxYScHzHJxdkhNtO25jnIcyXErQHMtGw= x-amz-request-id: T226BPRW3VTAXMNB Date: Tue, 23 Apr 2024 09:51:10 GMT Access-Control-Allow-Origin: Access-Control-Allow-Methods: GET Access-Control-Max-Age: 3000 Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method Last-Modified: Wed, 26 Jul 2023 17:07:40 GMT ETag: "5113dad20241201a33ab81b33233bd01" x-amz-server-side-encryption: AES256 x-amz-version-id: TMMo2.DrQRaqepauUxOD.NkoWByClgZx Accept-Ranges: bytes Content-Type: application/json Server: AmazonS3 Content-Length: 1895

	login.micrasoft-395office.com/trace?id=unknown&msg=did%20not%20find%20guid%20in%20last%20part%20of%20location&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10	34.248.78.201	200 OK	0 B
URL GET HTTP/2 login.micrasoft-395office.com/trace?id=unknown&msg=did%20not%20find%20guid%20in%20last%20part%20of%20location&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP 34.248.78.201:443 ASN #16509 AMAZON-02 Requested by https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 Certificate IssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /trace?id=unknown&msg=did%20not%20find%20guid%20in%20last%20part%20of%20location&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1 Host: login.micrasoft-395office.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 DNT: 1 Connection: keep-alive Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Tue, 23 Apr 2024 09:51:08 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: 82f3c5ad-9163-46bd-91b3-e84368daa59f x-runtime: 0.001735 x-host-info: lw-prod-eu-i-034fcb0b4e2cb4302, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	login.micrasoft-395office.com/log?id=bc1e9eca71&campaign_guid=aae3021f93&msg=logo_object%20does%20not%20exist	34.248.78.201	200 OK	0 B
URL GET HTTP/2 login.micrasoft-395office.com/log?id=bc1e9eca71&campaign_guid=aae3021f93&msg=logo_object%20does%20not%20exist IP 34.248.78.201:443 ASN #16509 AMAZON-02 Requested by https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 Certificate IssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /log?id=bc1e9eca71&campaign_guid=aae3021f93&msg=logo_object%20does%20not%20exist HTTP/1.1 Host: login.micrasoft-395office.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 DNT: 1 Connection: keep-alive Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Tue, 23 Apr 2024 09:51:08 GMT content-type: image/gif; charset=utf-8 vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: 5ece2a3e-a52f-4b8c-b433-a42775d8b312 x-runtime: 0.002040 x-host-info: lw-prod-eu-i-0acc5e90dd72f7192, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20height%20%3D%201024&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10	34.248.78.201	200 OK	0 B
URL GET HTTP/2 login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20height%20%3D%201024&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP 34.248.78.201:443 ASN #16509 AMAZON-02 Requested by https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 Certificate IssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20height%20%3D%201024&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1 Host: login.micrasoft-395office.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 DNT: 1 Connection: keep-alive Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Tue, 23 Apr 2024 09:51:08 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: 73dda0d8-058b-46b6-ae8c-4fa01b3b1020 x-runtime: 0.002179 x-host-info: lw-prod-eu-i-0acc5e90dd72f7192, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	login.micrasoft-395office.com/trace?id=unknown&msg=get-id%20is%20undefined&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10	34.248.78.201	200 OK	0 B
URL GET HTTP/2 login.micrasoft-395office.com/trace?id=unknown&msg=get-id%20is%20undefined&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP 34.248.78.201:443 ASN #16509 AMAZON-02 Requested by https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 Certificate IssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /trace?id=unknown&msg=get-id%20is%20undefined&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1 Host: login.micrasoft-395office.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 DNT: 1 Connection: keep-alive Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Tue, 23 Apr 2024 09:51:08 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: 9d372f47-cd84-4ddd-8dcb-26de394c11fd x-runtime: 0.002109 x-host-info: lw-prod-eu-i-0acc5e90dd72f7192, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20plugin%20Chromium%20PDF%20Viewer&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10	34.248.78.201	200 OK	0 B
URL GET HTTP/2 login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20plugin%20Chromium%20PDF%20Viewer&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP 34.248.78.201:443 ASN #16509 AMAZON-02 Requested by https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 Certificate IssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20plugin%20Chromium%20PDF%20Viewer&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1 Host: login.micrasoft-395office.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 DNT: 1 Connection: keep-alive Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Tue, 23 Apr 2024 09:51:08 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: 3d30fe74-c12c-4a17-9b8a-9abee2cc91c8 x-runtime: 0.004227 x-host-info: lw-prod-eu-i-0acc5e90dd72f7192, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=Skipping%20quicktime%20detection&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10	34.248.78.201	200 OK	0 B
URL GET HTTP/2 login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=Skipping%20quicktime%20detection&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP 34.248.78.201:443 ASN #16509 AMAZON-02 Requested by https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 Certificate IssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /trace?id=f5bc1e96feca7164&msg=Skipping%20quicktime%20detection&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1 Host: login.micrasoft-395office.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 DNT: 1 Connection: keep-alive Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Tue, 23 Apr 2024 09:51:08 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: 96511cef-62a5-44fb-8dde-a1fd0f8a45c6 x-runtime: 0.001383 x-host-info: lw-prod-eu-i-0630ecaca960f15d1, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20plugin%20WebKit%20built-in%20PDF&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10	34.248.78.201	200 OK	0 B
URL GET HTTP/2 login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20plugin%20WebKit%20built-in%20PDF&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP 34.248.78.201:443 ASN #16509 AMAZON-02 Requested by https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 Certificate IssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20plugin%20WebKit%20built-in%20PDF&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1 Host: login.micrasoft-395office.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 DNT: 1 Connection: keep-alive Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Tue, 23 Apr 2024 09:51:08 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: 40d4dec2-a98b-4e3d-be80-5e190df12cf8 x-runtime: 0.002049 x-host-info: lw-prod-eu-i-06164ae2ecae76ca0, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=Skipping%20Silverlight%20detection&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10	34.248.78.201	200 OK	0 B
URL GET HTTP/2 login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=Skipping%20Silverlight%20detection&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP 34.248.78.201:443 ASN #16509 AMAZON-02 Requested by https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 Certificate IssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /trace?id=f5bc1e96feca7164&msg=Skipping%20Silverlight%20detection&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1 Host: login.micrasoft-395office.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 DNT: 1 Connection: keep-alive Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Tue, 23 Apr 2024 09:51:08 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: 9b375e54-c316-4fe5-996d-4634b7411876 x-runtime: 0.001250 x-host-info: lw-prod-eu-i-034fcb0b4e2cb4302, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10	34.248.78.201	200 OK	0 B
URL GET HTTP/2 login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP 34.248.78.201:443 ASN #16509 AMAZON-02 Requested by https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 Certificate IssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1 Host: login.micrasoft-395office.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 DNT: 1 Connection: keep-alive Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Tue, 23 Apr 2024 09:51:08 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: 7efb0579-34bd-40e7-8e2d-aed92d07959d x-runtime: 0.001126 x-host-info: lw-prod-eu-i-034fcb0b4e2cb4302, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20plugin%20Microsoft%20Edge%20PDF%20Viewer&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10	34.248.78.201	200 OK	0 B
URL GET HTTP/2 login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20plugin%20Microsoft%20Edge%20PDF%20Viewer&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP 34.248.78.201:443 ASN #16509 AMAZON-02 Requested by https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 Certificate IssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20plugin%20Microsoft%20Edge%20PDF%20Viewer&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1 Host: login.micrasoft-395office.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 DNT: 1 Connection: keep-alive Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Tue, 23 Apr 2024 09:51:08 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: fb4eea5c-c8d1-41bd-90b9-9fa3c2f3f807 x-runtime: 0.001993 x-host-info: lw-prod-eu-i-0630ecaca960f15d1, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20browser_version%20%3D%2096&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10	34.248.78.201	200 OK	0 B
URL GET HTTP/2 login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20browser_version%20%3D%2096&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP 34.248.78.201:443 ASN #16509 AMAZON-02 Requested by https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 Certificate IssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20browser_version%20%3D%2096&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1 Host: login.micrasoft-395office.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 DNT: 1 Connection: keep-alive Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Tue, 23 Apr 2024 09:51:08 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: 57e9c18f-ca81-4d8f-85ee-e4f5576d3699 x-runtime: 0.001547 x-host-info: lw-prod-eu-i-034fcb0b4e2cb4302, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20width%20%3D%201280&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10	34.248.78.201	200 OK	0 B
URL GET HTTP/2 login.micrasoft-395office.com/trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20width%20%3D%201280&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 IP 34.248.78.201:443 ASN #16509 AMAZON-02 Requested by https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 Certificate IssuerAmazon Subjectinternalitsupport.net FingerprintFB:48:76:0A:4D:DF:9A:6C:82:EE:C7:69:2A:55:4E:62:A1:25:15:7C ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /trace?id=f5bc1e96feca7164&msg=BrowserDetect%20-%20width%20%3D%201280&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 HTTP/1.1 Host: login.micrasoft-395office.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.micrasoft-395office.com/load_training?guid=f5bc1e96feca7164&correlation_id=b256d646-2feb-4e58-bff2-3e68255cda10 DNT: 1 Connection: keep-alive Cookie: EXFILGUID=bc1e9eca71; link_clicked_bc1e9eca71=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Tue, 23 Apr 2024 09:51:08 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: 0b8d2214-45f9-4d5f-b2af-22f707501334 x-runtime: 0.004212 x-host-info: lw-prod-eu-i-0630ecaca960f15d1, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

JavaScript (31)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN