Report - login.shippingupdate.net/22258d2b2b934427?l=55

Report Overview

Submitted URL
login.shippingupdate.net/22258d2b2b934427?l=55
IP
52.44.195.56
ASN
#14618 AMAZON-AES
Submitted
2023-02-08 21:13:16
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
tslp.s3.amazonaws.com	209358	2013-09-16T21:53:54Z	2023-03-13T07:52:11Z	3.6 kB	160 kB	52.217.93.164
login.shippingupdate.net	unknown	2022-07-27T12:51:52Z	2023-03-10T06:43:48Z	38 kB	130 kB	52.44.195.56
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	3.0 kB	8.0 kB	23.33.119.27
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
java.com	15670	2012-05-21T05:30:49Z	2023-03-13T07:52:11Z	368 B	607 B	95.101.10.131
www.java.com	54045	2012-05-22T01:15:57Z	2023-03-13T07:51:59Z	386 B	6.5 kB	95.101.10.131
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	1.8 kB	4.8 kB	54.230.245.118
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	34.216.140.79
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
d2wy8f7a9ursnm.cloudfront.net	unknown	2014-05-01T09:51:58Z	2023-03-13T07:52:11Z	308 B	3.5 kB	54.230.245.128
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.3 kB	64 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-08	medium	login.shippingupdate.net/assets/ajax/libs/jquery/1.9.1/jquery.min.js	Phishing
2023-02-08	medium	login.shippingupdate.net/secure/browser_post	Phishing
2023-02-08	medium	login.shippingupdate.net/assets/ajax/libs/jquery/1.11.0/jquery.min.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (17)

	URL	Size	First Seen	Last Seen
	login.shippingupdate.net/assets/all.js?g=258d2b9344	28 kB	2023-03-07	2024-04-17
Pretty URL login.shippingupdate.net/assets/all.js?g=258d2b9344 IP 52.44.195.56 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:34:53 Last Seen2024-04-17 19:25:32 Times Seen514 Hash 097f74fc8f861ece148262a652ab806a 305ecb552c3ff6bd24b56333fab6e731eb81ed30 39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9 Loading...

	login.shippingupdate.net/assets/ajax/libs/jquery/1.9.1/jquery.min.js	93 kB	2023-03-07	2024-04-20
Pretty URL login.shippingupdate.net/assets/ajax/libs/jquery/1.9.1/jquery.min.js IP 52.44.195.56 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-20 08:28:05 Times Seen23222 Hash 397754ba49e9e0cf4e7c190da78dda05 ae49e56999d82802727455f0ba83b63acd90a22b c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4 Loading...

	tslp.s3.amazonaws.com/detect/flash.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21	6.7 kB	2023-03-07	2024-04-17
Pretty URL tslp.s3.amazonaws.com/detect/flash.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 IP 52.217.93.164 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:34:53 Last Seen2024-04-17 19:25:32 Times Seen132 Hash f9ad9a096894ba248e4a1f73e7eba1be f2449ce5f7a5c42ffdcc5f087a75b2513e73592c a26d01d5912459798481786640dc44fd7605d09f2f9e6dd24720205efcab6861 Loading...

	tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21	50 kB	2023-03-07	2024-04-17
Pretty URL tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 IP 52.217.93.164 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:34:53 Last Seen2024-04-17 19:25:32 Times Seen284 Hash 00a513f07603df01e3b99be00f370754 f0c03b1c50f39c95075df687cd55f18861631526 4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a Loading...

	tslp.s3.amazonaws.com/detect/silverlight.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21	4.2 kB	2023-03-07	2024-04-17
Pretty URL tslp.s3.amazonaws.com/detect/silverlight.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 IP 52.217.93.164 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:34:53 Last Seen2024-04-17 19:25:32 Times Seen131 Hash e6dd596d2bc204ea573b868b92028c26 fa58bba4c9a01b3764a881949a8423b773d8a338 0730a7e6770925fa4232096e4d9874514985ec791a63fe873f0e4e3cd7722381 Loading...

	java.com/js/deployJava.js	18 kB	2023-03-07	2024-04-17
Pretty URL java.com/js/deployJava.js IP 95.101.10.131 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:34:53 Last Seen2024-04-17 19:25:32 Times Seen170 Hash 9c1ae8d324e45716080572dfc20993a3 0afdd5636017b31750dd4e1a41ced118aaa5d3ab 358bb442f5d81ddc8e393d922458a9d84010efee2c346763ae87a45be92224d1 Loading...

	tslp.s3.amazonaws.com/detect/realplayer.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21	9.8 kB	2023-03-07	2024-04-17
Pretty URL tslp.s3.amazonaws.com/detect/realplayer.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 IP 52.217.93.164 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:34:53 Last Seen2024-04-17 19:25:32 Times Seen128 Hash 3d7be656672c16a34806c13388410325 c391646c980c60d75c35b33a974c97ae88114eef 88be902cc76b5ec1ec932b6ae93457b6b0ca69d7a36bfadefc2f24db225dc238 Loading...

	tslp.s3.amazonaws.com/detect/pdf.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21	23 kB	2023-03-07	2024-04-17
Pretty URL tslp.s3.amazonaws.com/detect/pdf.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 IP 52.217.93.164 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:34:53 Last Seen2024-04-17 19:25:32 Times Seen136 Hash 0d5882d41c8b6e40059c8d9acbcf1518 53103565f3c07416fc691583a43a91943dbf0809 d9b7c6163477008469af64b211e2dbd4f4171b85b51e3714f11c99f9ba2c32f9 Loading...

	login.shippingupdate.net/assets/ajax/libs/jquery/1.11.0/jquery.min.js	96 kB	2023-03-07	2024-04-20
Pretty URL login.shippingupdate.net/assets/ajax/libs/jquery/1.11.0/jquery.min.js IP 52.44.195.56 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:10 Last Seen2024-04-20 11:15:41 Times Seen18433 Hash 8fc25e27d42774aeae6edbc0a18b72aa b66ed708717bf0b4a005a4d0113af8843ef3b8ff b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682 Loading...

	tslp.s3.amazonaws.com/detect/quicktime.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21	7.0 kB	2023-03-07	2024-04-17
Pretty URL tslp.s3.amazonaws.com/detect/quicktime.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 IP 52.217.93.164 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:34:53 Last Seen2024-04-17 19:25:32 Times Seen129 Hash ee73f2f47d51116dc40b85a6b57eaf20 6c42011667bac1fa6c3272a11b510f22962d72a2 6ae53963f41133561c78b4332b564c01f551c471cd91d980436a9f5dacdd8f19 Loading...

	tslp.s3.amazonaws.com/detect/wmp.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21	5.9 kB	2023-03-07	2024-04-17
Pretty URL tslp.s3.amazonaws.com/detect/wmp.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 IP 52.217.93.164 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:34:53 Last Seen2024-04-17 19:25:32 Times Seen132 Hash ffd2cc77bb64d40beeb5d561fffe1f79 6cb535641677d27e4de591ceb3c4e2f408826e7d cdb16ca3ddd3cead71121799751fa80d3033375abcdbc5fc84d35fb82c7fc9de Loading...

	login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21	1.1 kB	2023-03-13	2024-02-07
Pretty URL login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 IP 52.44.195.56 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:54:33 Last Seen2024-02-07 05:18:11 Times Seen1 Hash 43eb67ef28ed6169cf13d004a3b948f5 a265f135408abbf88f5ceb4bff8efbd276a6c863 33d7080460db05fec6c20f189653297246c839f934da51767db5ddc85a5838bc Loading...

	d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js	6.6 kB	2023-03-07	2024-03-27
Pretty URL d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js IP 54.230.245.128 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:34:53 Last Seen2024-03-27 23:45:29 Times Seen369 Hash 85ff02da974c920ae6bfe5f6a602183f 849d4c02a6a1330e70ef6b53c5e50e56704e664a 9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc Loading...

	tslp.s3.amazonaws.com/detect/java.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21	51 kB	2023-03-07	2024-04-17
Pretty URL tslp.s3.amazonaws.com/detect/java.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 IP 52.217.93.164 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:34:53 Last Seen2024-04-17 19:25:32 Times Seen137 Hash 2bec0061039dc3fb25fc20aaf611d5b9 dfc11b0662ac5950d309e2615e887032dd1dde0c 4805fc6abdad8075af2165e241b781c3073d4769ae725e4004bf79064acb5f24 Loading...

	login.shippingupdate.net/22258d2b2b934427?l=55	1.0 kB	2023-03-13	2024-02-07
Pretty URL login.shippingupdate.net/22258d2b2b934427?l=55 IP 52.44.195.56 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:54:33 Last Seen2024-02-07 05:18:11 Times Seen1 Hash 976d57cf4171d7ae941412948108740b c6f471f467d081aec10b4ff2850d67e726a6ed02 9c3b4fee56df34eaeed354cdfed315451a9e001abd761e7a25df8e005fda6062 Loading...

	login.shippingupdate.net/22258d2b2b934427?l=55	746 B	2023-03-13	2024-02-07
Pretty URL login.shippingupdate.net/22258d2b2b934427?l=55 IP 52.44.195.56 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:54:33 Last Seen2024-02-07 05:18:11 Times Seen1 Hash f2ea4174934df33daa955b131dc0583f 4f19d08fef74976770f4f23e3cd04e5d0844b292 e52bb1f00e09c7e621107e85736d25f073fb61e2f8d1da6251160dd584ea6363 Loading...

	login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21	917 B	2023-03-13	2024-02-07
Pretty URL login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 IP 52.44.195.56 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:54:33 Last Seen2024-02-07 05:18:11 Times Seen1 Hash 6c42c335010fb7f42c0603281ffc018e b2bfdcd359c10966e83f9c492abfeb47fb2e23d2 b0392d29b81858d87dff5ba6f87eb8e19037119741af81a69793f7efdca93457 Loading...

HTTP Transactions (109)

URL IP Response Size

52.44.195.56

200 OK

972 B

URL HTTP/1.1
login.shippingupdate.net/22258d2b2b934427?l=55
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
972 B (972 bytes)
Hash
baab8ab5175858326f358abfd86a4b32
24436e155f65fe7826e09f1ad4792aa4aadb5455
a710b0c8dea11a2b9fb399e8d0b7e0b9aeaffbfd251ba8995425e015dffb0a07

HTTP Headers

GET /22258d2b2b934427?l=55 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:06 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
ETag: W/"a785d9a3f41896a6c96ae812fd9ca619"
Cache-Control: max-age=0, private, must-revalidate
Set-Cookie: EXFILGUID=258d2b9344; path=/
link_clicked_258d2b9344=1; path=/
X-Request-Id: 0f24f5db-1a1f-47ad-81f6-3e3b889e3b91
X-Runtime: 0.013232
X-Host-Info: lw-prod-us-i-05fa15b454c46f1be, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b7407cc102d62a5acd5e61f8a79bed36
c2f4890a62454e514962b55b7fc14228339c8e90
be282de92da261128a7c8471f3067466aa9930fd0ab2a2cdda8cd2d6ce2bbd74

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE282DE92DA261128A7C8471F3067466AA9930FD0AB2A2CDDA8CD2D6CE2BBD74"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2654
Expires: Wed, 08 Feb 2023 21:57:20 GMT
Date: Wed, 08 Feb 2023 21:13:06 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10087
Expires: Thu, 09 Feb 2023 00:01:13 GMT
Date: Wed, 08 Feb 2023 21:13:06 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11796
Expires: Thu, 09 Feb 2023 00:29:42 GMT
Date: Wed, 08 Feb 2023 21:13:06 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 08 Feb 2023 20:36:43 GMT
content-type: application/json
age: 2183
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: F4HR18WHqwAwvBoCBF1IjBfS6jFIMXt0VwQRImAowIr5VqLjNUGD7hUL/GTCB8LeGaoKR09zc+8=
x-amz-request-id: 5WRYAPPM7NWFQHWH
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 08 Feb 2023 20:46:06 GMT
age: 1620
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 21:13:06 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js

54.230.245.128

200 OK

3.0 kB

URL HTTP/1.1
d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
IP
54.230.245.128:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (6636), with no line terminators
Size
3.0 kB (2962 bytes)
Hash
6103bb5e4ec6141e19e1100caafc780c
1396838ef637042cbf702f6b5fdcd0281d93feb9
ccba3500aa323de51765587835fcd4842d46e4e2384e5cfd067506d0b6fc8a78

HTTP Headers

GET /bugsnag-2.min.js HTTP/1.1
Host: d2wy8f7a9ursnm.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/
Connection: keep-alive

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 2962
Connection: keep-alive
Last-Modified: Wed, 10 Aug 2016 00:30:49 GMT
Content-Encoding: gzip
x-amz-version-id: null
Accept-Ranges: bytes
Server: AmazonS3
Date: Wed, 08 Feb 2023 05:09:21 GMT
Cache-Control: public, max-age=604800
ETag: "6103bb5e4ec6141e19e1100caafc780c"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: BP6qPKJtsUO7Ohapw--HzJ2NeQh11SmwPhPhb6uDrA_Z5rvz5FJkQw==
Age: 587005

java.com/js/deployJava.js

95.101.10.131

302 Found

0 B

URL HTTP/2
java.com/js/deployJava.js
IP
95.101.10.131:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/deployJava.js HTTP/1.1
Host: java.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://login.shippingupdate.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: AkamaiGHost
content-length: 0
location: https://www.java.com/js/deployJava.js
cache-control: max-age=86400
expires: Thu, 09 Feb 2023 21:13:06 GMT
date: Wed, 08 Feb 2023 21:13:06 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
akamai-grn: 0.7f0a655f.1675890786.444ff9e
set-cookie: akaalb_OCE_Failover=1675890846~op=JCOM_OCE:oceProdappJcomProdOrigin|~rv=37~m=oceProdappJcomProdOrigin:0|~os=2708f36cb43ca861e42dc0215e4669c5~id=442fe7099376883018d34aa32d3c2579; path=/; Expires=Wed, 08 Feb 2023 21:14:06 GMT; Secure; SameSite=None
x-xss-protection: 1
X-Firefox-Spdy: h2

52.44.195.56

200 OK

7.2 kB

URL HTTP/1.1
login.shippingupdate.net/assets/all.js?g=258d2b9344
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
ASCII text
Size
7.2 kB (7191 bytes)
Hash
db7c58fc21f4bbb0900fed3889f61df2
24047c64e0dbdbcc8eef175a42dc1911f7f8a6aa
5a1dcea95a97b018b93cc58089502fd2069d508c02088c0c6a49533fef91afb7

HTTP Headers

GET /assets/all.js?g=258d2b9344 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:06 GMT
Content-Type: application/javascript
Content-Length: 7191
Connection: keep-alive
Last-Modified: Thu, 19 Jan 2023 14:03:29 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Server: ThreatSim-Web-Server
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public
Access-Control-Allow-Origin: *

52.44.195.56

200 OK

33 kB

URL HTTP/1.1
login.shippingupdate.net/assets/ajax/libs/jquery/1.9.1/jquery.min.js
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (32089)
Size
33 kB (32772 bytes)
Hash
1dca01c6231917aabe380a98f67dae36
c6c800587eadd27a45cd29ef6d05742182e1454c
47126bab74ac1fd0c429292dfde3face2f931752c30e527888763166088b451c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/ajax/libs/jquery/1.9.1/jquery.min.js HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 19 Jan 2023 14:03:29 GMT
Vary: Accept-Encoding
Server: ThreatSim-Web-Server
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public
Access-Control-Allow-Origin: *
Content-Encoding: gzip

www.java.com/js/deployJava.js

95.101.10.131

200 OK

5.5 kB

URL HTTP/2
www.java.com/js/deployJava.js
IP
95.101.10.131:0
ASN
#20940 Akamai International B.V.

File type
HTML document, ASCII text, with very long lines (18444), with no line terminators
Size
5.5 kB (5512 bytes)
Hash
7f24f47af4c9617cb4d6f5642bf5938f
2b5514af68aeead50ee564396a4eae2997e54939
59ccf883b6624b37724c791977919c9116d1025c1a20def63f4fb8984d47b3e1

HTTP Headers

GET /js/deployJava.js HTTP/1.1
Host: www.java.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://login.shippingupdate.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-disposition: attachment; filename="deployJava.js";filename*=UTF-8''deployJava.js
content-encoding: gzip
etag: D07B023847CD4DC5C4ED4AB4FC46AD47BDD6E99A0663:19
x-content-type-options: nosniff
x-oracle-dms-ecid: b53b70d7-8e10-469f-a56c-440abaee13cc-0469beae
x-oracle-dms-rid: 0
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
content-length: 5512
unused62: 8096267
cache-control: public, max-age=86400
expires: Thu, 09 Feb 2023 21:13:07 GMT
date: Wed, 08 Feb 2023 21:13:07 GMT
vary: Accept-Encoding
server-timing: cdn-cache; desc=HIT, edge; dur=29
akamai-grn: 0.7f0a655f.1675890787.445005d
set-cookie: akaalb_OCE_Failover=1675890847~op=JCOM_OCE:oceProdappJcomProdOrigin|~rv=75~m=oceProdappJcomProdOrigin:0|~os=2708f36cb43ca861e42dc0215e4669c5~id=b22befe662bcdd22c4c4a83b1527b1cc; path=/; Expires=Wed, 08 Feb 2023 21:14:07 GMT; Secure; SameSite=None
x-xss-protection: 1
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.118

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.118:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
b62cc5ef1a79b8b97b5715d57e0af6e3
1aa6fa0822a1583d3fbca5e8d8b2c36954bc218c
82810671603c33f2b44f0e95a7365717731c7a31e2b4f15d4c308ec5552c3f81

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 08 Feb 2023 21:13:07 GMT
Last-Modified: Wed, 08 Feb 2023 20:15:24 GMT
Server: ECS (nyb/1D04)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: NPb4qzNMj-zHZWAzS6qJ7eZerSywPXBdHtvwef-Bl2sg2Q7tJpqwJg==
Age: 3463

ocsp.sca1b.amazontrust.com/

54.230.245.118

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.118:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
b62cc5ef1a79b8b97b5715d57e0af6e3
1aa6fa0822a1583d3fbca5e8d8b2c36954bc218c
82810671603c33f2b44f0e95a7365717731c7a31e2b4f15d4c308ec5552c3f81

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 08 Feb 2023 21:13:07 GMT
Last-Modified: Wed, 08 Feb 2023 20:15:21 GMT
Server: ECS (nyb/1D34)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: qEkBnnAwr_-jzyrZbzjLOHh9y5Ie0ucbJDzRNJgMXj-RMHeMblPg8g==
Age: 3466

ocsp.sca1b.amazontrust.com/

54.230.245.118

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.118:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
b62cc5ef1a79b8b97b5715d57e0af6e3
1aa6fa0822a1583d3fbca5e8d8b2c36954bc218c
82810671603c33f2b44f0e95a7365717731c7a31e2b4f15d4c308ec5552c3f81

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 08 Feb 2023 21:13:07 GMT
Last-Modified: Wed, 08 Feb 2023 20:15:24 GMT
Server: ECS (nyb/1D04)
X-Cache: Miss from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: P4Ny_RvOsVz4UjnEsjWZYTiqAuTcPd3GyMd35x5QS5oWYpUa2HXIhA==
Age: 3463

ocsp.sca1b.amazontrust.com/

54.230.245.118

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.118:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
b62cc5ef1a79b8b97b5715d57e0af6e3
1aa6fa0822a1583d3fbca5e8d8b2c36954bc218c
82810671603c33f2b44f0e95a7365717731c7a31e2b4f15d4c308ec5552c3f81

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 08 Feb 2023 21:13:07 GMT
Last-Modified: Wed, 08 Feb 2023 20:15:19 GMT
Server: ECS (bsa/EB13)
X-Cache: Miss from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: h_f-eoz06Plw9pUY8tGAW_kp5gqGA3BLnUdSsqwfMUsfPlWvT6wJYQ==
Age: 3468

ocsp.sca1b.amazontrust.com/

54.230.245.118

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.118:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
b62cc5ef1a79b8b97b5715d57e0af6e3
1aa6fa0822a1583d3fbca5e8d8b2c36954bc218c
82810671603c33f2b44f0e95a7365717731c7a31e2b4f15d4c308ec5552c3f81

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=149624
Date: Wed, 08 Feb 2023 21:13:07 GMT
Etag: "63e3a84f-1d7"
Expires: Fri, 10 Feb 2023 14:46:51 GMT
Last-Modified: Wed, 08 Feb 2023 13:49:03 GMT
Server: ECS (bsa/EB15)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: HyGKf3016BABUAIU7wdNDi_T3z3UvzjrpZTcDo57P0FBbdtf2WcB8w==
Age: 3468

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Retry-After, Content-Length, Content-Type, ETag, Cache-Control, Alert, Pragma, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 08 Feb 2023 20:51:20 GMT
age: 1307
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

tslp.s3.amazonaws.com/detect/quicktime.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.217.93.164

200 OK

7.0 kB

URL HTTP/1.1
tslp.s3.amazonaws.com/detect/quicktime.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.217.93.164:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (322)
Size
7.0 kB (6999 bytes)
Hash
ee73f2f47d51116dc40b85a6b57eaf20
6c42011667bac1fa6c3272a11b510f22962d72a2
6ae53963f41133561c78b4332b564c01f551c471cd91d980436a9f5dacdd8f19

HTTP Headers

GET /detect/quicktime.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://login.shippingupdate.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: 4Va0DIhVkawBuFAImOX1NglCPi+D9tzhYVzESoGGblVNeomXQFdZpQBzPnYRN6s9GL+UL4UX+tY=
x-amz-request-id: Q87Q6J2JK82EVVN4
Date: Wed, 08 Feb 2023 21:13:08 GMT
Last-Modified: Wed, 15 Feb 2017 14:41:05 GMT
ETag: "ee73f2f47d51116dc40b85a6b57eaf20"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 6999

tslp.s3.amazonaws.com/detect/flash.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.217.93.164

200 OK

6.7 kB

URL HTTP/1.1
tslp.s3.amazonaws.com/detect/flash.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.217.93.164:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
6.7 kB (6680 bytes)
Hash
f9ad9a096894ba248e4a1f73e7eba1be
f2449ce5f7a5c42ffdcc5f087a75b2513e73592c
a26d01d5912459798481786640dc44fd7605d09f2f9e6dd24720205efcab6861

HTTP Headers

GET /detect/flash.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://login.shippingupdate.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: YG55TKWVPs1nxccHfI/rCdo6q/RC9cSmuAE8CACneTRg2RvVfJRnJ7PZpanXuckXfA6PJZ/N7iI=
x-amz-request-id: Q87W9MBSB1BSZ9NM
Date: Wed, 08 Feb 2023 21:13:08 GMT
Last-Modified: Wed, 15 Feb 2017 03:54:01 GMT
ETag: "f9ad9a096894ba248e4a1f73e7eba1be"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 6680

tslp.s3.amazonaws.com/detect/realplayer.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.217.93.164

200 OK

9.8 kB

URL HTTP/1.1
tslp.s3.amazonaws.com/detect/realplayer.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.217.93.164:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
9.8 kB (9775 bytes)
Hash
3d7be656672c16a34806c13388410325
c391646c980c60d75c35b33a974c97ae88114eef
88be902cc76b5ec1ec932b6ae93457b6b0ca69d7a36bfadefc2f24db225dc238

HTTP Headers

GET /detect/realplayer.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://login.shippingupdate.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: YL6dmxajUJahrKjBDL3joFF1CY0V2t6szpzQg1f9vcHtMsZRJN6XZUK2QhF+zICkykTR3L5/UtQ=
x-amz-request-id: Q87T5HY2ZJ8MV5Z7
Date: Wed, 08 Feb 2023 21:13:08 GMT
Last-Modified: Wed, 15 Feb 2017 14:45:02 GMT
ETag: "3d7be656672c16a34806c13388410325"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 9775

tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.217.93.164

200 OK

50 kB

URL HTTP/1.1
tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.217.93.164:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (306)
Size
50 kB (50085 bytes)
Hash
00a513f07603df01e3b99be00f370754
f0c03b1c50f39c95075df687cd55f18861631526
4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a

HTTP Headers

GET /detect/plugin_detect.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://login.shippingupdate.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: +QA9sVipszK6n4lEGVz2OjofVdrUgaqUWhueaRs4gO9uIKA17TfRqkUcCU43Parrhsy7xXxNr8Y=
x-amz-request-id: Q87GDCKK20GCNB3B
Date: Wed, 08 Feb 2023 21:13:08 GMT
Last-Modified: Wed, 15 Feb 2017 17:56:07 GMT
ETag: "00a513f07603df01e3b99be00f370754"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 50085

tslp.s3.amazonaws.com/detect/pdf.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.217.93.164

200 OK

23 kB

URL HTTP/1.1
tslp.s3.amazonaws.com/detect/pdf.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.217.93.164:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
23 kB (22855 bytes)
Hash
0d5882d41c8b6e40059c8d9acbcf1518
53103565f3c07416fc691583a43a91943dbf0809
d9b7c6163477008469af64b211e2dbd4f4171b85b51e3714f11c99f9ba2c32f9

HTTP Headers

GET /detect/pdf.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://login.shippingupdate.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: Nhs1+7xKLPa2vpgHqQFhA7CNh07vu8TIxbqWm6NmY+DdCrNkg6AZMAs0Ptl0wOu1i9vdCX/gzVU=
x-amz-request-id: Q87ZAS8N01V7N982
Date: Wed, 08 Feb 2023 21:13:08 GMT
Last-Modified: Wed, 15 Feb 2017 14:39:34 GMT
ETag: "0d5882d41c8b6e40059c8d9acbcf1518"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 22855

tslp.s3.amazonaws.com/detect/silverlight.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.217.93.164

200 OK

4.2 kB

URL HTTP/1.1
tslp.s3.amazonaws.com/detect/silverlight.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.217.93.164:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
4.2 kB (4234 bytes)
Hash
e6dd596d2bc204ea573b868b92028c26
fa58bba4c9a01b3764a881949a8423b773d8a338
0730a7e6770925fa4232096e4d9874514985ec791a63fe873f0e4e3cd7722381

HTTP Headers

GET /detect/silverlight.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://login.shippingupdate.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: T57oaELcQgXB4i7h3zZtCOt40P8jnQ7Bblmti2LyWTnB7j0tbpBT4MaH3Cl9nK8FPzzIhZYbPOI=
x-amz-request-id: Q87PDDTRW0480KKJ
Date: Wed, 08 Feb 2023 21:13:08 GMT
Last-Modified: Wed, 15 Feb 2017 18:00:03 GMT
ETag: "e6dd596d2bc204ea573b868b92028c26"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 4234

tslp.s3.amazonaws.com/detect/java.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.217.93.164

200 OK

51 kB

URL HTTP/1.1
tslp.s3.amazonaws.com/detect/java.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.217.93.164:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
51 kB (50717 bytes)
Hash
2bec0061039dc3fb25fc20aaf611d5b9
dfc11b0662ac5950d309e2615e887032dd1dde0c
4805fc6abdad8075af2165e241b781c3073d4769ae725e4004bf79064acb5f24

HTTP Headers

GET /detect/java.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://login.shippingupdate.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: gSfZbFZfsvJ5F96XKy4WemYx++7q+7jJRtPLMqE2SxCoW7rbsS+6vBE96kSTtM/faFqmygQ7RMU=
x-amz-request-id: Q87TV6STRG6P7766
Date: Wed, 08 Feb 2023 21:13:08 GMT
Last-Modified: Wed, 15 Feb 2017 14:38:28 GMT
ETag: "2bec0061039dc3fb25fc20aaf611d5b9"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 50717

tslp.s3.amazonaws.com/detect/wmp.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.217.93.164

200 OK

5.9 kB

URL HTTP/1.1
tslp.s3.amazonaws.com/detect/wmp.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.217.93.164:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
5.9 kB (5941 bytes)
Hash
ffd2cc77bb64d40beeb5d561fffe1f79
6cb535641677d27e4de591ceb3c4e2f408826e7d
cdb16ca3ddd3cead71121799751fa80d3033375abcdbc5fc84d35fb82c7fc9de

HTTP Headers

GET /detect/wmp.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://login.shippingupdate.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: NAdjntouiGa5gzeM1+XQvznciMTFQZpSS2Sv19/ggk0HW9rKMAzq2vZvMFffl6ykVlGh13ccECw=
x-amz-request-id: Q87S4G5DV9SDASB8
Date: Wed, 08 Feb 2023 21:13:08 GMT
Last-Modified: Wed, 15 Feb 2017 15:07:14 GMT
ETag: "ffd2cc77bb64d40beeb5d561fffe1f79"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 5941

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7605
Expires: Wed, 08 Feb 2023 23:19:52 GMT
Date: Wed, 08 Feb 2023 21:13:07 GMT
Connection: keep-alive

login.shippingupdate.net/trace?id=258d2b9344&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=258d2b9344&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=258d2b9344&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: fe200d2f-e2fe-46fe-b805-e01818af6f4a
X-Runtime: 0.002027
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=258d2b9344&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=258d2b9344&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=258d2b9344&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 2be929be-8602-4769-bde7-e614fd4fda5f
X-Runtime: 0.002070
X-Host-Info: lw-prod-us-i-05fa15b454c46f1be, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=258d2b9344&msg=BrowserDetect%20-%20browser%20%3D%20Firefox&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=258d2b9344&msg=BrowserDetect%20-%20browser%20%3D%20Firefox&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=258d2b9344&msg=BrowserDetect%20-%20browser%20%3D%20Firefox&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: d42cc8a2-19cb-443d-9932-86a5aeaf6ae8
X-Runtime: 0.001684
X-Host-Info: lw-prod-us-i-0420c71664e52123c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=258d2b9344&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=258d2b9344&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=258d2b9344&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 95b1f898-2fdf-49fa-8001-ac2535263f78
X-Runtime: 0.001994
X-Host-Info: lw-prod-us-i-05fa15b454c46f1be, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/secure/browser_post
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /secure/browser_post HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 1099
Origin: http://login.shippingupdate.net
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:07 GMT
Content-Type: image/gif; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Vary: Accept-Encoding, Accept
Cache-Control: no-cache
X-Request-Id: c212ad0b-5c79-460d-a623-cb2ae3b5fdea
X-Runtime: 0.009182
X-Host-Info: lw-prod-us-i-0a6a908399b74e6df, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=258d2b9344&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=258d2b9344&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=258d2b9344&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 1fcbbc96-96e3-422c-a119-05a5993fc86c
X-Runtime: 0.001513
X-Host-Info: lw-prod-us-i-05fa15b454c46f1be, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=258d2b9344&msg=BrowserDetect%20-%20os_version%20%3D%2010&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=258d2b9344&msg=BrowserDetect%20-%20os_version%20%3D%2010&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=258d2b9344&msg=BrowserDetect%20-%20os_version%20%3D%2010&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 3fee3724-4a5d-4de8-a8c2-728e308951fb
X-Runtime: 0.001880
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=258d2b9344&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=258d2b9344&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=258d2b9344&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 6f0b8b5d-898e-44d0-93cd-f1a87ecb1fb0
X-Runtime: 0.001770
X-Host-Info: lw-prod-us-i-0a6a908399b74e6df, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=258d2b9344&msg=BrowserDetect%20-%20width%20%3D%201280&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=258d2b9344&msg=BrowserDetect%20-%20width%20%3D%201280&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=258d2b9344&msg=BrowserDetect%20-%20width%20%3D%201280&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: b1535cee-9036-49ee-8060-1ed3a587f939
X-Runtime: 0.001693
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=258d2b9344&msg=BrowserDetect%20-%20height%20%3D%201024&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=258d2b9344&msg=BrowserDetect%20-%20height%20%3D%201024&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=258d2b9344&msg=BrowserDetect%20-%20height%20%3D%201024&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: b8c32be5-111c-4c88-8622-76f6a1d3c8fa
X-Runtime: 0.001820
X-Host-Info: lw-prod-us-i-0a6a908399b74e6df, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=258d2b9344&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=258d2b9344&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=258d2b9344&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 0255f8c9-51d4-4c1e-8e25-4266d41ed32c
X-Runtime: 0.001791
X-Host-Info: lw-prod-us-i-05fa15b454c46f1be, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

push.services.mozilla.com/

34.216.140.79

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.216.140.79:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: jO5Apdno61fD/GSDboV7vw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: oiBxlrVe4xihorp72bk/Iz2vjeg=

login.shippingupdate.net/trace?id=258d2b9344&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=258d2b9344&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=258d2b9344&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 6e39a08f-75ef-45a8-bace-1e11a670237c
X-Runtime: 0.001725
X-Host-Info: lw-prod-us-i-0420c71664e52123c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=258d2b9344&msg=java_version_pl%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=258d2b9344&msg=java_version_pl%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=258d2b9344&msg=java_version_pl%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 3710df32-90c8-42c3-b609-d391f545ccf3
X-Runtime: 0.001865
X-Host-Info: lw-prod-us-i-0a6a908399b74e6df, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=258d2b9344&msg=java_version_jres%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=258d2b9344&msg=java_version_jres%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=258d2b9344&msg=java_version_jres%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: b9b79d02-6e17-4489-a41c-acae508e6b04
X-Runtime: 0.001687
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=258d2b9344&msg=Loading%20flash%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=258d2b9344&msg=Loading%20flash%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=258d2b9344&msg=Loading%20flash%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: e60a794b-47e1-4d11-8c77-6519aea6f4f0
X-Runtime: 0.002234
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=258d2b9344&msg=java_version%20%3D%20undefined&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=258d2b9344&msg=java_version%20%3D%20undefined&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=258d2b9344&msg=java_version%20%3D%20undefined&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 3f943187-d6ad-4682-93ad-c2fd001139ac
X-Runtime: 0.001864
X-Host-Info: lw-prod-us-i-0420c71664e52123c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=258d2b9344&msg=flash%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=258d2b9344&msg=flash%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=258d2b9344&msg=flash%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: a96442a3-5e26-4aff-8862-e2287b67c6c9
X-Runtime: 0.001955
X-Host-Info: lw-prod-us-i-0a6a908399b74e6df, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=258d2b9344&msg=Loading%20pdf%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=258d2b9344&msg=Loading%20pdf%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=258d2b9344&msg=Loading%20pdf%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: b99af3bc-7380-4fe5-86ef-0ccab106ab88
X-Runtime: 0.001734
X-Host-Info: lw-prod-us-i-0420c71664e52123c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=258d2b9344&msg=pdf%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=258d2b9344&msg=pdf%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 886aba22-8697-48ad-a814-044993bfc17f
X-Runtime: 0.001932
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=258d2b9344&msg=Could%20not%20find%20AdobeReader%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=258d2b9344&msg=Could%20not%20find%20AdobeReader%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=258d2b9344&msg=Could%20not%20find%20AdobeReader%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 23514900-cd90-4cf3-9567-e9f7424ef0b0
X-Runtime: 0.002378
X-Host-Info: lw-prod-us-i-0a6a908399b74e6df, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=258d2b9344&msg=quicktime%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=258d2b9344&msg=quicktime%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=258d2b9344&msg=quicktime%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 04a6a3d6-aaa1-4f70-b12c-794beaebb3e3
X-Runtime: 0.001784
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=258d2b9344&msg=Loading%20quicktime%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=258d2b9344&msg=Loading%20quicktime%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=258d2b9344&msg=Loading%20quicktime%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 7b4f26a2-2f95-40e0-ba28-d27fd04c614e
X-Runtime: 0.002015
X-Host-Info: lw-prod-us-i-0420c71664e52123c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=258d2b9344&msg=Loading%20RealPlayer%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=258d2b9344&msg=Loading%20RealPlayer%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=258d2b9344&msg=Loading%20RealPlayer%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 0c5075f5-575f-4e02-a7a6-18f2e06c6c62
X-Runtime: 0.001753
X-Host-Info: lw-prod-us-i-0a6a908399b74e6df, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=258d2b9344&msg=realplayer%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=258d2b9344&msg=realplayer%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=258d2b9344&msg=realplayer%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 395351e9-c3bb-4a73-a0e2-1d265b2e9184
X-Runtime: 0.001528
X-Host-Info: lw-prod-us-i-0420c71664e52123c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=258d2b9344&msg=Loading%20Silverlight%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=258d2b9344&msg=Loading%20Silverlight%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=258d2b9344&msg=Loading%20Silverlight%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: c42f9a7e-e34e-468d-abec-b7a0a4dfbafd
X-Runtime: 0.002007
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=258d2b9344&msg=silverlight%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=258d2b9344&msg=silverlight%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=258d2b9344&msg=silverlight%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 5e0b4963-3491-453a-84ce-b0902a5b34e7
X-Runtime: 0.001800
X-Host-Info: lw-prod-us-i-0a6a908399b74e6df, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=258d2b9344&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=258d2b9344&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=258d2b9344&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: c0db32c5-9953-42fe-bf76-0b483086d5d3
X-Runtime: 0.001875
X-Host-Info: lw-prod-us-i-0420c71664e52123c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=258d2b9344&msg=wmp%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=258d2b9344&msg=wmp%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 8798380d-3bed-4b08-9c04-dec95224ea5b
X-Runtime: 0.001954
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=258d2b9344&msg=redirecting%20to%20%2Fload_training%3Fguid%3D5c258d2a4b9344ad%26correlation_id%3D5150a660-fdce-4e3e-95dd-c3d85d540c21&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=258d2b9344&msg=redirecting%20to%20%2Fload_training%3Fguid%3D5c258d2a4b9344ad%26correlation_id%3D5150a660-fdce-4e3e-95dd-c3d85d540c21&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=258d2b9344&msg=redirecting%20to%20%2Fload_training%3Fguid%3D5c258d2a4b9344ad%26correlation_id%3D5150a660-fdce-4e3e-95dd-c3d85d540c21&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: aedb4e38-2f8f-4c40-83c9-3af3664047f8
X-Runtime: 0.002146
X-Host-Info: lw-prod-us-i-0a6a908399b74e6df, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=258d2b9344&msg=BrowserDetect%20-%20browser_version%20%3D%20105&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=258d2b9344&msg=BrowserDetect%20-%20browser_version%20%3D%20105&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=258d2b9344&msg=BrowserDetect%20-%20browser_version%20%3D%20105&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: f7c888a9-2eed-4a00-a3ea-e06a0602c57c
X-Runtime: 0.001398
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=258d2b9344&msg=browser_post_successful&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=258d2b9344&msg=browser_post_successful&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=258d2b9344&msg=browser_post_successful&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: f984352a-3b48-438a-a3bf-48238d2dabd9
X-Runtime: 0.001374
X-Host-Info: lw-prod-us-i-05fa15b454c46f1be, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=258d2b9344&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=258d2b9344&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=258d2b9344&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 9454dadc-7c9f-40c5-97ee-181f18ef5cab
X-Runtime: 0.001728
X-Host-Info: lw-prod-us-i-0a6a908399b74e6df, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

52.44.195.56

200 OK

0 B

URL HTTP/1.1
login.shippingupdate.net/favicon.ico
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:08 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Last-Modified: Thu, 19 Jan 2023 14:03:29 GMT
ETag: "63c94db1-0"
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

52.44.195.56

200 OK

1.9 kB

URL HTTP/1.1
login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (822)
Size
1.9 kB (1888 bytes)
Hash
65543f4471a1a5904dfa4a66eea0aed1
3d20826b288721c43790e882261f442bd633c28a
b8248829ce4c1e68ad1f75731a2b578ffabff1b01960e7c93305e3608b3e6500

HTTP Headers

GET /load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:08 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
ETag: W/"1792d2ad47976bb82afccde1ba61255c"
Cache-Control: max-age=0, private, must-revalidate
X-Request-Id: 3afd84ad-2712-422e-bda7-cbd5b1fa36b9
X-Runtime: 0.014907
X-Host-Info: lw-prod-us-i-0420c71664e52123c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

52.44.195.56

200 OK

7.2 kB

URL HTTP/1.1
login.shippingupdate.net/assets/all.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
ASCII text
Size
7.2 kB (7191 bytes)
Hash
db7c58fc21f4bbb0900fed3889f61df2
24047c64e0dbdbcc8eef175a42dc1911f7f8a6aa
5a1dcea95a97b018b93cc58089502fd2069d508c02088c0c6a49533fef91afb7

HTTP Headers

GET /assets/all.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:08 GMT
Content-Type: application/javascript
Content-Length: 7191
Connection: keep-alive
Last-Modified: Thu, 19 Jan 2023 14:03:29 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Server: ThreatSim-Web-Server
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public
Access-Control-Allow-Origin: *

52.44.195.56

200 OK

33 kB

URL HTTP/1.1
login.shippingupdate.net/assets/ajax/libs/jquery/1.11.0/jquery.min.js
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (32341)
Size
33 kB (33357 bytes)
Hash
47fef3745452b8af6196adc0e73084f0
482da2d6a2499d3127eb3dc073bc80c530a047fd
416a096f0dce236c69c9376cb7571be669d610767262a9b940d3d34a34ee1058

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/ajax/libs/jquery/1.11.0/jquery.min.js HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 19 Jan 2023 14:03:29 GMT
Vary: Accept-Encoding
Server: ThreatSim-Web-Server
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=unknown&msg=get-id%20is%20undefined&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=unknown&msg=get-id%20is%20undefined&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=unknown&msg=get-id%20is%20undefined&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 78d21744-a277-4b44-9b4b-038eb7264da8
X-Runtime: 0.001797
X-Host-Info: lw-prod-us-i-0a6a908399b74e6df, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=undefined&msg=window.tracking_id%20is%20not%20set%2C%20let%27s%20get%20it&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=undefined&msg=window.tracking_id%20is%20not%20set%2C%20let%27s%20get%20it&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=undefined&msg=window.tracking_id%20is%20not%20set%2C%20let%27s%20get%20it&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 09fada52-07d2-4916-b140-1c431557ec13
X-Runtime: 0.001879
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=unknown&msg=did%20not%20find%20guid%20in%20last%20part%20of%20location&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=unknown&msg=did%20not%20find%20guid%20in%20last%20part%20of%20location&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=unknown&msg=did%20not%20find%20guid%20in%20last%20part%20of%20location&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 79c32a40-724c-4ddb-ab50-a6bf4559b445
X-Runtime: 0.001954
X-Host-Info: lw-prod-us-i-05fa15b454c46f1be, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 1780fe72-5278-4ffc-92f2-638b93c09166
X-Runtime: 0.001696
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 2d76dfea-47e8-44cc-b943-0234c9f301aa
X-Runtime: 0.002027
X-Host-Info: lw-prod-us-i-0a6a908399b74e6df, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 4878639a-be07-4a74-8fc7-c62df5658f84
X-Runtime: 0.001719
X-Host-Info: lw-prod-us-i-05fa15b454c46f1be, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20browser%20%3D%20Firefox&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20browser%20%3D%20Firefox&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20browser%20%3D%20Firefox&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 9e535c8f-f04c-4ee8-b6fb-fc43bd5380e1
X-Runtime: 0.001907
X-Host-Info: lw-prod-us-i-0420c71664e52123c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: d0564813-90b5-4826-b9b9-9d2d8a6dd7da
X-Runtime: 0.001672
X-Host-Info: lw-prod-us-i-0a6a908399b74e6df, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20browser_version%20%3D%20105&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20browser_version%20%3D%20105&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20browser_version%20%3D%20105&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: e9c12fa5-1659-4ea6-b65c-55e528f8ac49
X-Runtime: 0.002937
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20os_version%20%3D%2010&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20os_version%20%3D%2010&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20os_version%20%3D%2010&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 00ace2bf-7d40-4336-975a-f968238ee79d
X-Runtime: 0.001079
X-Host-Info: lw-prod-us-i-0420c71664e52123c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 576848e4-4733-4adb-ad65-c0a1957862cf
X-Runtime: 0.001363
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 6c272001-afa1-475e-862a-655764ee9637
X-Runtime: 0.001574
X-Host-Info: lw-prod-us-i-0a6a908399b74e6df, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20width%20%3D%201280&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20width%20%3D%201280&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20width%20%3D%201280&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: ea76fe99-508b-4e75-a8d7-469ee2571a99
X-Runtime: 0.001594
X-Host-Info: lw-prod-us-i-05fa15b454c46f1be, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20height%20%3D%201024&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20height%20%3D%201024&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20height%20%3D%201024&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 66fe5faa-8e32-43b0-ba37-ea3e2205220f
X-Runtime: 0.001746
X-Host-Info: lw-prod-us-i-0420c71664e52123c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=5c258d2a4b9344ad&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 83da64fc-357d-4847-8d1d-1c4dadc4d94f
X-Runtime: 0.001719
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=java_version_pl%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=java_version_pl%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=5c258d2a4b9344ad&msg=java_version_pl%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: ffceebc5-b795-4ac8-9cbd-85bb69ffbf2d
X-Runtime: 0.001569
X-Host-Info: lw-prod-us-i-05fa15b454c46f1be, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=5c258d2a4b9344ad&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: c479cfa2-1cf6-4983-97d0-47fe41bc2586
X-Runtime: 0.001682
X-Host-Info: lw-prod-us-i-0420c71664e52123c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=java_version_jres%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=java_version_jres%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=5c258d2a4b9344ad&msg=java_version_jres%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: b34681f7-99cd-4a8e-b5b3-79331ab30e52
X-Runtime: 0.001972
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=java_version%20%3D%20undefined&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=java_version%20%3D%20undefined&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=5c258d2a4b9344ad&msg=java_version%20%3D%20undefined&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: d88f8c35-78af-4e57-bc2a-00aa8f92bc4a
X-Runtime: 0.001657
X-Host-Info: lw-prod-us-i-05fa15b454c46f1be, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10016
Expires: Thu, 09 Feb 2023 00:00:05 GMT
Date: Wed, 08 Feb 2023 21:13:09 GMT
Connection: keep-alive

login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=Loading%20flash%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=Loading%20flash%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=5c258d2a4b9344ad&msg=Loading%20flash%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 9233c77b-1de0-4d0c-bc6e-448584e4f8ab
X-Runtime: 0.001886
X-Host-Info: lw-prod-us-i-0420c71664e52123c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=flash%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=flash%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=5c258d2a4b9344ad&msg=flash%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 3d35abb4-198b-4854-9aa0-24dbe3412c64
X-Runtime: 0.001987
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10016
Expires: Thu, 09 Feb 2023 00:00:05 GMT
Date: Wed, 08 Feb 2023 21:13:09 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99e021e8-f66e-44fd-94ca-b30d25a8f5b4.jpeg

34.120.237.76

200 OK

5.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99e021e8-f66e-44fd-94ca-b30d25a8f5b4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.0 kB (4961 bytes)
Hash
544181f4aba24fc687a14522dd20f720
2b117270563b8c466ec774acce55271c38f6135b
607c45cc5b4726b92c8507988bbb90ac6a44a3cf22b290030d440266350099a1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99e021e8-f66e-44fd-94ca-b30d25a8f5b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 4961
x-amzn-requestid: c3b9db99-726f-4473-a6b6-9cff0dceb949
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fswe1GeRoAMFiAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63db612b-17b52fcd74e374f1104af709;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 07:07:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dSxTM3mmYK8cLOy5_x4o-lew1goEgwT4fBHi0pM-HSK_qBC6rDAlzg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 05:47:57 GMT
age: 55512
etag: "2b117270563b8c466ec774acce55271c38f6135b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8532aa1-7280-445c-9c4c-b562d09929d0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10328 bytes)
Hash
1d2eccb9280b851aa1725df5681f6bbd
b4e2b14ee5bc9ee6c9c05666c34b2d1b6ec425b5
c64ece16f4c550feb05db1bccbf74b49d839e77fea31893d48a3f0c267939c92

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8532aa1-7280-445c-9c4c-b562d09929d0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 10328
x-amzn-requestid: 0b0b3fcd-416c-47ac-afa0-51be0ab85665
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_PPlGGqoAMFxYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c596-219ee5023d71e4ce17d49233;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:41:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pNBF_lBtNmvVWQAnBxCp0e03pdV_rbGOf9V1UvqeRO2vcZR3_lSE2w==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:55:21 GMT
age: 83868
etag: "b4e2b14ee5bc9ee6c9c05666c34b2d1b6ec425b5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbee0b552-d236-4fa2-b702-1571b09d3fd6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.1 kB (6060 bytes)
Hash
db6e81972b8835dc48a0dae751ffde5f
826e2195cc52905cfed0bc4f01646290261113b6
720e6105b2ccc9cbc8fd005d53873ced5467a852c7a5041ce2ef96785c0d92f7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbee0b552-d236-4fa2-b702-1571b09d3fd6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 6060
x-amzn-requestid: 80cbc454-e1b4-4e53-a3b6-3a5ac11920c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_PPQEPNIAMFkqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c594-4539ebb17f27d88a47100a82;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:41:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WvujLqUMXZ4VAF2OePAIOdk96p6-GwwVcWEGORS2NKZ3XxgGIZHAww==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:55:15 GMT
age: 83874
etag: "826e2195cc52905cfed0bc4f01646290261113b6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a39697d-4bed-4ebe-970d-d9950958f814.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (13714 bytes)
Hash
5de2fe3c9a2b091689a7213c4f781446
385fa88a857ba301f37ab56d72d11fb49abd8c6b
b64b11a68493fa304aa6102bf9b9ff11fab5e1536ecf768e4b0fa51470ae2293

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a39697d-4bed-4ebe-970d-d9950958f814.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 13714
x-amzn-requestid: 8f776dba-4e5d-46e5-a3ac-459d86852375
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_PFjGNHIAMFrMA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c556-74429dc755cc37672c68b58b;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:40:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KYWj40o5goODdNjGr_Evrb_bfXcxtJRIyGvs7ViEWlELAyJt0-ZzMw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:54:14 GMT
age: 83935
etag: "385fa88a857ba301f37ab56d72d11fb49abd8c6b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F308abacb-8d5b-49bf-9e2b-59b6b40157cb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12772 bytes)
Hash
2bf626b824fefec1ecaceb9243f2e5ec
f222976d76d889a0cd767bfd73075ee114c531ce
3f981850c6e6628245be7f7e26418d8b945dbeaf45e06492d8e2ee9409245195

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F308abacb-8d5b-49bf-9e2b-59b6b40157cb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 12772
x-amzn-requestid: a4603c5c-c842-4a1d-bf09-550f160e1082
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7OEz8oAMFbOg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c514-763b7ecf50411a4d13dd8a25;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ECAdRS7as57pL15HxK4Ep0YOho8Kba8RFhMVnXGdJuKYItQHNf2yHA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:54:14 GMT
age: 83935
etag: "f222976d76d889a0cd767bfd73075ee114c531ce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7e586b8-49f5-40c3-b0d4-f6cdfc375a2b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9760 bytes)
Hash
18a84ae645223aba0709b5e16c0207f7
0b865e797846520ccc6fff6fb2ee38d8836bd2c0
b1e4868045f074a84e3de1d82ec3ae22f6d2a1a4131b2a40bcce7f3f5375aff7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7e586b8-49f5-40c3-b0d4-f6cdfc375a2b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 9760
x-amzn-requestid: d5d8fdde-048f-4705-9fa4-99fd7d29d804
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f582DETSIAMFmEA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0a826-52a3b175584df1914260c8ae;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 07:11:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: wUaruDuqNDIlR6CWz9G7DAofcvS7UNmtPM7C2ve-RRbp57J43rWPxQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 07:27:43 GMT
age: 49526
etag: "0b865e797846520ccc6fff6fb2ee38d8836bd2c0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10016
Expires: Thu, 09 Feb 2023 00:00:05 GMT
Date: Wed, 08 Feb 2023 21:13:09 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10016
Expires: Thu, 09 Feb 2023 00:00:05 GMT
Date: Wed, 08 Feb 2023 21:13:09 GMT
Connection: keep-alive

login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=Loading%20pdf%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=Loading%20pdf%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=5c258d2a4b9344ad&msg=Loading%20pdf%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 5885946c-3e29-4a46-b864-e68049958a42
X-Runtime: 0.002021
X-Host-Info: lw-prod-us-i-0a6a908399b74e6df, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=Could%20not%20find%20AdobeReader%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=Could%20not%20find%20AdobeReader%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=5c258d2a4b9344ad&msg=Could%20not%20find%20AdobeReader%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: af37026f-2f8f-46ed-bf66-f9ca8ba7854f
X-Runtime: 0.001410
X-Host-Info: lw-prod-us-i-05fa15b454c46f1be, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=pdf%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=pdf%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=5c258d2a4b9344ad&msg=pdf%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: ad1f8376-7d08-46b4-9df7-4c4189c8e2a1
X-Runtime: 0.001816
X-Host-Info: lw-prod-us-i-0420c71664e52123c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10016
Expires: Thu, 09 Feb 2023 00:00:05 GMT
Date: Wed, 08 Feb 2023 21:13:09 GMT
Connection: keep-alive

login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=Loading%20quicktime%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=Loading%20quicktime%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=5c258d2a4b9344ad&msg=Loading%20quicktime%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 98aa94d8-55a5-4803-8c39-302a4896662d
X-Runtime: 0.002105
X-Host-Info: lw-prod-us-i-05fa15b454c46f1be, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=quicktime%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=quicktime%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=5c258d2a4b9344ad&msg=quicktime%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: d1544264-8d08-41d5-83c8-257e606a0841
X-Runtime: 0.003296
X-Host-Info: lw-prod-us-i-0420c71664e52123c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=Loading%20RealPlayer%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=Loading%20RealPlayer%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=5c258d2a4b9344ad&msg=Loading%20RealPlayer%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 24567c78-d7b8-4e09-8740-05322d045f37
X-Runtime: 0.001721
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=realplayer%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=realplayer%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=5c258d2a4b9344ad&msg=realplayer%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 883c7cbe-af38-4906-9715-1b1ccf763681
X-Runtime: 0.001555
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=silverlight%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=silverlight%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=5c258d2a4b9344ad&msg=silverlight%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: e388e199-997d-476e-a8f4-878c326937c4
X-Runtime: 0.001511
X-Host-Info: lw-prod-us-i-05fa15b454c46f1be, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=Loading%20Silverlight%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=Loading%20Silverlight%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=5c258d2a4b9344ad&msg=Loading%20Silverlight%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: c78cf919-c43b-422b-a7a8-d343f22054e4
X-Runtime: 0.002239
X-Host-Info: lw-prod-us-i-0a6a908399b74e6df, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=5c258d2a4b9344ad&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 1a88b7d0-631c-40e1-9c27-6c5cb7b61940
X-Runtime: 0.001896
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=wmp%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=wmp%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=5c258d2a4b9344ad&msg=wmp%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 1f28ef11-71b7-49bc-9f7c-105b2f3c12bc
X-Runtime: 0.001655
X-Host-Info: lw-prod-us-i-05fa15b454c46f1be, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=training_page_no_browser_post&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=training_page_no_browser_post&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=5c258d2a4b9344ad&msg=training_page_no_browser_post&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: b20042c3-6822-4b6a-bd43-28d52b1786e3
X-Runtime: 0.001601
X-Host-Info: lw-prod-us-i-0420c71664e52123c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=redirect_url%20is%20undefined&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21

52.44.195.56

200 OK

20 B

URL HTTP/1.1
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=redirect_url%20is%20undefined&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP
52.44.195.56:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec

HTTP Headers

GET /trace?id=5c258d2a4b9344ad&msg=redirect_url%20is%20undefined&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 3942d0fd-9636-468a-b75f-3ba891e47359
X-Runtime: 0.001741
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (17)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML