login.shippingupdate.net/22258d2b2b934427?l=55
52.44.195.56200 OK 972 B URL HTTP/1.1 login.shippingupdate.net/22258d2b2b934427?l=55
IP 52.44.195.56:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash baab8ab5175858326f358abfd86a4b32
24436e155f65fe7826e09f1ad4792aa4aadb5455
a710b0c8dea11a2b9fb399e8d0b7e0b9aeaffbfd251ba8995425e015dffb0a07
GET /22258d2b2b934427?l=55 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:06 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
ETag: W/"a785d9a3f41896a6c96ae812fd9ca619"
Cache-Control: max-age=0, private, must-revalidate
Set-Cookie: EXFILGUID=258d2b9344; path=/
link_clicked_258d2b9344=1; path=/
X-Request-Id: 0f24f5db-1a1f-47ad-81f6-3e3b889e3b91
X-Runtime: 0.013232
X-Host-Info: lw-prod-us-i-05fa15b454c46f1be, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b7407cc102d62a5acd5e61f8a79bed36
c2f4890a62454e514962b55b7fc14228339c8e90
be282de92da261128a7c8471f3067466aa9930fd0ab2a2cdda8cd2d6ce2bbd74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE282DE92DA261128A7C8471F3067466AA9930FD0AB2A2CDDA8CD2D6CE2BBD74"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2654
Expires: Wed, 08 Feb 2023 21:57:20 GMT
Date: Wed, 08 Feb 2023 21:13:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10087
Expires: Thu, 09 Feb 2023 00:01:13 GMT
Date: Wed, 08 Feb 2023 21:13:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11796
Expires: Thu, 09 Feb 2023 00:29:42 GMT
Date: Wed, 08 Feb 2023 21:13:06 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 08 Feb 2023 20:36:43 GMT
content-type: application/json
age: 2183
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: F4HR18WHqwAwvBoCBF1IjBfS6jFIMXt0VwQRImAowIr5VqLjNUGD7hUL/GTCB8LeGaoKR09zc+8=
x-amz-request-id: 5WRYAPPM7NWFQHWH
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 08 Feb 2023 20:46:06 GMT
age: 1620
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 21:13:06 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
54.230.245.128200 OK 3.0 kB URL HTTP/1.1 d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
IP 54.230.245.128:0
File type ASCII text, with very long lines (6636), with no line terminators
Hash 6103bb5e4ec6141e19e1100caafc780c
1396838ef637042cbf702f6b5fdcd0281d93feb9
ccba3500aa323de51765587835fcd4842d46e4e2384e5cfd067506d0b6fc8a78
GET /bugsnag-2.min.js HTTP/1.1
Host: d2wy8f7a9ursnm.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 2962
Connection: keep-alive
Last-Modified: Wed, 10 Aug 2016 00:30:49 GMT
Content-Encoding: gzip
x-amz-version-id: null
Accept-Ranges: bytes
Server: AmazonS3
Date: Wed, 08 Feb 2023 05:09:21 GMT
Cache-Control: public, max-age=604800
ETag: "6103bb5e4ec6141e19e1100caafc780c"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: BP6qPKJtsUO7Ohapw--HzJ2NeQh11SmwPhPhb6uDrA_Z5rvz5FJkQw==
Age: 587005
java.com/js/deployJava.js
95.101.10.131302 Found 0 B URL HTTP/2 java.com/js/deployJava.js
IP 95.101.10.131:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/deployJava.js HTTP/1.1
Host: java.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://login.shippingupdate.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: AkamaiGHost
content-length: 0
location: https://www.java.com/js/deployJava.js
cache-control: max-age=86400
expires: Thu, 09 Feb 2023 21:13:06 GMT
date: Wed, 08 Feb 2023 21:13:06 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
akamai-grn: 0.7f0a655f.1675890786.444ff9e
set-cookie: akaalb_OCE_Failover=1675890846~op=JCOM_OCE:oceProdappJcomProdOrigin|~rv=37~m=oceProdappJcomProdOrigin:0|~os=2708f36cb43ca861e42dc0215e4669c5~id=442fe7099376883018d34aa32d3c2579; path=/; Expires=Wed, 08 Feb 2023 21:14:06 GMT; Secure; SameSite=None
x-xss-protection: 1
X-Firefox-Spdy: h2
login.shippingupdate.net/assets/all.js?g=258d2b9344
52.44.195.56200 OK 7.2 kB URL HTTP/1.1 login.shippingupdate.net/assets/all.js?g=258d2b9344
IP 52.44.195.56:0
Hash db7c58fc21f4bbb0900fed3889f61df2
24047c64e0dbdbcc8eef175a42dc1911f7f8a6aa
5a1dcea95a97b018b93cc58089502fd2069d508c02088c0c6a49533fef91afb7
GET /assets/all.js?g=258d2b9344 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:06 GMT
Content-Type: application/javascript
Content-Length: 7191
Connection: keep-alive
Last-Modified: Thu, 19 Jan 2023 14:03:29 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Server: ThreatSim-Web-Server
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public
Access-Control-Allow-Origin: *
login.shippingupdate.net/assets/ajax/libs/jquery/1.9.1/jquery.min.js
52.44.195.56200 OK 33 kB URL HTTP/1.1 login.shippingupdate.net/assets/ajax/libs/jquery/1.9.1/jquery.min.js
IP 52.44.195.56:0
File type ASCII text, with very long lines (32089)
Hash 1dca01c6231917aabe380a98f67dae36
c6c800587eadd27a45cd29ef6d05742182e1454c
47126bab74ac1fd0c429292dfde3face2f931752c30e527888763166088b451c
Analyzer Verdict Alert fortinet Phishing
GET /assets/ajax/libs/jquery/1.9.1/jquery.min.js HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 19 Jan 2023 14:03:29 GMT
Vary: Accept-Encoding
Server: ThreatSim-Web-Server
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public
Access-Control-Allow-Origin: *
Content-Encoding: gzip
www.java.com/js/deployJava.js
95.101.10.131200 OK 5.5 kB URL HTTP/2 www.java.com/js/deployJava.js
IP 95.101.10.131:0
ASN #20940 Akamai International B.V.
File type HTML document, ASCII text, with very long lines (18444), with no line terminators
Hash 7f24f47af4c9617cb4d6f5642bf5938f
2b5514af68aeead50ee564396a4eae2997e54939
59ccf883b6624b37724c791977919c9116d1025c1a20def63f4fb8984d47b3e1
GET /js/deployJava.js HTTP/1.1
Host: www.java.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://login.shippingupdate.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-disposition: attachment; filename="deployJava.js";filename*=UTF-8''deployJava.js
content-encoding: gzip
etag: D07B023847CD4DC5C4ED4AB4FC46AD47BDD6E99A0663:19
x-content-type-options: nosniff
x-oracle-dms-ecid: b53b70d7-8e10-469f-a56c-440abaee13cc-0469beae
x-oracle-dms-rid: 0
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
content-length: 5512
unused62: 8096267
cache-control: public, max-age=86400
expires: Thu, 09 Feb 2023 21:13:07 GMT
date: Wed, 08 Feb 2023 21:13:07 GMT
vary: Accept-Encoding
server-timing: cdn-cache; desc=HIT, edge; dur=29
akamai-grn: 0.7f0a655f.1675890787.445005d
set-cookie: akaalb_OCE_Failover=1675890847~op=JCOM_OCE:oceProdappJcomProdOrigin|~rv=75~m=oceProdappJcomProdOrigin:0|~os=2708f36cb43ca861e42dc0215e4669c5~id=b22befe662bcdd22c4c4a83b1527b1cc; path=/; Expires=Wed, 08 Feb 2023 21:14:07 GMT; Secure; SameSite=None
x-xss-protection: 1
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash b62cc5ef1a79b8b97b5715d57e0af6e3
1aa6fa0822a1583d3fbca5e8d8b2c36954bc218c
82810671603c33f2b44f0e95a7365717731c7a31e2b4f15d4c308ec5552c3f81
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 08 Feb 2023 21:13:07 GMT
Last-Modified: Wed, 08 Feb 2023 20:15:24 GMT
Server: ECS (nyb/1D04)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: NPb4qzNMj-zHZWAzS6qJ7eZerSywPXBdHtvwef-Bl2sg2Q7tJpqwJg==
Age: 3463
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash b62cc5ef1a79b8b97b5715d57e0af6e3
1aa6fa0822a1583d3fbca5e8d8b2c36954bc218c
82810671603c33f2b44f0e95a7365717731c7a31e2b4f15d4c308ec5552c3f81
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 08 Feb 2023 21:13:07 GMT
Last-Modified: Wed, 08 Feb 2023 20:15:21 GMT
Server: ECS (nyb/1D34)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: qEkBnnAwr_-jzyrZbzjLOHh9y5Ie0ucbJDzRNJgMXj-RMHeMblPg8g==
Age: 3466
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash b62cc5ef1a79b8b97b5715d57e0af6e3
1aa6fa0822a1583d3fbca5e8d8b2c36954bc218c
82810671603c33f2b44f0e95a7365717731c7a31e2b4f15d4c308ec5552c3f81
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 08 Feb 2023 21:13:07 GMT
Last-Modified: Wed, 08 Feb 2023 20:15:24 GMT
Server: ECS (nyb/1D04)
X-Cache: Miss from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: P4Ny_RvOsVz4UjnEsjWZYTiqAuTcPd3GyMd35x5QS5oWYpUa2HXIhA==
Age: 3463
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash b62cc5ef1a79b8b97b5715d57e0af6e3
1aa6fa0822a1583d3fbca5e8d8b2c36954bc218c
82810671603c33f2b44f0e95a7365717731c7a31e2b4f15d4c308ec5552c3f81
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 08 Feb 2023 21:13:07 GMT
Last-Modified: Wed, 08 Feb 2023 20:15:19 GMT
Server: ECS (bsa/EB13)
X-Cache: Miss from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: h_f-eoz06Plw9pUY8tGAW_kp5gqGA3BLnUdSsqwfMUsfPlWvT6wJYQ==
Age: 3468
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash b62cc5ef1a79b8b97b5715d57e0af6e3
1aa6fa0822a1583d3fbca5e8d8b2c36954bc218c
82810671603c33f2b44f0e95a7365717731c7a31e2b4f15d4c308ec5552c3f81
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=149624
Date: Wed, 08 Feb 2023 21:13:07 GMT
Etag: "63e3a84f-1d7"
Expires: Fri, 10 Feb 2023 14:46:51 GMT
Last-Modified: Wed, 08 Feb 2023 13:49:03 GMT
Server: ECS (bsa/EB15)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: HyGKf3016BABUAIU7wdNDi_T3z3UvzjrpZTcDo57P0FBbdtf2WcB8w==
Age: 3468
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Retry-After, Content-Length, Content-Type, ETag, Cache-Control, Alert, Pragma, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 08 Feb 2023 20:51:20 GMT
age: 1307
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
tslp.s3.amazonaws.com/detect/quicktime.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.217.93.164200 OK 7.0 kB URL HTTP/1.1 tslp.s3.amazonaws.com/detect/quicktime.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.217.93.164:0
File type ASCII text, with very long lines (322)
Hash ee73f2f47d51116dc40b85a6b57eaf20
6c42011667bac1fa6c3272a11b510f22962d72a2
6ae53963f41133561c78b4332b564c01f551c471cd91d980436a9f5dacdd8f19
GET /detect/quicktime.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://login.shippingupdate.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 4Va0DIhVkawBuFAImOX1NglCPi+D9tzhYVzESoGGblVNeomXQFdZpQBzPnYRN6s9GL+UL4UX+tY=
x-amz-request-id: Q87Q6J2JK82EVVN4
Date: Wed, 08 Feb 2023 21:13:08 GMT
Last-Modified: Wed, 15 Feb 2017 14:41:05 GMT
ETag: "ee73f2f47d51116dc40b85a6b57eaf20"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 6999
tslp.s3.amazonaws.com/detect/flash.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.217.93.164200 OK 6.7 kB URL HTTP/1.1 tslp.s3.amazonaws.com/detect/flash.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.217.93.164:0
Hash f9ad9a096894ba248e4a1f73e7eba1be
f2449ce5f7a5c42ffdcc5f087a75b2513e73592c
a26d01d5912459798481786640dc44fd7605d09f2f9e6dd24720205efcab6861
GET /detect/flash.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://login.shippingupdate.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: YG55TKWVPs1nxccHfI/rCdo6q/RC9cSmuAE8CACneTRg2RvVfJRnJ7PZpanXuckXfA6PJZ/N7iI=
x-amz-request-id: Q87W9MBSB1BSZ9NM
Date: Wed, 08 Feb 2023 21:13:08 GMT
Last-Modified: Wed, 15 Feb 2017 03:54:01 GMT
ETag: "f9ad9a096894ba248e4a1f73e7eba1be"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 6680
tslp.s3.amazonaws.com/detect/realplayer.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.217.93.164200 OK 9.8 kB URL HTTP/1.1 tslp.s3.amazonaws.com/detect/realplayer.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.217.93.164:0
Hash 3d7be656672c16a34806c13388410325
c391646c980c60d75c35b33a974c97ae88114eef
88be902cc76b5ec1ec932b6ae93457b6b0ca69d7a36bfadefc2f24db225dc238
GET /detect/realplayer.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://login.shippingupdate.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: YL6dmxajUJahrKjBDL3joFF1CY0V2t6szpzQg1f9vcHtMsZRJN6XZUK2QhF+zICkykTR3L5/UtQ=
x-amz-request-id: Q87T5HY2ZJ8MV5Z7
Date: Wed, 08 Feb 2023 21:13:08 GMT
Last-Modified: Wed, 15 Feb 2017 14:45:02 GMT
ETag: "3d7be656672c16a34806c13388410325"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 9775
tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.217.93.164200 OK 50 kB URL HTTP/1.1 tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.217.93.164:0
File type ASCII text, with very long lines (306)
Hash 00a513f07603df01e3b99be00f370754
f0c03b1c50f39c95075df687cd55f18861631526
4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a
GET /detect/plugin_detect.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://login.shippingupdate.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: +QA9sVipszK6n4lEGVz2OjofVdrUgaqUWhueaRs4gO9uIKA17TfRqkUcCU43Parrhsy7xXxNr8Y=
x-amz-request-id: Q87GDCKK20GCNB3B
Date: Wed, 08 Feb 2023 21:13:08 GMT
Last-Modified: Wed, 15 Feb 2017 17:56:07 GMT
ETag: "00a513f07603df01e3b99be00f370754"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 50085
tslp.s3.amazonaws.com/detect/pdf.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.217.93.164200 OK 23 kB URL HTTP/1.1 tslp.s3.amazonaws.com/detect/pdf.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.217.93.164:0
Hash 0d5882d41c8b6e40059c8d9acbcf1518
53103565f3c07416fc691583a43a91943dbf0809
d9b7c6163477008469af64b211e2dbd4f4171b85b51e3714f11c99f9ba2c32f9
GET /detect/pdf.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://login.shippingupdate.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: Nhs1+7xKLPa2vpgHqQFhA7CNh07vu8TIxbqWm6NmY+DdCrNkg6AZMAs0Ptl0wOu1i9vdCX/gzVU=
x-amz-request-id: Q87ZAS8N01V7N982
Date: Wed, 08 Feb 2023 21:13:08 GMT
Last-Modified: Wed, 15 Feb 2017 14:39:34 GMT
ETag: "0d5882d41c8b6e40059c8d9acbcf1518"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 22855
tslp.s3.amazonaws.com/detect/silverlight.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.217.93.164200 OK 4.2 kB URL HTTP/1.1 tslp.s3.amazonaws.com/detect/silverlight.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.217.93.164:0
Hash e6dd596d2bc204ea573b868b92028c26
fa58bba4c9a01b3764a881949a8423b773d8a338
0730a7e6770925fa4232096e4d9874514985ec791a63fe873f0e4e3cd7722381
GET /detect/silverlight.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://login.shippingupdate.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: T57oaELcQgXB4i7h3zZtCOt40P8jnQ7Bblmti2LyWTnB7j0tbpBT4MaH3Cl9nK8FPzzIhZYbPOI=
x-amz-request-id: Q87PDDTRW0480KKJ
Date: Wed, 08 Feb 2023 21:13:08 GMT
Last-Modified: Wed, 15 Feb 2017 18:00:03 GMT
ETag: "e6dd596d2bc204ea573b868b92028c26"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 4234
tslp.s3.amazonaws.com/detect/java.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.217.93.164200 OK 51 kB URL HTTP/1.1 tslp.s3.amazonaws.com/detect/java.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.217.93.164:0
Hash 2bec0061039dc3fb25fc20aaf611d5b9
dfc11b0662ac5950d309e2615e887032dd1dde0c
4805fc6abdad8075af2165e241b781c3073d4769ae725e4004bf79064acb5f24
GET /detect/java.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://login.shippingupdate.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: gSfZbFZfsvJ5F96XKy4WemYx++7q+7jJRtPLMqE2SxCoW7rbsS+6vBE96kSTtM/faFqmygQ7RMU=
x-amz-request-id: Q87TV6STRG6P7766
Date: Wed, 08 Feb 2023 21:13:08 GMT
Last-Modified: Wed, 15 Feb 2017 14:38:28 GMT
ETag: "2bec0061039dc3fb25fc20aaf611d5b9"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 50717
tslp.s3.amazonaws.com/detect/wmp.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.217.93.164200 OK 5.9 kB URL HTTP/1.1 tslp.s3.amazonaws.com/detect/wmp.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.217.93.164:0
Hash ffd2cc77bb64d40beeb5d561fffe1f79
6cb535641677d27e4de591ceb3c4e2f408826e7d
cdb16ca3ddd3cead71121799751fa80d3033375abcdbc5fc84d35fb82c7fc9de
GET /detect/wmp.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://login.shippingupdate.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: NAdjntouiGa5gzeM1+XQvznciMTFQZpSS2Sv19/ggk0HW9rKMAzq2vZvMFffl6ykVlGh13ccECw=
x-amz-request-id: Q87S4G5DV9SDASB8
Date: Wed, 08 Feb 2023 21:13:08 GMT
Last-Modified: Wed, 15 Feb 2017 15:07:14 GMT
ETag: "ffd2cc77bb64d40beeb5d561fffe1f79"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 5941
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7605
Expires: Wed, 08 Feb 2023 23:19:52 GMT
Date: Wed, 08 Feb 2023 21:13:07 GMT
Connection: keep-alive
login.shippingupdate.net/trace?id=258d2b9344&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=258d2b9344&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=258d2b9344&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: fe200d2f-e2fe-46fe-b805-e01818af6f4a
X-Runtime: 0.002027
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=258d2b9344&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=258d2b9344&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=258d2b9344&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 2be929be-8602-4769-bde7-e614fd4fda5f
X-Runtime: 0.002070
X-Host-Info: lw-prod-us-i-05fa15b454c46f1be, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=258d2b9344&msg=BrowserDetect%20-%20browser%20%3D%20Firefox&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=258d2b9344&msg=BrowserDetect%20-%20browser%20%3D%20Firefox&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=258d2b9344&msg=BrowserDetect%20-%20browser%20%3D%20Firefox&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: d42cc8a2-19cb-443d-9932-86a5aeaf6ae8
X-Runtime: 0.001684
X-Host-Info: lw-prod-us-i-0420c71664e52123c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=258d2b9344&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=258d2b9344&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=258d2b9344&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 95b1f898-2fdf-49fa-8001-ac2535263f78
X-Runtime: 0.001994
X-Host-Info: lw-prod-us-i-05fa15b454c46f1be, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/secure/browser_post
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/secure/browser_post
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
Analyzer Verdict Alert fortinet Phishing
POST /secure/browser_post HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 1099
Origin: http://login.shippingupdate.net
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:07 GMT
Content-Type: image/gif; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Vary: Accept-Encoding, Accept
Cache-Control: no-cache
X-Request-Id: c212ad0b-5c79-460d-a623-cb2ae3b5fdea
X-Runtime: 0.009182
X-Host-Info: lw-prod-us-i-0a6a908399b74e6df, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=258d2b9344&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=258d2b9344&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=258d2b9344&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 1fcbbc96-96e3-422c-a119-05a5993fc86c
X-Runtime: 0.001513
X-Host-Info: lw-prod-us-i-05fa15b454c46f1be, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=258d2b9344&msg=BrowserDetect%20-%20os_version%20%3D%2010&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=258d2b9344&msg=BrowserDetect%20-%20os_version%20%3D%2010&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=258d2b9344&msg=BrowserDetect%20-%20os_version%20%3D%2010&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 3fee3724-4a5d-4de8-a8c2-728e308951fb
X-Runtime: 0.001880
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=258d2b9344&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=258d2b9344&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=258d2b9344&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 6f0b8b5d-898e-44d0-93cd-f1a87ecb1fb0
X-Runtime: 0.001770
X-Host-Info: lw-prod-us-i-0a6a908399b74e6df, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=258d2b9344&msg=BrowserDetect%20-%20width%20%3D%201280&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=258d2b9344&msg=BrowserDetect%20-%20width%20%3D%201280&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=258d2b9344&msg=BrowserDetect%20-%20width%20%3D%201280&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: b1535cee-9036-49ee-8060-1ed3a587f939
X-Runtime: 0.001693
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=258d2b9344&msg=BrowserDetect%20-%20height%20%3D%201024&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=258d2b9344&msg=BrowserDetect%20-%20height%20%3D%201024&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=258d2b9344&msg=BrowserDetect%20-%20height%20%3D%201024&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: b8c32be5-111c-4c88-8622-76f6a1d3c8fa
X-Runtime: 0.001820
X-Host-Info: lw-prod-us-i-0a6a908399b74e6df, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=258d2b9344&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=258d2b9344&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=258d2b9344&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 0255f8c9-51d4-4c1e-8e25-4266d41ed32c
X-Runtime: 0.001791
X-Host-Info: lw-prod-us-i-05fa15b454c46f1be, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
push.services.mozilla.com/
34.216.140.79101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.216.140.79:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: jO5Apdno61fD/GSDboV7vw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: oiBxlrVe4xihorp72bk/Iz2vjeg=
login.shippingupdate.net/trace?id=258d2b9344&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=258d2b9344&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=258d2b9344&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 6e39a08f-75ef-45a8-bace-1e11a670237c
X-Runtime: 0.001725
X-Host-Info: lw-prod-us-i-0420c71664e52123c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=258d2b9344&msg=java_version_pl%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=258d2b9344&msg=java_version_pl%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=258d2b9344&msg=java_version_pl%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 3710df32-90c8-42c3-b609-d391f545ccf3
X-Runtime: 0.001865
X-Host-Info: lw-prod-us-i-0a6a908399b74e6df, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=258d2b9344&msg=java_version_jres%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=258d2b9344&msg=java_version_jres%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=258d2b9344&msg=java_version_jres%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: b9b79d02-6e17-4489-a41c-acae508e6b04
X-Runtime: 0.001687
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=258d2b9344&msg=Loading%20flash%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=258d2b9344&msg=Loading%20flash%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=258d2b9344&msg=Loading%20flash%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: e60a794b-47e1-4d11-8c77-6519aea6f4f0
X-Runtime: 0.002234
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=258d2b9344&msg=java_version%20%3D%20undefined&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=258d2b9344&msg=java_version%20%3D%20undefined&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=258d2b9344&msg=java_version%20%3D%20undefined&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 3f943187-d6ad-4682-93ad-c2fd001139ac
X-Runtime: 0.001864
X-Host-Info: lw-prod-us-i-0420c71664e52123c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=258d2b9344&msg=flash%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=258d2b9344&msg=flash%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=258d2b9344&msg=flash%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: a96442a3-5e26-4aff-8862-e2287b67c6c9
X-Runtime: 0.001955
X-Host-Info: lw-prod-us-i-0a6a908399b74e6df, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=258d2b9344&msg=Loading%20pdf%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=258d2b9344&msg=Loading%20pdf%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=258d2b9344&msg=Loading%20pdf%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: b99af3bc-7380-4fe5-86ef-0ccab106ab88
X-Runtime: 0.001734
X-Host-Info: lw-prod-us-i-0420c71664e52123c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=258d2b9344&msg=pdf%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=258d2b9344&msg=pdf%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=258d2b9344&msg=pdf%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 886aba22-8697-48ad-a814-044993bfc17f
X-Runtime: 0.001932
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=258d2b9344&msg=Could%20not%20find%20AdobeReader%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=258d2b9344&msg=Could%20not%20find%20AdobeReader%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=258d2b9344&msg=Could%20not%20find%20AdobeReader%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 23514900-cd90-4cf3-9567-e9f7424ef0b0
X-Runtime: 0.002378
X-Host-Info: lw-prod-us-i-0a6a908399b74e6df, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=258d2b9344&msg=quicktime%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=258d2b9344&msg=quicktime%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=258d2b9344&msg=quicktime%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 04a6a3d6-aaa1-4f70-b12c-794beaebb3e3
X-Runtime: 0.001784
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=258d2b9344&msg=Loading%20quicktime%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=258d2b9344&msg=Loading%20quicktime%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=258d2b9344&msg=Loading%20quicktime%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 7b4f26a2-2f95-40e0-ba28-d27fd04c614e
X-Runtime: 0.002015
X-Host-Info: lw-prod-us-i-0420c71664e52123c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=258d2b9344&msg=Loading%20RealPlayer%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=258d2b9344&msg=Loading%20RealPlayer%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=258d2b9344&msg=Loading%20RealPlayer%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 0c5075f5-575f-4e02-a7a6-18f2e06c6c62
X-Runtime: 0.001753
X-Host-Info: lw-prod-us-i-0a6a908399b74e6df, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=258d2b9344&msg=realplayer%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=258d2b9344&msg=realplayer%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=258d2b9344&msg=realplayer%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 395351e9-c3bb-4a73-a0e2-1d265b2e9184
X-Runtime: 0.001528
X-Host-Info: lw-prod-us-i-0420c71664e52123c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=258d2b9344&msg=Loading%20Silverlight%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=258d2b9344&msg=Loading%20Silverlight%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=258d2b9344&msg=Loading%20Silverlight%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: c42f9a7e-e34e-468d-abec-b7a0a4dfbafd
X-Runtime: 0.002007
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=258d2b9344&msg=silverlight%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=258d2b9344&msg=silverlight%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=258d2b9344&msg=silverlight%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 5e0b4963-3491-453a-84ce-b0902a5b34e7
X-Runtime: 0.001800
X-Host-Info: lw-prod-us-i-0a6a908399b74e6df, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=258d2b9344&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=258d2b9344&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=258d2b9344&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: c0db32c5-9953-42fe-bf76-0b483086d5d3
X-Runtime: 0.001875
X-Host-Info: lw-prod-us-i-0420c71664e52123c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=258d2b9344&msg=wmp%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=258d2b9344&msg=wmp%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=258d2b9344&msg=wmp%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 8798380d-3bed-4b08-9c04-dec95224ea5b
X-Runtime: 0.001954
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=258d2b9344&msg=redirecting%20to%20%2Fload_training%3Fguid%3D5c258d2a4b9344ad%26correlation_id%3D5150a660-fdce-4e3e-95dd-c3d85d540c21&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=258d2b9344&msg=redirecting%20to%20%2Fload_training%3Fguid%3D5c258d2a4b9344ad%26correlation_id%3D5150a660-fdce-4e3e-95dd-c3d85d540c21&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=258d2b9344&msg=redirecting%20to%20%2Fload_training%3Fguid%3D5c258d2a4b9344ad%26correlation_id%3D5150a660-fdce-4e3e-95dd-c3d85d540c21&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: aedb4e38-2f8f-4c40-83c9-3af3664047f8
X-Runtime: 0.002146
X-Host-Info: lw-prod-us-i-0a6a908399b74e6df, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=258d2b9344&msg=BrowserDetect%20-%20browser_version%20%3D%20105&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=258d2b9344&msg=BrowserDetect%20-%20browser_version%20%3D%20105&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=258d2b9344&msg=BrowserDetect%20-%20browser_version%20%3D%20105&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: f7c888a9-2eed-4a00-a3ea-e06a0602c57c
X-Runtime: 0.001398
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=258d2b9344&msg=browser_post_successful&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=258d2b9344&msg=browser_post_successful&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=258d2b9344&msg=browser_post_successful&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: f984352a-3b48-438a-a3bf-48238d2dabd9
X-Runtime: 0.001374
X-Host-Info: lw-prod-us-i-05fa15b454c46f1be, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=258d2b9344&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=258d2b9344&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=258d2b9344&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 9454dadc-7c9f-40c5-97ee-181f18ef5cab
X-Runtime: 0.001728
X-Host-Info: lw-prod-us-i-0a6a908399b74e6df, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/favicon.ico
52.44.195.56200 OK 0 B URL HTTP/1.1 login.shippingupdate.net/favicon.ico
IP 52.44.195.56:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:08 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Last-Modified: Thu, 19 Jan 2023 14:03:29 GMT
ETag: "63c94db1-0"
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 1.9 kB URL HTTP/1.1 login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (822)
Hash 65543f4471a1a5904dfa4a66eea0aed1
3d20826b288721c43790e882261f442bd633c28a
b8248829ce4c1e68ad1f75731a2b578ffabff1b01960e7c93305e3608b3e6500
GET /load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/22258d2b2b934427?l=55
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:08 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
ETag: W/"1792d2ad47976bb82afccde1ba61255c"
Cache-Control: max-age=0, private, must-revalidate
X-Request-Id: 3afd84ad-2712-422e-bda7-cbd5b1fa36b9
X-Runtime: 0.014907
X-Host-Info: lw-prod-us-i-0420c71664e52123c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/assets/all.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 7.2 kB URL HTTP/1.1 login.shippingupdate.net/assets/all.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash db7c58fc21f4bbb0900fed3889f61df2
24047c64e0dbdbcc8eef175a42dc1911f7f8a6aa
5a1dcea95a97b018b93cc58089502fd2069d508c02088c0c6a49533fef91afb7
GET /assets/all.js?guid=258d2b9344&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:08 GMT
Content-Type: application/javascript
Content-Length: 7191
Connection: keep-alive
Last-Modified: Thu, 19 Jan 2023 14:03:29 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Server: ThreatSim-Web-Server
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public
Access-Control-Allow-Origin: *
login.shippingupdate.net/assets/ajax/libs/jquery/1.11.0/jquery.min.js
52.44.195.56200 OK 33 kB URL HTTP/1.1 login.shippingupdate.net/assets/ajax/libs/jquery/1.11.0/jquery.min.js
IP 52.44.195.56:0
File type ASCII text, with very long lines (32341)
Hash 47fef3745452b8af6196adc0e73084f0
482da2d6a2499d3127eb3dc073bc80c530a047fd
416a096f0dce236c69c9376cb7571be669d610767262a9b940d3d34a34ee1058
Analyzer Verdict Alert fortinet Phishing
GET /assets/ajax/libs/jquery/1.11.0/jquery.min.js HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 19 Jan 2023 14:03:29 GMT
Vary: Accept-Encoding
Server: ThreatSim-Web-Server
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=unknown&msg=get-id%20is%20undefined&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=unknown&msg=get-id%20is%20undefined&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=unknown&msg=get-id%20is%20undefined&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 78d21744-a277-4b44-9b4b-038eb7264da8
X-Runtime: 0.001797
X-Host-Info: lw-prod-us-i-0a6a908399b74e6df, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=undefined&msg=window.tracking_id%20is%20not%20set%2C%20let%27s%20get%20it&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=undefined&msg=window.tracking_id%20is%20not%20set%2C%20let%27s%20get%20it&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=undefined&msg=window.tracking_id%20is%20not%20set%2C%20let%27s%20get%20it&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 09fada52-07d2-4916-b140-1c431557ec13
X-Runtime: 0.001879
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=unknown&msg=did%20not%20find%20guid%20in%20last%20part%20of%20location&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=unknown&msg=did%20not%20find%20guid%20in%20last%20part%20of%20location&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=unknown&msg=did%20not%20find%20guid%20in%20last%20part%20of%20location&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 79c32a40-724c-4ddb-ab50-a6bf4559b445
X-Runtime: 0.001954
X-Host-Info: lw-prod-us-i-05fa15b454c46f1be, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 1780fe72-5278-4ffc-92f2-638b93c09166
X-Runtime: 0.001696
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 2d76dfea-47e8-44cc-b943-0234c9f301aa
X-Runtime: 0.002027
X-Host-Info: lw-prod-us-i-0a6a908399b74e6df, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 4878639a-be07-4a74-8fc7-c62df5658f84
X-Runtime: 0.001719
X-Host-Info: lw-prod-us-i-05fa15b454c46f1be, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20browser%20%3D%20Firefox&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20browser%20%3D%20Firefox&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20browser%20%3D%20Firefox&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 9e535c8f-f04c-4ee8-b6fb-fc43bd5380e1
X-Runtime: 0.001907
X-Host-Info: lw-prod-us-i-0420c71664e52123c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: d0564813-90b5-4826-b9b9-9d2d8a6dd7da
X-Runtime: 0.001672
X-Host-Info: lw-prod-us-i-0a6a908399b74e6df, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20browser_version%20%3D%20105&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20browser_version%20%3D%20105&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20browser_version%20%3D%20105&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: e9c12fa5-1659-4ea6-b65c-55e528f8ac49
X-Runtime: 0.002937
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20os_version%20%3D%2010&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20os_version%20%3D%2010&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20os_version%20%3D%2010&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 00ace2bf-7d40-4336-975a-f968238ee79d
X-Runtime: 0.001079
X-Host-Info: lw-prod-us-i-0420c71664e52123c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 576848e4-4733-4adb-ad65-c0a1957862cf
X-Runtime: 0.001363
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 6c272001-afa1-475e-862a-655764ee9637
X-Runtime: 0.001574
X-Host-Info: lw-prod-us-i-0a6a908399b74e6df, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20width%20%3D%201280&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20width%20%3D%201280&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20width%20%3D%201280&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: ea76fe99-508b-4e75-a8d7-469ee2571a99
X-Runtime: 0.001594
X-Host-Info: lw-prod-us-i-05fa15b454c46f1be, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20height%20%3D%201024&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20height%20%3D%201024&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5c258d2a4b9344ad&msg=BrowserDetect%20-%20height%20%3D%201024&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 66fe5faa-8e32-43b0-ba37-ea3e2205220f
X-Runtime: 0.001746
X-Host-Info: lw-prod-us-i-0420c71664e52123c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5c258d2a4b9344ad&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 83da64fc-357d-4847-8d1d-1c4dadc4d94f
X-Runtime: 0.001719
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=java_version_pl%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=java_version_pl%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5c258d2a4b9344ad&msg=java_version_pl%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: ffceebc5-b795-4ac8-9cbd-85bb69ffbf2d
X-Runtime: 0.001569
X-Host-Info: lw-prod-us-i-05fa15b454c46f1be, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5c258d2a4b9344ad&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: c479cfa2-1cf6-4983-97d0-47fe41bc2586
X-Runtime: 0.001682
X-Host-Info: lw-prod-us-i-0420c71664e52123c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=java_version_jres%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=java_version_jres%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5c258d2a4b9344ad&msg=java_version_jres%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: b34681f7-99cd-4a8e-b5b3-79331ab30e52
X-Runtime: 0.001972
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=java_version%20%3D%20undefined&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=java_version%20%3D%20undefined&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5c258d2a4b9344ad&msg=java_version%20%3D%20undefined&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: d88f8c35-78af-4e57-bc2a-00aa8f92bc4a
X-Runtime: 0.001657
X-Host-Info: lw-prod-us-i-05fa15b454c46f1be, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10016
Expires: Thu, 09 Feb 2023 00:00:05 GMT
Date: Wed, 08 Feb 2023 21:13:09 GMT
Connection: keep-alive
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=Loading%20flash%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=Loading%20flash%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5c258d2a4b9344ad&msg=Loading%20flash%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 9233c77b-1de0-4d0c-bc6e-448584e4f8ab
X-Runtime: 0.001886
X-Host-Info: lw-prod-us-i-0420c71664e52123c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=flash%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=flash%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5c258d2a4b9344ad&msg=flash%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 3d35abb4-198b-4854-9aa0-24dbe3412c64
X-Runtime: 0.001987
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10016
Expires: Thu, 09 Feb 2023 00:00:05 GMT
Date: Wed, 08 Feb 2023 21:13:09 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99e021e8-f66e-44fd-94ca-b30d25a8f5b4.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99e021e8-f66e-44fd-94ca-b30d25a8f5b4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 544181f4aba24fc687a14522dd20f720
2b117270563b8c466ec774acce55271c38f6135b
607c45cc5b4726b92c8507988bbb90ac6a44a3cf22b290030d440266350099a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99e021e8-f66e-44fd-94ca-b30d25a8f5b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4961
x-amzn-requestid: c3b9db99-726f-4473-a6b6-9cff0dceb949
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fswe1GeRoAMFiAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63db612b-17b52fcd74e374f1104af709;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 07:07:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dSxTM3mmYK8cLOy5_x4o-lew1goEgwT4fBHi0pM-HSK_qBC6rDAlzg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 05:47:57 GMT
age: 55512
etag: "2b117270563b8c466ec774acce55271c38f6135b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8532aa1-7280-445c-9c4c-b562d09929d0.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8532aa1-7280-445c-9c4c-b562d09929d0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1d2eccb9280b851aa1725df5681f6bbd
b4e2b14ee5bc9ee6c9c05666c34b2d1b6ec425b5
c64ece16f4c550feb05db1bccbf74b49d839e77fea31893d48a3f0c267939c92
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8532aa1-7280-445c-9c4c-b562d09929d0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10328
x-amzn-requestid: 0b0b3fcd-416c-47ac-afa0-51be0ab85665
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_PPlGGqoAMFxYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c596-219ee5023d71e4ce17d49233;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:41:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pNBF_lBtNmvVWQAnBxCp0e03pdV_rbGOf9V1UvqeRO2vcZR3_lSE2w==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:55:21 GMT
age: 83868
etag: "b4e2b14ee5bc9ee6c9c05666c34b2d1b6ec425b5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbee0b552-d236-4fa2-b702-1571b09d3fd6.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbee0b552-d236-4fa2-b702-1571b09d3fd6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash db6e81972b8835dc48a0dae751ffde5f
826e2195cc52905cfed0bc4f01646290261113b6
720e6105b2ccc9cbc8fd005d53873ced5467a852c7a5041ce2ef96785c0d92f7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbee0b552-d236-4fa2-b702-1571b09d3fd6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6060
x-amzn-requestid: 80cbc454-e1b4-4e53-a3b6-3a5ac11920c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_PPQEPNIAMFkqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c594-4539ebb17f27d88a47100a82;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:41:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WvujLqUMXZ4VAF2OePAIOdk96p6-GwwVcWEGORS2NKZ3XxgGIZHAww==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:55:15 GMT
age: 83874
etag: "826e2195cc52905cfed0bc4f01646290261113b6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a39697d-4bed-4ebe-970d-d9950958f814.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a39697d-4bed-4ebe-970d-d9950958f814.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5de2fe3c9a2b091689a7213c4f781446
385fa88a857ba301f37ab56d72d11fb49abd8c6b
b64b11a68493fa304aa6102bf9b9ff11fab5e1536ecf768e4b0fa51470ae2293
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a39697d-4bed-4ebe-970d-d9950958f814.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 13714
x-amzn-requestid: 8f776dba-4e5d-46e5-a3ac-459d86852375
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_PFjGNHIAMFrMA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c556-74429dc755cc37672c68b58b;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:40:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KYWj40o5goODdNjGr_Evrb_bfXcxtJRIyGvs7ViEWlELAyJt0-ZzMw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:54:14 GMT
age: 83935
etag: "385fa88a857ba301f37ab56d72d11fb49abd8c6b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F308abacb-8d5b-49bf-9e2b-59b6b40157cb.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F308abacb-8d5b-49bf-9e2b-59b6b40157cb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2bf626b824fefec1ecaceb9243f2e5ec
f222976d76d889a0cd767bfd73075ee114c531ce
3f981850c6e6628245be7f7e26418d8b945dbeaf45e06492d8e2ee9409245195
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F308abacb-8d5b-49bf-9e2b-59b6b40157cb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 12772
x-amzn-requestid: a4603c5c-c842-4a1d-bf09-550f160e1082
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7OEz8oAMFbOg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c514-763b7ecf50411a4d13dd8a25;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ECAdRS7as57pL15HxK4Ep0YOho8Kba8RFhMVnXGdJuKYItQHNf2yHA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:54:14 GMT
age: 83935
etag: "f222976d76d889a0cd767bfd73075ee114c531ce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7e586b8-49f5-40c3-b0d4-f6cdfc375a2b.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7e586b8-49f5-40c3-b0d4-f6cdfc375a2b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 18a84ae645223aba0709b5e16c0207f7
0b865e797846520ccc6fff6fb2ee38d8836bd2c0
b1e4868045f074a84e3de1d82ec3ae22f6d2a1a4131b2a40bcce7f3f5375aff7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7e586b8-49f5-40c3-b0d4-f6cdfc375a2b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9760
x-amzn-requestid: d5d8fdde-048f-4705-9fa4-99fd7d29d804
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f582DETSIAMFmEA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0a826-52a3b175584df1914260c8ae;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 07:11:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: wUaruDuqNDIlR6CWz9G7DAofcvS7UNmtPM7C2ve-RRbp57J43rWPxQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 07:27:43 GMT
age: 49526
etag: "0b865e797846520ccc6fff6fb2ee38d8836bd2c0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10016
Expires: Thu, 09 Feb 2023 00:00:05 GMT
Date: Wed, 08 Feb 2023 21:13:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10016
Expires: Thu, 09 Feb 2023 00:00:05 GMT
Date: Wed, 08 Feb 2023 21:13:09 GMT
Connection: keep-alive
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=Loading%20pdf%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=Loading%20pdf%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5c258d2a4b9344ad&msg=Loading%20pdf%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 5885946c-3e29-4a46-b864-e68049958a42
X-Runtime: 0.002021
X-Host-Info: lw-prod-us-i-0a6a908399b74e6df, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=Could%20not%20find%20AdobeReader%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=Could%20not%20find%20AdobeReader%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5c258d2a4b9344ad&msg=Could%20not%20find%20AdobeReader%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: af37026f-2f8f-46ed-bf66-f9ca8ba7854f
X-Runtime: 0.001410
X-Host-Info: lw-prod-us-i-05fa15b454c46f1be, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=pdf%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=pdf%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5c258d2a4b9344ad&msg=pdf%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: ad1f8376-7d08-46b4-9df7-4c4189c8e2a1
X-Runtime: 0.001816
X-Host-Info: lw-prod-us-i-0420c71664e52123c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10016
Expires: Thu, 09 Feb 2023 00:00:05 GMT
Date: Wed, 08 Feb 2023 21:13:09 GMT
Connection: keep-alive
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=Loading%20quicktime%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=Loading%20quicktime%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5c258d2a4b9344ad&msg=Loading%20quicktime%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 98aa94d8-55a5-4803-8c39-302a4896662d
X-Runtime: 0.002105
X-Host-Info: lw-prod-us-i-05fa15b454c46f1be, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=quicktime%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=quicktime%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5c258d2a4b9344ad&msg=quicktime%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: d1544264-8d08-41d5-83c8-257e606a0841
X-Runtime: 0.003296
X-Host-Info: lw-prod-us-i-0420c71664e52123c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=Loading%20RealPlayer%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=Loading%20RealPlayer%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5c258d2a4b9344ad&msg=Loading%20RealPlayer%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 24567c78-d7b8-4e09-8740-05322d045f37
X-Runtime: 0.001721
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=realplayer%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=realplayer%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5c258d2a4b9344ad&msg=realplayer%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 883c7cbe-af38-4906-9715-1b1ccf763681
X-Runtime: 0.001555
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=silverlight%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=silverlight%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5c258d2a4b9344ad&msg=silverlight%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: e388e199-997d-476e-a8f4-878c326937c4
X-Runtime: 0.001511
X-Host-Info: lw-prod-us-i-05fa15b454c46f1be, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=Loading%20Silverlight%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=Loading%20Silverlight%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5c258d2a4b9344ad&msg=Loading%20Silverlight%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: c78cf919-c43b-422b-a7a8-d343f22054e4
X-Runtime: 0.002239
X-Host-Info: lw-prod-us-i-0a6a908399b74e6df, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5c258d2a4b9344ad&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 1a88b7d0-631c-40e1-9c27-6c5cb7b61940
X-Runtime: 0.001896
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=wmp%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=wmp%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5c258d2a4b9344ad&msg=wmp%20%3D%20unknown&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 1f28ef11-71b7-49bc-9f7c-105b2f3c12bc
X-Runtime: 0.001655
X-Host-Info: lw-prod-us-i-05fa15b454c46f1be, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=training_page_no_browser_post&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=training_page_no_browser_post&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5c258d2a4b9344ad&msg=training_page_no_browser_post&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: b20042c3-6822-4b6a-bd43-28d52b1786e3
X-Runtime: 0.001601
X-Host-Info: lw-prod-us-i-0420c71664e52123c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=redirect_url%20is%20undefined&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
52.44.195.56200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=5c258d2a4b9344ad&msg=redirect_url%20is%20undefined&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
IP 52.44.195.56:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=5c258d2a4b9344ad&msg=redirect_url%20is%20undefined&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=5c258d2a4b9344ad&correlation_id=5150a660-fdce-4e3e-95dd-c3d85d540c21
Connection: keep-alive
Cookie: EXFILGUID=258d2b9344; link_clicked_258d2b9344=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:13:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 3942d0fd-9636-468a-b75f-3ba891e47359
X-Runtime: 0.001741
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip