Report - corp-internal.com

Report Overview

Visitedpublic

2024-05-14 19:16:26

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP	Fingerprints
corp-internal.com	565861	2011-03-01	2015-08-28 18:31:35	2023-11-10 22:59:04	16 kB	80 kB	34.204.228.16

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (3)

	URL	From	Size	First Seen	Last Seen
	corp-internal.com/	ScriptElement	0 B	0001-01-01	2025-08-02
URL corp-internal.com/ IP / ASN 34.204.228.16 #14618 AMAZON-AES Introduced by ScriptElement Embedded true Resource Info First Seen 0001-01-01 Last Seen 2025-08-02 Times Seen 5608718 Size 0 B (0 bytes) MD5 d41d8cd98f00b204e9800998ecf8427e SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Format Code Loading...

	corp-internal.com/assets/ajax/libs/jquery/1.11.0/jquery.min.js	ScriptElement	96 kB	2023-03-07	2025-08-02
URL corp-internal.com/assets/ajax/libs/jquery/1.11.0/jquery.min.js IP / ASN 34.204.228.16 #14618 AMAZON-AES Introduced by ScriptElement Embedded false Resource Info First Seen 2023-03-07 Last Seen 2025-08-02 Times Seen 12999 Size 96 kB (96381 bytes) MD5 8fc25e27d42774aeae6edbc0a18b72aa SHA1 b66ed708717bf0b4a005a4d0113af8843ef3b8ff SHA256 b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682 Format Code Loading...

	corp-internal.com/assets/all.js?g=infopage	ScriptElement	28 kB	2023-03-07	2025-08-01
URL corp-internal.com/assets/all.js?g=infopage IP / ASN 34.204.228.16 #14618 AMAZON-AES Introduced by ScriptElement Embedded false Resource Info First Seen 2023-03-07 Last Seen 2025-08-01 Times Seen 1503 Size 28 kB (28406 bytes) MD5 097f74fc8f861ece148262a652ab806a SHA1 305ecb552c3ff6bd24b56333fab6e731eb81ed30 SHA256 39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9 Format Code Loading...

HTTP Transactions (33)

	URL	IP	Response	Size
	GET corp-internal.com/assets/all.js?g=infopage	34.204.228.16	200 OK	7.2 kB
URL corp-internal.com/assets/all.js?g=infopage IP / ASN 34.204.228.16 #14618 AMAZON-AES Requested byhttps://corp-internal.com/ Resource Info File typeJavaScript source, ASCII text First Seen2023-03-07 Last Seen2025-08-01 Times Seen1503 Size7.2 kB (7191 bytes) MD5097f74fc8f861ece148262a652ab806a SHA1305ecb552c3ff6bd24b56333fab6e731eb81ed30 SHA25639b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9 Certificate Info IssuerAmazon Subjectbreaking-news-now.com FingerprintB5:9F:65:CF:CB:9F:62:06:21:6A:E7:7B:9D:1A:F8:6F:08:39:86:48 ValidityTue, 19 Mar 2024 00:00:00 GMT - Fri, 18 Apr 2025 23:59:59 GMT HTTP Headers `GET /assets/all.js?g=infopage HTTP/1.1 Host: corp-internal.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://corp-internal.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK date: Tue, 14 May 2024 19:16:01 GMT content-type: application/javascript content-length: 7191 last-modified: Thu, 11 Apr 2024 13:01:26 GMT vary: Accept-Encoding content-encoding: gzip server: ThreatSim-Web-Server expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000, public access-control-allow-origin: * X-Firefox-Spdy: h2`

	GET corp-internal.com/assets/ajax/libs/jquery/1.11.0/jquery.min.js	34.204.228.16	200 OK	33 kB
URL corp-internal.com/assets/ajax/libs/jquery/1.11.0/jquery.min.js IP / ASN 34.204.228.16 #14618 AMAZON-AES Requested byhttps://corp-internal.com/ Resource Info File typeJavaScript source, ASCII text, with very long lines (32341) First Seen2023-03-07 Last Seen2025-08-02 Times Seen12999 Size33 kB (33357 bytes) MD58fc25e27d42774aeae6edbc0a18b72aa SHA1b66ed708717bf0b4a005a4d0113af8843ef3b8ff SHA256b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682 Certificate Info IssuerAmazon Subjectbreaking-news-now.com FingerprintB5:9F:65:CF:CB:9F:62:06:21:6A:E7:7B:9D:1A:F8:6F:08:39:86:48 ValidityTue, 19 Mar 2024 00:00:00 GMT - Fri, 18 Apr 2025 23:59:59 GMT HTTP Headers `GET /assets/ajax/libs/jquery/1.11.0/jquery.min.js HTTP/1.1 Host: corp-internal.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://corp-internal.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK date: Tue, 14 May 2024 19:16:01 GMT content-type: application/javascript last-modified: Thu, 11 Apr 2024 13:01:26 GMT vary: Accept-Encoding server: ThreatSim-Web-Server expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000, public access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2`

	GET corp-internal.com/trace?id=infopage&msg=browser_post_successful&correlation_id=undefined	34.204.228.16	200 OK	7.7 kB
URL corp-internal.com/trace?id=infopage&msg=browser_post_successful&correlation_id=undefined IP / ASN 34.204.228.16 #14618 AMAZON-AES Requested byhttps://corp-internal.com/ Resource Info File typegzip compressed data, max compression, from Unix First Seen2024-08-19 Last Seen2024-08-19 Times Seen1 Size7.7 kB (7680 bytes) MD55e8b666a08f5e7dd819f938b28bcab11 SHA1e208df3898808cdcbd43e2c929530e493b9c37f0 SHA2566a51feb5718853c47eaf47bb2c9553eb92ab48459cb769f1272c4089aa14851a Certificate Info IssuerAmazon Subjectbreaking-news-now.com FingerprintB5:9F:65:CF:CB:9F:62:06:21:6A:E7:7B:9D:1A:F8:6F:08:39:86:48 ValidityTue, 19 Mar 2024 00:00:00 GMT - Fri, 18 Apr 2025 23:59:59 GMT HTTP Headers `GET /trace?id=infopage&msg=browser_post_successful&correlation_id=undefined HTTP/1.1 Host: corp-internal.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://corp-internal.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Tue, 14 May 2024 19:16:02 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: 2755e241-49c5-4939-93d5-b0942e54168b x-runtime: 0.001964 x-host-info: lw-prod-us-i-0249dd4db3d5bbac8, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	GET corp-internal.com/trace?id=infopage&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=undefined	34.204.228.16	200 OK	0 B
URL corp-internal.com/trace?id=infopage&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=undefined IP / ASN 34.204.228.16 #14618 AMAZON-AES Requested byhttps://corp-internal.com/ Resource Info File typeN/A First Seen0001-01-01 Last Seen2025-08-02 Times Seen5608718 Size0 B (0 bytes) MD5d41d8cd98f00b204e9800998ecf8427e SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Certificate Info IssuerAmazon Subjectbreaking-news-now.com FingerprintB5:9F:65:CF:CB:9F:62:06:21:6A:E7:7B:9D:1A:F8:6F:08:39:86:48 ValidityTue, 19 Mar 2024 00:00:00 GMT - Fri, 18 Apr 2025 23:59:59 GMT HTTP Headers `GET /trace?id=infopage&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=undefined HTTP/1.1 Host: corp-internal.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://corp-internal.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 14 May 2024 19:16:01 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: 0554450d-92e4-4fcf-88a7-499201e16323 x-runtime: 0.002131 x-host-info: lw-prod-us-i-0c1d85d7ca1fd3a79, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	GET corp-internal.com/trace?id=infopage&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=undefined	34.204.228.16	200 OK	0 B
URL corp-internal.com/trace?id=infopage&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=undefined IP / ASN 34.204.228.16 #14618 AMAZON-AES Requested byhttps://corp-internal.com/ Resource Info File typeN/A First Seen0001-01-01 Last Seen2025-08-02 Times Seen5608718 Size0 B (0 bytes) MD5d41d8cd98f00b204e9800998ecf8427e SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Certificate Info IssuerAmazon Subjectbreaking-news-now.com FingerprintB5:9F:65:CF:CB:9F:62:06:21:6A:E7:7B:9D:1A:F8:6F:08:39:86:48 ValidityTue, 19 Mar 2024 00:00:00 GMT - Fri, 18 Apr 2025 23:59:59 GMT HTTP Headers `GET /trace?id=infopage&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=undefined HTTP/1.1 Host: corp-internal.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://corp-internal.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 14 May 2024 19:16:01 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: 8c345cc1-c430-4d9f-844b-69c1b45308b2 x-runtime: 0.001363 x-host-info: lw-prod-us-i-04e567bbd45ed26b3, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	GET corp-internal.com/trace?id=infopage&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=undefined	34.204.228.16	200 OK	0 B
URL corp-internal.com/trace?id=infopage&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=undefined IP / ASN 34.204.228.16 #14618 AMAZON-AES Requested byhttps://corp-internal.com/ Resource Info File typeN/A First Seen0001-01-01 Last Seen2025-08-02 Times Seen5608718 Size0 B (0 bytes) MD5d41d8cd98f00b204e9800998ecf8427e SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Certificate Info IssuerAmazon Subjectbreaking-news-now.com FingerprintB5:9F:65:CF:CB:9F:62:06:21:6A:E7:7B:9D:1A:F8:6F:08:39:86:48 ValidityTue, 19 Mar 2024 00:00:00 GMT - Fri, 18 Apr 2025 23:59:59 GMT HTTP Headers `GET /trace?id=infopage&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=undefined HTTP/1.1 Host: corp-internal.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://corp-internal.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 14 May 2024 19:16:01 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: ff3192f8-c209-4582-b0a2-642638bb3738 x-runtime: 0.001281 x-host-info: lw-prod-us-i-09ea3b3608d2092f7, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	GET corp-internal.com/log?id=infopage&sev=1&msg=can%27t%20access%20property%20%22getVersion%22%2C%20window.plugin_detector%20is%20undefined&correlation_id=undefined	34.204.228.16	200 OK	0 B
URL corp-internal.com/log?id=infopage&sev=1&msg=can%27t%20access%20property%20%22getVersion%22%2C%20window.plugin_detector%20is%20undefined&correlation_id=undefined IP / ASN 34.204.228.16 #14618 AMAZON-AES Requested byhttps://corp-internal.com/ Resource Info File typeN/A First Seen0001-01-01 Last Seen2025-08-02 Times Seen5608718 Size0 B (0 bytes) MD5d41d8cd98f00b204e9800998ecf8427e SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Certificate Info IssuerAmazon Subjectbreaking-news-now.com FingerprintB5:9F:65:CF:CB:9F:62:06:21:6A:E7:7B:9D:1A:F8:6F:08:39:86:48 ValidityTue, 19 Mar 2024 00:00:00 GMT - Fri, 18 Apr 2025 23:59:59 GMT HTTP Headers GET /log?id=infopage&sev=1&msg=can%27t%20access%20property%20%22getVersion%22%2C%20window.plugin_detector%20is%20undefined&correlation_id=undefined HTTP/1.1 Host: corp-internal.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://corp-internal.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Tue, 14 May 2024 19:16:02 GMT content-type: image/gif; charset=utf-8 vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: 27d2fcb6-ba25-46d4-8d02-a2a1736bffbc x-runtime: 0.001765 x-host-info: lw-prod-us-i-04e567bbd45ed26b3, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	GET corp-internal.com/	34.204.228.16	200 OK	2.2 kB
URL corp-internal.com/ IP / ASN 34.204.228.16 #14618 AMAZON-AES Requested byN/A Resource Info File typeHTML document, Unicode text, UTF-8 text, with very long lines (2477), with no line terminators First Seen2023-05-11 Last Seen2025-03-31 Times Seen33 Size2.2 kB (2214 bytes) MD52c6ec4bdfddc8ad6f71c0fc3546d5446 SHA1229864223d1cd1a070a3bb09319081714d1ba636 SHA25683ceeb90d520857aee23626addf9c48ba7cc8977c0cee8cfbb33f02084aefdd9 Certificate Info IssuerAmazon Subjectbreaking-news-now.com FingerprintB5:9F:65:CF:CB:9F:62:06:21:6A:E7:7B:9D:1A:F8:6F:08:39:86:48 ValidityTue, 19 Mar 2024 00:00:00 GMT - Fri, 18 Apr 2025 23:59:59 GMT HTTP Headers `GET / HTTP/1.1 Host: corp-internal.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 14 May 2024 19:16:01 GMT content-type: text/html; charset=utf-8 vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin etag: W/"c0623a98220d6586761a01bc71f85279" cache-control: max-age=0, private, must-revalidate x-request-id: b4a77ec4-5aa3-4dbf-9ed6-5e007ad4c6be x-runtime: 0.002232 x-host-info: lw-prod-us-i-09ea3b3608d2092f7, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	GET corp-internal.com/trace?id=infopage&msg=BrowserDetect%20-%20os_version%20%3D%20&correlation_id=undefined	34.204.228.16	200 OK	0 B
URL corp-internal.com/trace?id=infopage&msg=BrowserDetect%20-%20os_version%20%3D%20&correlation_id=undefined IP / ASN 34.204.228.16 #14618 AMAZON-AES Requested byhttps://corp-internal.com/ Resource Info File typeN/A First Seen0001-01-01 Last Seen2025-08-02 Times Seen5608718 Size0 B (0 bytes) MD5d41d8cd98f00b204e9800998ecf8427e SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Certificate Info IssuerAmazon Subjectbreaking-news-now.com FingerprintB5:9F:65:CF:CB:9F:62:06:21:6A:E7:7B:9D:1A:F8:6F:08:39:86:48 ValidityTue, 19 Mar 2024 00:00:00 GMT - Fri, 18 Apr 2025 23:59:59 GMT HTTP Headers `GET /trace?id=infopage&msg=BrowserDetect%20-%20os_version%20%3D%20&correlation_id=undefined HTTP/1.1 Host: corp-internal.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://corp-internal.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 14 May 2024 19:16:01 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: 1b2616a0-e725-4dc4-99fc-d6f188f0409b x-runtime: 0.001668 x-host-info: lw-prod-us-i-0c1d85d7ca1fd3a79, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	GET corp-internal.com/trace?id=infopage&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=undefined	34.204.228.16	200 OK	0 B
URL corp-internal.com/trace?id=infopage&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=undefined IP / ASN 34.204.228.16 #14618 AMAZON-AES Requested byhttps://corp-internal.com/ Resource Info File typeN/A First Seen0001-01-01 Last Seen2025-08-02 Times Seen5608718 Size0 B (0 bytes) MD5d41d8cd98f00b204e9800998ecf8427e SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Certificate Info IssuerAmazon Subjectbreaking-news-now.com FingerprintB5:9F:65:CF:CB:9F:62:06:21:6A:E7:7B:9D:1A:F8:6F:08:39:86:48 ValidityTue, 19 Mar 2024 00:00:00 GMT - Fri, 18 Apr 2025 23:59:59 GMT HTTP Headers `GET /trace?id=infopage&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=undefined HTTP/1.1 Host: corp-internal.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://corp-internal.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 14 May 2024 19:16:01 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: 75175e99-7bf4-4e2e-ae74-a08f9af113f2 x-runtime: 0.001383 x-host-info: lw-prod-us-i-0249dd4db3d5bbac8, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	GET corp-internal.com/trace?id=infopage&msg=BrowserDetect%20-%20plugin%20Chromium%20PDF%20Viewer&correlation_id=undefined	34.204.228.16	200 OK	0 B
URL corp-internal.com/trace?id=infopage&msg=BrowserDetect%20-%20plugin%20Chromium%20PDF%20Viewer&correlation_id=undefined IP / ASN 34.204.228.16 #14618 AMAZON-AES Requested byhttps://corp-internal.com/ Resource Info File typeN/A First Seen0001-01-01 Last Seen2025-08-02 Times Seen5608718 Size0 B (0 bytes) MD5d41d8cd98f00b204e9800998ecf8427e SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Certificate Info IssuerAmazon Subjectbreaking-news-now.com FingerprintB5:9F:65:CF:CB:9F:62:06:21:6A:E7:7B:9D:1A:F8:6F:08:39:86:48 ValidityTue, 19 Mar 2024 00:00:00 GMT - Fri, 18 Apr 2025 23:59:59 GMT HTTP Headers `GET /trace?id=infopage&msg=BrowserDetect%20-%20plugin%20Chromium%20PDF%20Viewer&correlation_id=undefined HTTP/1.1 Host: corp-internal.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://corp-internal.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 14 May 2024 19:16:02 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: 0ad7ec5c-5ec3-488f-9075-50f53d966a50 x-runtime: 0.002391 x-host-info: lw-prod-us-i-0c1d85d7ca1fd3a79, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	GET corp-internal.com/trace?id=infopage&msg=Skipping%20java%20detection&correlation_id=undefined	34.204.228.16	200 OK	0 B
URL corp-internal.com/trace?id=infopage&msg=Skipping%20java%20detection&correlation_id=undefined IP / ASN 34.204.228.16 #14618 AMAZON-AES Requested byhttps://corp-internal.com/ Resource Info File typeN/A First Seen0001-01-01 Last Seen2025-08-02 Times Seen5608718 Size0 B (0 bytes) MD5d41d8cd98f00b204e9800998ecf8427e SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Certificate Info IssuerAmazon Subjectbreaking-news-now.com FingerprintB5:9F:65:CF:CB:9F:62:06:21:6A:E7:7B:9D:1A:F8:6F:08:39:86:48 ValidityTue, 19 Mar 2024 00:00:00 GMT - Fri, 18 Apr 2025 23:59:59 GMT HTTP Headers `GET /trace?id=infopage&msg=Skipping%20java%20detection&correlation_id=undefined HTTP/1.1 Host: corp-internal.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://corp-internal.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 14 May 2024 19:16:02 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: be12aa1e-e5aa-4a89-bc4a-d4f19ab90edc x-runtime: 0.001808 x-host-info: lw-prod-us-i-04e567bbd45ed26b3, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	GET corp-internal.com/trace?id=infopage&msg=Loading%20quicktime%20version&correlation_id=undefined	34.204.228.16	200 OK	0 B
URL corp-internal.com/trace?id=infopage&msg=Loading%20quicktime%20version&correlation_id=undefined IP / ASN 34.204.228.16 #14618 AMAZON-AES Requested byhttps://corp-internal.com/ Resource Info File typeN/A First Seen0001-01-01 Last Seen2025-08-02 Times Seen5608718 Size0 B (0 bytes) MD5d41d8cd98f00b204e9800998ecf8427e SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Certificate Info IssuerAmazon Subjectbreaking-news-now.com FingerprintB5:9F:65:CF:CB:9F:62:06:21:6A:E7:7B:9D:1A:F8:6F:08:39:86:48 ValidityTue, 19 Mar 2024 00:00:00 GMT - Fri, 18 Apr 2025 23:59:59 GMT HTTP Headers `GET /trace?id=infopage&msg=Loading%20quicktime%20version&correlation_id=undefined HTTP/1.1 Host: corp-internal.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://corp-internal.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 14 May 2024 19:16:02 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: 2431625f-796f-408d-951e-b629d0fee524 x-runtime: 0.001097 x-host-info: lw-prod-us-i-04e567bbd45ed26b3, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	GET corp-internal.com/trace?id=infopage&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=undefined	34.204.228.16	200 OK	0 B
URL corp-internal.com/trace?id=infopage&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=undefined IP / ASN 34.204.228.16 #14618 AMAZON-AES Requested byhttps://corp-internal.com/ Resource Info File typeN/A First Seen0001-01-01 Last Seen2025-08-02 Times Seen5608718 Size0 B (0 bytes) MD5d41d8cd98f00b204e9800998ecf8427e SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Certificate Info IssuerAmazon Subjectbreaking-news-now.com FingerprintB5:9F:65:CF:CB:9F:62:06:21:6A:E7:7B:9D:1A:F8:6F:08:39:86:48 ValidityTue, 19 Mar 2024 00:00:00 GMT - Fri, 18 Apr 2025 23:59:59 GMT HTTP Headers `GET /trace?id=infopage&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=undefined HTTP/1.1 Host: corp-internal.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://corp-internal.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 14 May 2024 19:16:02 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: 978a7377-ee10-4ad2-9de2-08353b9f4777 x-runtime: 0.001566 x-host-info: lw-prod-us-i-09ea3b3608d2092f7, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	GET corp-internal.com/trace?id=infopage&msg=BrowserDetect%20-%20browser_version%20%3D%2096&correlation_id=undefined	34.204.228.16	200 OK	0 B
URL corp-internal.com/trace?id=infopage&msg=BrowserDetect%20-%20browser_version%20%3D%2096&correlation_id=undefined IP / ASN 34.204.228.16 #14618 AMAZON-AES Requested byhttps://corp-internal.com/ Resource Info File typeN/A First Seen0001-01-01 Last Seen2025-08-02 Times Seen5608718 Size0 B (0 bytes) MD5d41d8cd98f00b204e9800998ecf8427e SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Certificate Info IssuerAmazon Subjectbreaking-news-now.com FingerprintB5:9F:65:CF:CB:9F:62:06:21:6A:E7:7B:9D:1A:F8:6F:08:39:86:48 ValidityTue, 19 Mar 2024 00:00:00 GMT - Fri, 18 Apr 2025 23:59:59 GMT HTTP Headers `GET /trace?id=infopage&msg=BrowserDetect%20-%20browser_version%20%3D%2096&correlation_id=undefined HTTP/1.1 Host: corp-internal.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://corp-internal.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 14 May 2024 19:16:01 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: d1dad1a0-7e11-419b-a95c-b1213ba9afd3 x-runtime: 0.001202 x-host-info: lw-prod-us-i-09ea3b3608d2092f7, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	GET corp-internal.com/trace?id=infopage&msg=BrowserDetect%20-%20width%20%3D%201280&correlation_id=undefined	34.204.228.16	200 OK	0 B
URL corp-internal.com/trace?id=infopage&msg=BrowserDetect%20-%20width%20%3D%201280&correlation_id=undefined IP / ASN 34.204.228.16 #14618 AMAZON-AES Requested byhttps://corp-internal.com/ Resource Info File typeN/A First Seen0001-01-01 Last Seen2025-08-02 Times Seen5608718 Size0 B (0 bytes) MD5d41d8cd98f00b204e9800998ecf8427e SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Certificate Info IssuerAmazon Subjectbreaking-news-now.com FingerprintB5:9F:65:CF:CB:9F:62:06:21:6A:E7:7B:9D:1A:F8:6F:08:39:86:48 ValidityTue, 19 Mar 2024 00:00:00 GMT - Fri, 18 Apr 2025 23:59:59 GMT HTTP Headers `GET /trace?id=infopage&msg=BrowserDetect%20-%20width%20%3D%201280&correlation_id=undefined HTTP/1.1 Host: corp-internal.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://corp-internal.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 14 May 2024 19:16:02 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: 7e0d7141-3d4d-4034-b1c1-7f732f16d9ac x-runtime: 0.002931 x-host-info: lw-prod-us-i-0249dd4db3d5bbac8, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	GET corp-internal.com/trace?id=infopage&msg=BrowserDetect%20-%20height%20%3D%201024&correlation_id=undefined	34.204.228.16	200 OK	0 B
URL corp-internal.com/trace?id=infopage&msg=BrowserDetect%20-%20height%20%3D%201024&correlation_id=undefined IP / ASN 34.204.228.16 #14618 AMAZON-AES Requested byhttps://corp-internal.com/ Resource Info File typeN/A First Seen0001-01-01 Last Seen2025-08-02 Times Seen5608718 Size0 B (0 bytes) MD5d41d8cd98f00b204e9800998ecf8427e SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Certificate Info IssuerAmazon Subjectbreaking-news-now.com FingerprintB5:9F:65:CF:CB:9F:62:06:21:6A:E7:7B:9D:1A:F8:6F:08:39:86:48 ValidityTue, 19 Mar 2024 00:00:00 GMT - Fri, 18 Apr 2025 23:59:59 GMT HTTP Headers `GET /trace?id=infopage&msg=BrowserDetect%20-%20height%20%3D%201024&correlation_id=undefined HTTP/1.1 Host: corp-internal.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://corp-internal.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 14 May 2024 19:16:02 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: e8d1e640-8038-4b8c-a3ad-0088eead0505 x-runtime: 0.001455 x-host-info: lw-prod-us-i-04e567bbd45ed26b3, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	GET corp-internal.com/trace?id=infopage&msg=Loading%20flash%20version&correlation_id=undefined	34.204.228.16	200 OK	0 B
URL corp-internal.com/trace?id=infopage&msg=Loading%20flash%20version&correlation_id=undefined IP / ASN 34.204.228.16 #14618 AMAZON-AES Requested byhttps://corp-internal.com/ Resource Info File typeN/A First Seen0001-01-01 Last Seen2025-08-02 Times Seen5608718 Size0 B (0 bytes) MD5d41d8cd98f00b204e9800998ecf8427e SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Certificate Info IssuerAmazon Subjectbreaking-news-now.com FingerprintB5:9F:65:CF:CB:9F:62:06:21:6A:E7:7B:9D:1A:F8:6F:08:39:86:48 ValidityTue, 19 Mar 2024 00:00:00 GMT - Fri, 18 Apr 2025 23:59:59 GMT HTTP Headers `GET /trace?id=infopage&msg=Loading%20flash%20version&correlation_id=undefined HTTP/1.1 Host: corp-internal.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://corp-internal.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 14 May 2024 19:16:02 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: 1acdca3b-0db5-497e-a0ea-95776d68a864 x-runtime: 0.002018 x-host-info: lw-prod-us-i-0c1d85d7ca1fd3a79, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	GET corp-internal.com/trace?id=infopage&msg=Loading%20pdf%20version&correlation_id=undefined	34.204.228.16	200 OK	0 B
URL corp-internal.com/trace?id=infopage&msg=Loading%20pdf%20version&correlation_id=undefined IP / ASN 34.204.228.16 #14618 AMAZON-AES Requested byhttps://corp-internal.com/ Resource Info File typeN/A First Seen0001-01-01 Last Seen2025-08-02 Times Seen5608718 Size0 B (0 bytes) MD5d41d8cd98f00b204e9800998ecf8427e SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Certificate Info IssuerAmazon Subjectbreaking-news-now.com FingerprintB5:9F:65:CF:CB:9F:62:06:21:6A:E7:7B:9D:1A:F8:6F:08:39:86:48 ValidityTue, 19 Mar 2024 00:00:00 GMT - Fri, 18 Apr 2025 23:59:59 GMT HTTP Headers `GET /trace?id=infopage&msg=Loading%20pdf%20version&correlation_id=undefined HTTP/1.1 Host: corp-internal.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://corp-internal.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 14 May 2024 19:16:02 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: 65d1b3e6-21af-4110-94d5-3b7423643259 x-runtime: 0.003631 x-host-info: lw-prod-us-i-09ea3b3608d2092f7, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	GET corp-internal.com/trace?id=infopage&msg=redirect_url%20is%20undefined&correlation_id=undefined	34.204.228.16	200 OK	0 B
URL corp-internal.com/trace?id=infopage&msg=redirect_url%20is%20undefined&correlation_id=undefined IP / ASN 34.204.228.16 #14618 AMAZON-AES Requested byhttps://corp-internal.com/ Resource Info File typeN/A First Seen0001-01-01 Last Seen2025-08-02 Times Seen5608718 Size0 B (0 bytes) MD5d41d8cd98f00b204e9800998ecf8427e SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Certificate Info IssuerAmazon Subjectbreaking-news-now.com FingerprintB5:9F:65:CF:CB:9F:62:06:21:6A:E7:7B:9D:1A:F8:6F:08:39:86:48 ValidityTue, 19 Mar 2024 00:00:00 GMT - Fri, 18 Apr 2025 23:59:59 GMT HTTP Headers `GET /trace?id=infopage&msg=redirect_url%20is%20undefined&correlation_id=undefined HTTP/1.1 Host: corp-internal.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://corp-internal.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 14 May 2024 19:16:02 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: 2a99e8ed-8661-45d5-84a3-76d2360b4be0 x-runtime: 0.001297 x-host-info: lw-prod-us-i-0c1d85d7ca1fd3a79, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	GET corp-internal.com/favicon.ico	34.204.228.16	200 OK	0 B
URL corp-internal.com/favicon.ico IP / ASN 34.204.228.16 #14618 AMAZON-AES Requested byhttps://corp-internal.com/ Resource Info File typeN/A First Seen0001-01-01 Last Seen2025-08-02 Times Seen5608718 Size0 B (0 bytes) MD5d41d8cd98f00b204e9800998ecf8427e SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Certificate Info IssuerAmazon Subjectbreaking-news-now.com FingerprintB5:9F:65:CF:CB:9F:62:06:21:6A:E7:7B:9D:1A:F8:6F:08:39:86:48 ValidityTue, 19 Mar 2024 00:00:00 GMT - Fri, 18 Apr 2025 23:59:59 GMT HTTP Headers `GET /favicon.ico HTTP/1.1 Host: corp-internal.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://corp-internal.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK date: Tue, 14 May 2024 19:16:01 GMT content-type: image/x-icon content-length: 0 last-modified: Thu, 11 Apr 2024 13:01:26 GMT etag: "6617df26-0" server: ThreatSim-Web-Server access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2`

	GET corp-internal.com/trace?id=infopage&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=undefined	34.204.228.16	200 OK	0 B
URL corp-internal.com/trace?id=infopage&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=undefined IP / ASN 34.204.228.16 #14618 AMAZON-AES Requested byhttps://corp-internal.com/ Resource Info File typeN/A First Seen0001-01-01 Last Seen2025-08-02 Times Seen5608718 Size0 B (0 bytes) MD5d41d8cd98f00b204e9800998ecf8427e SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Certificate Info IssuerAmazon Subjectbreaking-news-now.com FingerprintB5:9F:65:CF:CB:9F:62:06:21:6A:E7:7B:9D:1A:F8:6F:08:39:86:48 ValidityTue, 19 Mar 2024 00:00:00 GMT - Fri, 18 Apr 2025 23:59:59 GMT HTTP Headers `GET /trace?id=infopage&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=undefined HTTP/1.1 Host: corp-internal.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://corp-internal.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 14 May 2024 19:16:01 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: da92e3c8-0c4a-424d-862e-461c6b52b3a0 x-runtime: 0.001409 x-host-info: lw-prod-us-i-09ea3b3608d2092f7, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	GET corp-internal.com/trace?id=infopage&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=undefined	34.204.228.16	200 OK	0 B
URL corp-internal.com/trace?id=infopage&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=undefined IP / ASN 34.204.228.16 #14618 AMAZON-AES Requested byhttps://corp-internal.com/ Resource Info File typeN/A First Seen0001-01-01 Last Seen2025-08-02 Times Seen5608718 Size0 B (0 bytes) MD5d41d8cd98f00b204e9800998ecf8427e SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Certificate Info IssuerAmazon Subjectbreaking-news-now.com FingerprintB5:9F:65:CF:CB:9F:62:06:21:6A:E7:7B:9D:1A:F8:6F:08:39:86:48 ValidityTue, 19 Mar 2024 00:00:00 GMT - Fri, 18 Apr 2025 23:59:59 GMT HTTP Headers `GET /trace?id=infopage&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=undefined HTTP/1.1 Host: corp-internal.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://corp-internal.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 14 May 2024 19:16:01 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: e4c19823-dead-4c63-bdfb-87e0385e30e2 x-runtime: 0.001963 x-host-info: lw-prod-us-i-0249dd4db3d5bbac8, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	GET corp-internal.com/trace?id=infopage&msg=BrowserDetect%20-%20plugin%20PDF%20Viewer&correlation_id=undefined	34.204.228.16	200 OK	0 B
URL corp-internal.com/trace?id=infopage&msg=BrowserDetect%20-%20plugin%20PDF%20Viewer&correlation_id=undefined IP / ASN 34.204.228.16 #14618 AMAZON-AES Requested byhttps://corp-internal.com/ Resource Info File typeN/A First Seen0001-01-01 Last Seen2025-08-02 Times Seen5608718 Size0 B (0 bytes) MD5d41d8cd98f00b204e9800998ecf8427e SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Certificate Info IssuerAmazon Subjectbreaking-news-now.com FingerprintB5:9F:65:CF:CB:9F:62:06:21:6A:E7:7B:9D:1A:F8:6F:08:39:86:48 ValidityTue, 19 Mar 2024 00:00:00 GMT - Fri, 18 Apr 2025 23:59:59 GMT HTTP Headers `GET /trace?id=infopage&msg=BrowserDetect%20-%20plugin%20PDF%20Viewer&correlation_id=undefined HTTP/1.1 Host: corp-internal.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://corp-internal.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 14 May 2024 19:16:02 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: f5724695-fc24-4b70-a87b-69c8a0109d9f x-runtime: 0.002391 x-host-info: lw-prod-us-i-0c1d85d7ca1fd3a79, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	GET corp-internal.com/trace?id=infopage&msg=BrowserDetect%20-%20plugin%20Microsoft%20Edge%20PDF%20Viewer&correlation_id=undefined	34.204.228.16	200 OK	0 B
URL corp-internal.com/trace?id=infopage&msg=BrowserDetect%20-%20plugin%20Microsoft%20Edge%20PDF%20Viewer&correlation_id=undefined IP / ASN 34.204.228.16 #14618 AMAZON-AES Requested byhttps://corp-internal.com/ Resource Info File typeN/A First Seen0001-01-01 Last Seen2025-08-02 Times Seen5608718 Size0 B (0 bytes) MD5d41d8cd98f00b204e9800998ecf8427e SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Certificate Info IssuerAmazon Subjectbreaking-news-now.com FingerprintB5:9F:65:CF:CB:9F:62:06:21:6A:E7:7B:9D:1A:F8:6F:08:39:86:48 ValidityTue, 19 Mar 2024 00:00:00 GMT - Fri, 18 Apr 2025 23:59:59 GMT HTTP Headers GET /trace?id=infopage&msg=BrowserDetect%20-%20plugin%20Microsoft%20Edge%20PDF%20Viewer&correlation_id=undefined HTTP/1.1 Host: corp-internal.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://corp-internal.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Tue, 14 May 2024 19:16:02 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: 350f66b0-b178-4f2d-9b73-95fa86f0564e x-runtime: 0.005148 x-host-info: lw-prod-us-i-0249dd4db3d5bbac8, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	GET corp-internal.com/log?id=infopage&sev=1&msg=PluginDetect%20is%20not%20defined&correlation_id=undefined	34.204.228.16	200 OK	0 B
URL corp-internal.com/log?id=infopage&sev=1&msg=PluginDetect%20is%20not%20defined&correlation_id=undefined IP / ASN 34.204.228.16 #14618 AMAZON-AES Requested byhttps://corp-internal.com/ Resource Info File typeN/A First Seen0001-01-01 Last Seen2025-08-02 Times Seen5608718 Size0 B (0 bytes) MD5d41d8cd98f00b204e9800998ecf8427e SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Certificate Info IssuerAmazon Subjectbreaking-news-now.com FingerprintB5:9F:65:CF:CB:9F:62:06:21:6A:E7:7B:9D:1A:F8:6F:08:39:86:48 ValidityTue, 19 Mar 2024 00:00:00 GMT - Fri, 18 Apr 2025 23:59:59 GMT HTTP Headers `GET /log?id=infopage&sev=1&msg=PluginDetect%20is%20not%20defined&correlation_id=undefined HTTP/1.1 Host: corp-internal.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://corp-internal.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 14 May 2024 19:16:02 GMT content-type: image/gif; charset=utf-8 vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: a2d73a9c-e7fe-4a33-8675-3639464bfffe x-runtime: 0.003997 x-host-info: lw-prod-us-i-0249dd4db3d5bbac8, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	GET corp-internal.com/trace?id=infopage&msg=Loading%20RealPlayer%20version&correlation_id=undefined	34.204.228.16	200 OK	0 B
URL corp-internal.com/trace?id=infopage&msg=Loading%20RealPlayer%20version&correlation_id=undefined IP / ASN 34.204.228.16 #14618 AMAZON-AES Requested byhttps://corp-internal.com/ Resource Info File typeN/A First Seen0001-01-01 Last Seen2025-08-02 Times Seen5608718 Size0 B (0 bytes) MD5d41d8cd98f00b204e9800998ecf8427e SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Certificate Info IssuerAmazon Subjectbreaking-news-now.com FingerprintB5:9F:65:CF:CB:9F:62:06:21:6A:E7:7B:9D:1A:F8:6F:08:39:86:48 ValidityTue, 19 Mar 2024 00:00:00 GMT - Fri, 18 Apr 2025 23:59:59 GMT HTTP Headers `GET /trace?id=infopage&msg=Loading%20RealPlayer%20version&correlation_id=undefined HTTP/1.1 Host: corp-internal.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://corp-internal.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 14 May 2024 19:16:02 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: 55208a46-e23b-4343-adaf-f0cf4a4312d2 x-runtime: 0.002039 x-host-info: lw-prod-us-i-0249dd4db3d5bbac8, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	GET corp-internal.com/trace?id=infopage&msg=Loading%20Silverlight%20version&correlation_id=undefined	34.204.228.16	200 OK	0 B
URL corp-internal.com/trace?id=infopage&msg=Loading%20Silverlight%20version&correlation_id=undefined IP / ASN 34.204.228.16 #14618 AMAZON-AES Requested byhttps://corp-internal.com/ Resource Info File typeN/A First Seen0001-01-01 Last Seen2025-08-02 Times Seen5608718 Size0 B (0 bytes) MD5d41d8cd98f00b204e9800998ecf8427e SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Certificate Info IssuerAmazon Subjectbreaking-news-now.com FingerprintB5:9F:65:CF:CB:9F:62:06:21:6A:E7:7B:9D:1A:F8:6F:08:39:86:48 ValidityTue, 19 Mar 2024 00:00:00 GMT - Fri, 18 Apr 2025 23:59:59 GMT HTTP Headers `GET /trace?id=infopage&msg=Loading%20Silverlight%20version&correlation_id=undefined HTTP/1.1 Host: corp-internal.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://corp-internal.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 14 May 2024 19:16:02 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: 5c589608-34b9-448e-9559-4b0243a69323 x-runtime: 0.001951 x-host-info: lw-prod-us-i-0c1d85d7ca1fd3a79, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	POST corp-internal.com/secure/browser_post	34.204.228.16	200 OK	0 B
URL corp-internal.com/secure/browser_post IP / ASN 34.204.228.16 #14618 AMAZON-AES Requested byhttps://corp-internal.com/ Resource Info File typeN/A First Seen0001-01-01 Last Seen2025-08-02 Times Seen5608718 Size0 B (0 bytes) MD5d41d8cd98f00b204e9800998ecf8427e SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Certificate Info IssuerAmazon Subjectbreaking-news-now.com FingerprintB5:9F:65:CF:CB:9F:62:06:21:6A:E7:7B:9D:1A:F8:6F:08:39:86:48 ValidityTue, 19 Mar 2024 00:00:00 GMT - Fri, 18 Apr 2025 23:59:59 GMT HTTP Headers POST /secure/browser_post HTTP/1.1 Host: corp-internal.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://corp-internal.com/ Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest Content-Length: 1352 Origin: https://corp-internal.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Tue, 14 May 2024 19:16:02 GMT content-type: image/gif; charset=utf-8 x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin vary: Accept-Encoding, Accept cache-control: no-cache x-request-id: 0b7802cd-b667-41bd-a92e-3486b4b2a295 x-runtime: 0.004358 x-host-info: lw-prod-us-i-0249dd4db3d5bbac8, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	GET corp-internal.com/assets/psat_logo.png	34.204.228.16	200 OK	11 kB
URL corp-internal.com/assets/psat_logo.png IP / ASN 34.204.228.16 #14618 AMAZON-AES Requested byhttps://corp-internal.com/ Resource Info File typePNG image data, 557 x 173, 8-bit/color RGBA, non-interlaced First Seen2023-05-11 Last Seen2025-08-01 Times Seen52 Size11 kB (10814 bytes) MD5c510b40b57c8de8c431e25e89eac656f SHA100a6e6c8d8ff43dfce2e48f82469c02c33f9208f SHA256313ac720267e0d852f0b17055b68087b1d1cc4ce24f075864d4ab57a7f83b199 Certificate Info IssuerAmazon Subjectbreaking-news-now.com FingerprintB5:9F:65:CF:CB:9F:62:06:21:6A:E7:7B:9D:1A:F8:6F:08:39:86:48 ValidityTue, 19 Mar 2024 00:00:00 GMT - Fri, 18 Apr 2025 23:59:59 GMT HTTP Headers `GET /assets/psat_logo.png HTTP/1.1 Host: corp-internal.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://corp-internal.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK date: Tue, 14 May 2024 19:16:01 GMT content-type: image/png last-modified: Thu, 11 Apr 2024 13:01:26 GMT vary: Accept-Encoding server: ThreatSim-Web-Server expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000, public access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2`

	GET corp-internal.com/trace?id=infopage&msg=BrowserDetect%20-%20browser%20%3D%20Firefox&correlation_id=undefined	34.204.228.16	200 OK	0 B
URL corp-internal.com/trace?id=infopage&msg=BrowserDetect%20-%20browser%20%3D%20Firefox&correlation_id=undefined IP / ASN 34.204.228.16 #14618 AMAZON-AES Requested byhttps://corp-internal.com/ Resource Info File typeN/A First Seen0001-01-01 Last Seen2025-08-02 Times Seen5608718 Size0 B (0 bytes) MD5d41d8cd98f00b204e9800998ecf8427e SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Certificate Info IssuerAmazon Subjectbreaking-news-now.com FingerprintB5:9F:65:CF:CB:9F:62:06:21:6A:E7:7B:9D:1A:F8:6F:08:39:86:48 ValidityTue, 19 Mar 2024 00:00:00 GMT - Fri, 18 Apr 2025 23:59:59 GMT HTTP Headers `GET /trace?id=infopage&msg=BrowserDetect%20-%20browser%20%3D%20Firefox&correlation_id=undefined HTTP/1.1 Host: corp-internal.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://corp-internal.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 14 May 2024 19:16:01 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: 0de7c46a-0e7b-4ff1-af45-d1ce2d115479 x-runtime: 0.001629 x-host-info: lw-prod-us-i-04e567bbd45ed26b3, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	GET corp-internal.com/trace?id=infopage&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Viewer&correlation_id=undefined	34.204.228.16	200 OK	0 B
URL corp-internal.com/trace?id=infopage&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Viewer&correlation_id=undefined IP / ASN 34.204.228.16 #14618 AMAZON-AES Requested byhttps://corp-internal.com/ Resource Info File typeN/A First Seen0001-01-01 Last Seen2025-08-02 Times Seen5608718 Size0 B (0 bytes) MD5d41d8cd98f00b204e9800998ecf8427e SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Certificate Info IssuerAmazon Subjectbreaking-news-now.com FingerprintB5:9F:65:CF:CB:9F:62:06:21:6A:E7:7B:9D:1A:F8:6F:08:39:86:48 ValidityTue, 19 Mar 2024 00:00:00 GMT - Fri, 18 Apr 2025 23:59:59 GMT HTTP Headers `GET /trace?id=infopage&msg=BrowserDetect%20-%20plugin%20Chrome%20PDF%20Viewer&correlation_id=undefined HTTP/1.1 Host: corp-internal.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://corp-internal.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 14 May 2024 19:16:02 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: ececc326-a372-40e7-ac2f-30fb8a7cee84 x-runtime: 0.001435 x-host-info: lw-prod-us-i-09ea3b3608d2092f7, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

	GET corp-internal.com/trace?id=infopage&msg=BrowserDetect%20-%20plugin%20WebKit%20built-in%20PDF&correlation_id=undefined	34.204.228.16	200 OK	0 B
URL corp-internal.com/trace?id=infopage&msg=BrowserDetect%20-%20plugin%20WebKit%20built-in%20PDF&correlation_id=undefined IP / ASN 34.204.228.16 #14618 AMAZON-AES Requested byhttps://corp-internal.com/ Resource Info File typeN/A First Seen0001-01-01 Last Seen2025-08-02 Times Seen5608718 Size0 B (0 bytes) MD5d41d8cd98f00b204e9800998ecf8427e SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Certificate Info IssuerAmazon Subjectbreaking-news-now.com FingerprintB5:9F:65:CF:CB:9F:62:06:21:6A:E7:7B:9D:1A:F8:6F:08:39:86:48 ValidityTue, 19 Mar 2024 00:00:00 GMT - Fri, 18 Apr 2025 23:59:59 GMT HTTP Headers `GET /trace?id=infopage&msg=BrowserDetect%20-%20plugin%20WebKit%20built-in%20PDF&correlation_id=undefined HTTP/1.1 Host: corp-internal.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://corp-internal.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 14 May 2024 19:16:02 GMT content-type: text/html vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: 71448c9c-9106-4ec6-8d31-2fd80894d8fe x-runtime: 0.001167 x-host-info: lw-prod-us-i-09ea3b3608d2092f7, ; 7ab042967e623923e817fbc8931e097004f737c7 server: ThreatSim-Web-Server access-control-allow-origin: * content-encoding: gzip X-Firefox-Spdy: h2

Detections

Host Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (3)

HTTP Transactions (33)

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers