login.shippingupdate.net/d9154c06dd7b3e13?l=65
52.2.195.173200 OK 974 B URL HTTP/1.1 login.shippingupdate.net/d9154c06dd7b3e13?l=65
IP 52.2.195.173:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 8219384f42a3c9e39c3b091c72b89b3a
aeb57205c68b1e3c8ba2cb968865e452d49112a8
7305848b39d6df6c85d703f5d61b7491d79ff75ca1404229f1812ccb46625c62
GET /d9154c06dd7b3e13?l=65 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:22 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
ETag: W/"a82b71b9d25b76ab2ea5cba8c49c401e"
Cache-Control: max-age=0, private, must-revalidate
Set-Cookie: EXFILGUID=154c0d7b3e; path=/
link_clicked_154c0d7b3e=1; path=/
X-Request-Id: 26879c0d-04cd-489b-a992-f5a6cae6d083
X-Runtime: 0.011394
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9957
Expires: Thu, 09 Feb 2023 01:22:19 GMT
Date: Wed, 08 Feb 2023 22:36:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dca68db7aea32f6683ce8d542c078f04
19c495238df74fca680e21f18627ff94de5dd2e5
35cab3987fc0e4a41b305cb208c1e33fa38ce8bdfd9f386c3dc0411dd4d5ac61
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35CAB3987FC0E4A41B305CB208C1E33FA38CE8BDFD9F386C3DC0411DD4D5AC61"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11062
Expires: Thu, 09 Feb 2023 01:40:44 GMT
Date: Wed, 08 Feb 2023 22:36:22 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 08 Feb 2023 22:34:13 GMT
content-type: application/json
age: 129
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4877
Expires: Wed, 08 Feb 2023 23:57:39 GMT
Date: Wed, 08 Feb 2023 22:36:22 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: yHirCzDNevTsxCw9MuBSCqG0p9uqtF0TwywwakYqsOpkpXgTZqa8ktmkmgDFuEq4mNLfXZBV5rY=
x-amz-request-id: 2KDPBNEGR57EJ1TJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 08 Feb 2023 21:46:07 GMT
age: 3015
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 22:36:22 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
54.230.245.115200 OK 3.0 kB URL HTTP/1.1 d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
IP 54.230.245.115:0
File type ASCII text, with very long lines (6636), with no line terminators
Hash 6103bb5e4ec6141e19e1100caafc780c
1396838ef637042cbf702f6b5fdcd0281d93feb9
ccba3500aa323de51765587835fcd4842d46e4e2384e5cfd067506d0b6fc8a78
GET /bugsnag-2.min.js HTTP/1.1
Host: d2wy8f7a9ursnm.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 2962
Connection: keep-alive
Last-Modified: Wed, 10 Aug 2016 00:30:49 GMT
Content-Encoding: gzip
x-amz-version-id: null
Accept-Ranges: bytes
Server: AmazonS3
Date: Wed, 08 Feb 2023 05:09:21 GMT
Cache-Control: public, max-age=604800
ETag: "6103bb5e4ec6141e19e1100caafc780c"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: sxV9YijmEtZKsgR4Z16QJUs2kRpjByA9Ry-SeOpDueQvUcQTSHu-cA==
Age: 592001
java.com/js/deployJava.js
95.101.10.131302 Found 0 B URL HTTP/2 java.com/js/deployJava.js
IP 95.101.10.131:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/deployJava.js HTTP/1.1
Host: java.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://login.shippingupdate.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: AkamaiGHost
content-length: 0
location: https://www.java.com/js/deployJava.js
cache-control: max-age=86400
expires: Thu, 09 Feb 2023 22:36:22 GMT
date: Wed, 08 Feb 2023 22:36:22 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
akamai-grn: 0.7f0a655f.1675895782.47e7798
set-cookie: akaalb_OCE_Failover=1675895842~op=JCOM_OCE:oceProdappJcomProdOrigin|~rv=97~m=oceProdappJcomProdOrigin:0|~os=2708f36cb43ca861e42dc0215e4669c5~id=d5dee73a5c84e213410d7951a9979b9b; path=/; Expires=Wed, 08 Feb 2023 22:37:22 GMT; Secure; SameSite=None
x-xss-protection: 1
X-Firefox-Spdy: h2
www.java.com/js/deployJava.js
95.101.10.131200 OK 5.5 kB URL HTTP/2 www.java.com/js/deployJava.js
IP 95.101.10.131:0
ASN #20940 Akamai International B.V.
File type HTML document, ASCII text, with very long lines (18444), with no line terminators
Hash 7f24f47af4c9617cb4d6f5642bf5938f
2b5514af68aeead50ee564396a4eae2997e54939
59ccf883b6624b37724c791977919c9116d1025c1a20def63f4fb8984d47b3e1
GET /js/deployJava.js HTTP/1.1
Host: www.java.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://login.shippingupdate.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-disposition: attachment; filename="deployJava.js";filename*=UTF-8''deployJava.js
content-encoding: gzip
etag: D07B023847CD4DC5C4ED4AB4FC46AD47BDD6E99A0663:19
x-content-type-options: nosniff
x-oracle-dms-ecid: b53b70d7-8e10-469f-a56c-440abaee13cc-0469beae
x-oracle-dms-rid: 0
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
content-length: 5512
unused62: 8096267
cache-control: public, max-age=86400
expires: Thu, 09 Feb 2023 22:36:22 GMT
date: Wed, 08 Feb 2023 22:36:22 GMT
vary: Accept-Encoding
server-timing: cdn-cache; desc=HIT, edge; dur=4
akamai-grn: 0.7f0a655f.1675895782.47e77ac
set-cookie: akaalb_OCE_Failover=1675895842~op=JCOM_OCE:oceProdappJcomProdOrigin|~rv=25~m=oceProdappJcomProdOrigin:0|~os=2708f36cb43ca861e42dc0215e4669c5~id=f7d67878804bb847f44922bfb7bdddb7; path=/; Expires=Wed, 08 Feb 2023 22:37:22 GMT; Secure; SameSite=None
x-xss-protection: 1
X-Firefox-Spdy: h2
login.shippingupdate.net/assets/all.js?g=154c0d7b3e
52.2.195.173200 OK 7.2 kB URL HTTP/1.1 login.shippingupdate.net/assets/all.js?g=154c0d7b3e
IP 52.2.195.173:0
Hash db7c58fc21f4bbb0900fed3889f61df2
24047c64e0dbdbcc8eef175a42dc1911f7f8a6aa
5a1dcea95a97b018b93cc58089502fd2069d508c02088c0c6a49533fef91afb7
GET /assets/all.js?g=154c0d7b3e HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/d9154c06dd7b3e13?l=65
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:22 GMT
Content-Type: application/javascript
Content-Length: 7191
Connection: keep-alive
Last-Modified: Thu, 19 Jan 2023 14:03:29 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Server: ThreatSim-Web-Server
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public
Access-Control-Allow-Origin: *
login.shippingupdate.net/assets/ajax/libs/jquery/1.9.1/jquery.min.js
52.2.195.173200 OK 33 kB URL HTTP/1.1 login.shippingupdate.net/assets/ajax/libs/jquery/1.9.1/jquery.min.js
IP 52.2.195.173:0
File type ASCII text, with very long lines (32089)
Hash 1dca01c6231917aabe380a98f67dae36
c6c800587eadd27a45cd29ef6d05742182e1454c
47126bab74ac1fd0c429292dfde3face2f931752c30e527888763166088b451c
Analyzer Verdict Alert fortinet Phishing
GET /assets/ajax/libs/jquery/1.9.1/jquery.min.js HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/d9154c06dd7b3e13?l=65
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:22 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 19 Jan 2023 14:03:29 GMT
Vary: Accept-Encoding
Server: ThreatSim-Web-Server
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public
Access-Control-Allow-Origin: *
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Retry-After, Content-Length, Content-Type, ETag, Cache-Control, Alert, Pragma, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 08 Feb 2023 22:14:52 GMT
age: 1291
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10360
Expires: Thu, 09 Feb 2023 01:29:03 GMT
Date: Wed, 08 Feb 2023 22:36:23 GMT
Connection: keep-alive
push.services.mozilla.com/
52.38.227.80101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.38.227.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: PIY0QqpN+LIECW/YO5u2iA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: GQGckE5Ez1/KfLbxqmno1edFYeo=
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash b62cc5ef1a79b8b97b5715d57e0af6e3
1aa6fa0822a1583d3fbca5e8d8b2c36954bc218c
82810671603c33f2b44f0e95a7365717731c7a31e2b4f15d4c308ec5552c3f81
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 08 Feb 2023 22:36:24 GMT
Last-Modified: Wed, 08 Feb 2023 22:05:27 GMT
Server: ECS (nyb/1D0D)
X-Cache: Miss from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: NAhfgsFxiid7ska8FC286MQ-8jq3vo2_zCinfzEy5HdFjisqm8kFAg==
Age: 1857
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash b62cc5ef1a79b8b97b5715d57e0af6e3
1aa6fa0822a1583d3fbca5e8d8b2c36954bc218c
82810671603c33f2b44f0e95a7365717731c7a31e2b4f15d4c308ec5552c3f81
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=143032
Date: Wed, 08 Feb 2023 22:36:24 GMT
Etag: "63e3a84f-1d7"
Expires: Fri, 10 Feb 2023 14:20:16 GMT
Last-Modified: Wed, 08 Feb 2023 13:49:03 GMT
Server: ECS (nyb/1D20)
X-Cache: Miss from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: VSxDo36s20DeMkHhx0dLNLod_B3l2m5VQKsn_CZu4q_JItNm1SkeGQ==
Age: 1873
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash b62cc5ef1a79b8b97b5715d57e0af6e3
1aa6fa0822a1583d3fbca5e8d8b2c36954bc218c
82810671603c33f2b44f0e95a7365717731c7a31e2b4f15d4c308ec5552c3f81
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=143032
Date: Wed, 08 Feb 2023 22:36:24 GMT
Etag: "63e3a84f-1d7"
Expires: Fri, 10 Feb 2023 14:20:16 GMT
Last-Modified: Wed, 08 Feb 2023 13:49:03 GMT
Server: ECS (nyb/1D1B)
X-Cache: Miss from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: L5YAIVpfrJ6ChIifugk2WATFJNaVLKFWotBvZnJoh6UnAHhijO7z-A==
Age: 1873
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash b62cc5ef1a79b8b97b5715d57e0af6e3
1aa6fa0822a1583d3fbca5e8d8b2c36954bc218c
82810671603c33f2b44f0e95a7365717731c7a31e2b4f15d4c308ec5552c3f81
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=142879
Date: Wed, 08 Feb 2023 22:36:24 GMT
Etag: "63e3a84f-1d7"
Expires: Fri, 10 Feb 2023 14:17:43 GMT
Last-Modified: Wed, 08 Feb 2023 13:49:03 GMT
Server: ECS (bsa/EB11)
X-Cache: Miss from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: k2iePZkhcH4G1vsrnZ5BflOfe-hlnW6j4mzZaV1GPxfhZP9_TnvsZA==
Age: 1720
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash b62cc5ef1a79b8b97b5715d57e0af6e3
1aa6fa0822a1583d3fbca5e8d8b2c36954bc218c
82810671603c33f2b44f0e95a7365717731c7a31e2b4f15d4c308ec5552c3f81
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 08 Feb 2023 22:36:24 GMT
Etag: "63e3a84f-1d7"
Last-Modified: Wed, 08 Feb 2023 22:06:43 GMT
Server: ECS (bsa/EB13)
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: hleqEKt1jt4JvUEAY203CslM4pyFUgNoSnqD_xmMROkgiqe-_-1hjw==
Age: 1781
tslp.s3.amazonaws.com/detect/realplayer.js?guid=154c0d7b3e&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.216.244.116200 OK 9.8 kB URL HTTP/1.1 tslp.s3.amazonaws.com/detect/realplayer.js?guid=154c0d7b3e&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.216.244.116:0
Hash 3d7be656672c16a34806c13388410325
c391646c980c60d75c35b33a974c97ae88114eef
88be902cc76b5ec1ec932b6ae93457b6b0ca69d7a36bfadefc2f24db225dc238
GET /detect/realplayer.js?guid=154c0d7b3e&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://login.shippingupdate.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: SOgyAim23VphIgLoHKHAZc/R0FCe8l18SKubeUByEfG0akkjQMYXz3juFqI+UEvDD8ZC+f6kxmM=
x-amz-request-id: 7CP49GW29SGX96G8
Date: Wed, 08 Feb 2023 22:36:25 GMT
Last-Modified: Wed, 15 Feb 2017 14:45:02 GMT
ETag: "3d7be656672c16a34806c13388410325"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 9775
tslp.s3.amazonaws.com/detect/flash.js?guid=154c0d7b3e&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.216.244.116200 OK 6.7 kB URL HTTP/1.1 tslp.s3.amazonaws.com/detect/flash.js?guid=154c0d7b3e&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.216.244.116:0
Hash f9ad9a096894ba248e4a1f73e7eba1be
f2449ce5f7a5c42ffdcc5f087a75b2513e73592c
a26d01d5912459798481786640dc44fd7605d09f2f9e6dd24720205efcab6861
GET /detect/flash.js?guid=154c0d7b3e&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://login.shippingupdate.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: S1dwtGJz+xpSxyLNjgHIEOenPbTF0+qbqAroLLql3Z+ANBD4cmuTMFk/OnQlZ+60jJ4XVmCXKXI=
x-amz-request-id: 7CP530KB94C8MSZ1
Date: Wed, 08 Feb 2023 22:36:25 GMT
Last-Modified: Wed, 15 Feb 2017 03:54:01 GMT
ETag: "f9ad9a096894ba248e4a1f73e7eba1be"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 6680
tslp.s3.amazonaws.com/detect/quicktime.js?guid=154c0d7b3e&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.216.244.116200 OK 7.0 kB URL HTTP/1.1 tslp.s3.amazonaws.com/detect/quicktime.js?guid=154c0d7b3e&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.216.244.116:0
File type ASCII text, with very long lines (322)
Hash ee73f2f47d51116dc40b85a6b57eaf20
6c42011667bac1fa6c3272a11b510f22962d72a2
6ae53963f41133561c78b4332b564c01f551c471cd91d980436a9f5dacdd8f19
GET /detect/quicktime.js?guid=154c0d7b3e&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://login.shippingupdate.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: bz8TJwWSbMfWVWZ1DF+fhedWAqRE0PPavCAYh+K1U+Aez2ZJ3VfFUttJTKISoAPrkrPB4H4qkxA=
x-amz-request-id: 7CPF0WEQVXVS7XVA
Date: Wed, 08 Feb 2023 22:36:25 GMT
Last-Modified: Wed, 15 Feb 2017 14:41:05 GMT
ETag: "ee73f2f47d51116dc40b85a6b57eaf20"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 6999
tslp.s3.amazonaws.com/detect/pdf.js?guid=154c0d7b3e&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.216.244.116200 OK 23 kB URL HTTP/1.1 tslp.s3.amazonaws.com/detect/pdf.js?guid=154c0d7b3e&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.216.244.116:0
Hash 0d5882d41c8b6e40059c8d9acbcf1518
53103565f3c07416fc691583a43a91943dbf0809
d9b7c6163477008469af64b211e2dbd4f4171b85b51e3714f11c99f9ba2c32f9
GET /detect/pdf.js?guid=154c0d7b3e&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://login.shippingupdate.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: jUo+GbaeTd3O9RE+F9Xc7fQxvUhVUbCn/EFRNZ4x1GjBYiOzaJ7xNc+eqO110eaHiOVsozWVD4k=
x-amz-request-id: 7CPFE6M29T3GB6G0
Date: Wed, 08 Feb 2023 22:36:25 GMT
Last-Modified: Wed, 15 Feb 2017 14:39:34 GMT
ETag: "0d5882d41c8b6e40059c8d9acbcf1518"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 22855
tslp.s3.amazonaws.com/detect/silverlight.js?guid=154c0d7b3e&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.216.244.116200 OK 4.2 kB URL HTTP/1.1 tslp.s3.amazonaws.com/detect/silverlight.js?guid=154c0d7b3e&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.216.244.116:0
Hash e6dd596d2bc204ea573b868b92028c26
fa58bba4c9a01b3764a881949a8423b773d8a338
0730a7e6770925fa4232096e4d9874514985ec791a63fe873f0e4e3cd7722381
GET /detect/silverlight.js?guid=154c0d7b3e&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://login.shippingupdate.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: A9fBymgENRFERpDDkr0uym4MymU5WLyLB7RMLfJV7vbc0WJdHJ7it5jQAJcUnN8hEBoRAKsoyjE=
x-amz-request-id: 7CPBVDZXKJHK2BF8
Date: Wed, 08 Feb 2023 22:36:25 GMT
Last-Modified: Wed, 15 Feb 2017 18:00:03 GMT
ETag: "e6dd596d2bc204ea573b868b92028c26"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 4234
tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=154c0d7b3e&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.216.244.116200 OK 50 kB URL HTTP/1.1 tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=154c0d7b3e&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.216.244.116:0
File type ASCII text, with very long lines (306)
Hash 00a513f07603df01e3b99be00f370754
f0c03b1c50f39c95075df687cd55f18861631526
4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a
GET /detect/plugin_detect.js?guid=154c0d7b3e&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://login.shippingupdate.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: bfqL5gSasrl/3P/LpTX8VknU9k8nEhTzvx4UdTDKny3L+A9+YALBSRbVaTxMSRFRf01QPN4DOjw=
x-amz-request-id: 7CP2H6T5YZSRN465
Date: Wed, 08 Feb 2023 22:36:25 GMT
Last-Modified: Wed, 15 Feb 2017 17:56:07 GMT
ETag: "00a513f07603df01e3b99be00f370754"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 50085
tslp.s3.amazonaws.com/detect/java.js?guid=154c0d7b3e&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.216.244.116200 OK 51 kB URL HTTP/1.1 tslp.s3.amazonaws.com/detect/java.js?guid=154c0d7b3e&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.216.244.116:0
Hash 2bec0061039dc3fb25fc20aaf611d5b9
dfc11b0662ac5950d309e2615e887032dd1dde0c
4805fc6abdad8075af2165e241b781c3073d4769ae725e4004bf79064acb5f24
GET /detect/java.js?guid=154c0d7b3e&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://login.shippingupdate.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: ro25P8sZ+1uA14iYONq3PspooBH8WIzg5oUqqxT2pQAhDcXsCojhiURFhLe5/YN2coFRbenyYlg=
x-amz-request-id: 7CPFZ78F3NTPVMYQ
Date: Wed, 08 Feb 2023 22:36:25 GMT
Last-Modified: Wed, 15 Feb 2017 14:38:28 GMT
ETag: "2bec0061039dc3fb25fc20aaf611d5b9"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 50717
tslp.s3.amazonaws.com/detect/wmp.js?guid=154c0d7b3e&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.216.244.116200 OK 5.9 kB URL HTTP/1.1 tslp.s3.amazonaws.com/detect/wmp.js?guid=154c0d7b3e&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.216.244.116:0
Hash ffd2cc77bb64d40beeb5d561fffe1f79
6cb535641677d27e4de591ceb3c4e2f408826e7d
cdb16ca3ddd3cead71121799751fa80d3033375abcdbc5fc84d35fb82c7fc9de
GET /detect/wmp.js?guid=154c0d7b3e&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: tslp.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://login.shippingupdate.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: aYZklq2yLM/di4AXiE5EibpTHGgEtt5pzEtrBe+h3zK6+3pD7LGkWHZeTWzWFUnpjH8s7v3mbSI=
x-amz-request-id: 7CPFD0GVB5B3QACX
Date: Wed, 08 Feb 2023 22:36:25 GMT
Last-Modified: Wed, 15 Feb 2017 15:07:14 GMT
ETag: "ffd2cc77bb64d40beeb5d561fffe1f79"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 5941
login.shippingupdate.net/trace?id=154c0d7b3e&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=154c0d7b3e&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=154c0d7b3e&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/d9154c06dd7b3e13?l=65
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: e69ab850-80ca-49e9-b30f-1f08c0d3a3b0
X-Runtime: 0.001353
X-Host-Info: lw-prod-us-i-0420c71664e52123c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=154c0d7b3e&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=154c0d7b3e&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=154c0d7b3e&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/d9154c06dd7b3e13?l=65
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 90db7981-4d2f-4ef5-b685-b5455dcc5eba
X-Runtime: 0.002259
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/secure/browser_post
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/secure/browser_post
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
Analyzer Verdict Alert fortinet Phishing
POST /secure/browser_post HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/d9154c06dd7b3e13?l=65
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 1099
Origin: http://login.shippingupdate.net
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:24 GMT
Content-Type: image/gif; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Vary: Accept-Encoding, Accept
Cache-Control: no-cache
X-Request-Id: d977f8f8-6e13-433f-b93f-cec8c3f21497
X-Runtime: 0.007549
X-Host-Info: lw-prod-us-i-0a6a908399b74e6df, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=154c0d7b3e&msg=BrowserDetect%20-%20os_version%20%3D%2010&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=154c0d7b3e&msg=BrowserDetect%20-%20os_version%20%3D%2010&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=154c0d7b3e&msg=BrowserDetect%20-%20os_version%20%3D%2010&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/d9154c06dd7b3e13?l=65
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: abdcbc7d-5a0e-46f7-8c33-cc10837c2938
X-Runtime: 0.002065
X-Host-Info: lw-prod-us-i-05fa15b454c46f1be, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=154c0d7b3e&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=154c0d7b3e&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=154c0d7b3e&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/d9154c06dd7b3e13?l=65
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 247ee395-8cd5-4858-a614-a19434e7b9ee
X-Runtime: 0.001650
X-Host-Info: lw-prod-us-i-05fa15b454c46f1be, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=154c0d7b3e&msg=BrowserDetect%20-%20height%20%3D%201024&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=154c0d7b3e&msg=BrowserDetect%20-%20height%20%3D%201024&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=154c0d7b3e&msg=BrowserDetect%20-%20height%20%3D%201024&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/d9154c06dd7b3e13?l=65
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 791c0d55-5dff-40a1-8544-850a5663c0fe
X-Runtime: 0.001749
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=154c0d7b3e&msg=BrowserDetect%20-%20width%20%3D%201280&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=154c0d7b3e&msg=BrowserDetect%20-%20width%20%3D%201280&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=154c0d7b3e&msg=BrowserDetect%20-%20width%20%3D%201280&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/d9154c06dd7b3e13?l=65
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 6b1119d7-d07e-45bf-8f1e-7fc321a499c6
X-Runtime: 0.001796
X-Host-Info: lw-prod-us-i-0420c71664e52123c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=154c0d7b3e&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=154c0d7b3e&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=154c0d7b3e&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/d9154c06dd7b3e13?l=65
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 79d740df-5847-46f2-95ef-add5068c04e2
X-Runtime: 0.001891
X-Host-Info: lw-prod-us-i-0420c71664e52123c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=154c0d7b3e&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=154c0d7b3e&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=154c0d7b3e&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/d9154c06dd7b3e13?l=65
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 87023947-9f70-4e85-b3f0-7d5e9868a307
X-Runtime: 0.001762
X-Host-Info: lw-prod-us-i-05fa15b454c46f1be, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=154c0d7b3e&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=154c0d7b3e&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=154c0d7b3e&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/d9154c06dd7b3e13?l=65
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: a4fb5f0b-e3dc-4400-a323-e5c4b293a3a8
X-Runtime: 0.001737
X-Host-Info: lw-prod-us-i-0420c71664e52123c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=154c0d7b3e&msg=java_version_pl%20%3D%20unknown&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=154c0d7b3e&msg=java_version_pl%20%3D%20unknown&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=154c0d7b3e&msg=java_version_pl%20%3D%20unknown&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/d9154c06dd7b3e13?l=65
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: dd5a96fd-9b70-460b-bf03-2ff3def065f4
X-Runtime: 0.002014
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=154c0d7b3e&msg=java_version%20%3D%20undefined&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=154c0d7b3e&msg=java_version%20%3D%20undefined&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=154c0d7b3e&msg=java_version%20%3D%20undefined&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/d9154c06dd7b3e13?l=65
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 618b1851-c597-4aa1-95f7-6c54a3fb7054
X-Runtime: 0.001824
X-Host-Info: lw-prod-us-i-0a6a908399b74e6df, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=154c0d7b3e&msg=java_version_jres%20%3D%20unknown&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=154c0d7b3e&msg=java_version_jres%20%3D%20unknown&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=154c0d7b3e&msg=java_version_jres%20%3D%20unknown&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/d9154c06dd7b3e13?l=65
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: ac1357f0-ae41-4081-afbd-3f80d95e7e25
X-Runtime: 0.004486
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=154c0d7b3e&msg=Loading%20flash%20version&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=154c0d7b3e&msg=Loading%20flash%20version&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=154c0d7b3e&msg=Loading%20flash%20version&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/d9154c06dd7b3e13?l=65
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 81aae138-50cc-43c9-bfad-2e919e1a6810
X-Runtime: 0.001805
X-Host-Info: lw-prod-us-i-0a6a908399b74e6df, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5075
Expires: Thu, 09 Feb 2023 00:00:59 GMT
Date: Wed, 08 Feb 2023 22:36:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5075
Expires: Thu, 09 Feb 2023 00:00:59 GMT
Date: Wed, 08 Feb 2023 22:36:24 GMT
Connection: keep-alive
login.shippingupdate.net/trace?id=154c0d7b3e&msg=flash%20%3D%20unknown&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=154c0d7b3e&msg=flash%20%3D%20unknown&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=154c0d7b3e&msg=flash%20%3D%20unknown&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/d9154c06dd7b3e13?l=65
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 6f281658-9675-4498-9e7a-b8efe1c7ab87
X-Runtime: 0.001747
X-Host-Info: lw-prod-us-i-05fa15b454c46f1be, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=154c0d7b3e&msg=Loading%20pdf%20version&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=154c0d7b3e&msg=Loading%20pdf%20version&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=154c0d7b3e&msg=Loading%20pdf%20version&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/d9154c06dd7b3e13?l=65
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 8a876963-faa8-44a6-8002-ac54fda6d92e
X-Runtime: 0.004025
X-Host-Info: lw-prod-us-i-0420c71664e52123c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5075
Expires: Thu, 09 Feb 2023 00:00:59 GMT
Date: Wed, 08 Feb 2023 22:36:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5075
Expires: Thu, 09 Feb 2023 00:00:59 GMT
Date: Wed, 08 Feb 2023 22:36:24 GMT
Connection: keep-alive
login.shippingupdate.net/trace?id=154c0d7b3e&msg=pdf%20%3D%20unknown&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=154c0d7b3e&msg=pdf%20%3D%20unknown&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=154c0d7b3e&msg=pdf%20%3D%20unknown&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/d9154c06dd7b3e13?l=65
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 47869f25-1201-41e4-b3ca-81e00a33dd05
X-Runtime: 0.002293
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=154c0d7b3e&msg=Loading%20quicktime%20version&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=154c0d7b3e&msg=Loading%20quicktime%20version&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=154c0d7b3e&msg=Loading%20quicktime%20version&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/d9154c06dd7b3e13?l=65
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 3d5f5426-b1c5-49b1-89f4-ebb2cf66ca19
X-Runtime: 0.002020
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=154c0d7b3e&msg=Could%20not%20find%20AdobeReader%20version&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=154c0d7b3e&msg=Could%20not%20find%20AdobeReader%20version&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=154c0d7b3e&msg=Could%20not%20find%20AdobeReader%20version&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/d9154c06dd7b3e13?l=65
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: f8184c86-567f-47e4-bd60-d33ef2545786
X-Runtime: 0.001588
X-Host-Info: lw-prod-us-i-0420c71664e52123c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe56753b9-ced9-4038-88f6-9ea3a7bc9f04.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe56753b9-ced9-4038-88f6-9ea3a7bc9f04.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa6c416b3a87ded887c9dcf7c51e5dd0
45f4ef9e68591c00669043abe96959bead8f17ae
9e10394b387916e40c44d4e02fbc1ea72214d870df189ce16d24015de00682bf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe56753b9-ced9-4038-88f6-9ea3a7bc9f04.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11205
x-amzn-requestid: abdf9c40-a2b7-49ae-bea1-ff5abfcea781
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fvszZFOZoAMFkNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc8e7b-6e508da05ff6f33e691de130;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 04:33:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: c7epaBUnG5cmbx_dT8BnEXw8JEOHyEnVEavRV6dSAExVbmdYLRMUzA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:56:04 GMT
age: 2420
etag: "45f4ef9e68591c00669043abe96959bead8f17ae"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc93fe33d-3033-473c-8315-95eb00ba319e.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc93fe33d-3033-473c-8315-95eb00ba319e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ed10868ea9554510e43f77dfb8c43877
df0d86c2c53bdec7b8935912e42dc7f82f87aa61
751e95e7dd20802cc4e0b6f208bf5559b0b73efd3ca22a9abafd86cf83ab6420
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc93fe33d-3033-473c-8315-95eb00ba319e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12401
x-amzn-requestid: 7bfa8a84-c348-4f55-8e8e-befcdd24f026
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_OjPG-eIAMFccA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c47a-06eedb3c7396825f77360755;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:36:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZHGp073QTcSjtcva36Y9sBKwRU6R8MdAxdTf8DQ_ugzAkDgWingxXg==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:50:14 GMT
age: 2770
etag: "df0d86c2c53bdec7b8935912e42dc7f82f87aa61"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5075
Expires: Thu, 09 Feb 2023 00:00:59 GMT
Date: Wed, 08 Feb 2023 22:36:24 GMT
Connection: keep-alive
login.shippingupdate.net/trace?id=154c0d7b3e&msg=quicktime%20%3D%20unknown&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=154c0d7b3e&msg=quicktime%20%3D%20unknown&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=154c0d7b3e&msg=quicktime%20%3D%20unknown&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/d9154c06dd7b3e13?l=65
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: b48c1870-fa4d-49b6-9263-aafafbef44e9
X-Runtime: 0.002005
X-Host-Info: lw-prod-us-i-0a6a908399b74e6df, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5abcabc9-1cda-4d86-8630-67943159604b.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5abcabc9-1cda-4d86-8630-67943159604b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4bb0e725719ac378134b01b6473a6581
a8a1780c88e8ae219048bed28ecfbd8019d9af35
187d4e83edc0af857334f84bd6853234193d4654d06c43367f39b4e125defe08
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5abcabc9-1cda-4d86-8630-67943159604b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6679
x-amzn-requestid: 97c19ad5-c127-4dc1-b529-1eca84645316
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f59MzHgloAMFwow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0a8b8-79d6b8d31b69153d4929b7b7;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 07:14:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: x_tr-xummuF51PvAM4y3DgvLWuJOwxgquKO8baQfcoN6ta5M3ll7ug==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 06:24:59 GMT
age: 58285
etag: "a8a1780c88e8ae219048bed28ecfbd8019d9af35"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb27041-48b2-474f-b9d5-f88e9e662723.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb27041-48b2-474f-b9d5-f88e9e662723.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8a3fa4f1ec82d501942f9db3de2cb7d
b91c2aea7f2fb26131c8929b254c5596a1bb25ff
9d246eeab8ba04c775a03fd960c8859934a0accb737e845e89aba40bc573fdaa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb27041-48b2-474f-b9d5-f88e9e662723.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6342
x-amzn-requestid: b2b61a71-5326-4fc6-baba-7baad29cf7c5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_OkbHfDIAMF5AQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c482-5cc4028d01d05305637af317;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:37:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Ladt7WYN7SIJ42nshsT0ewNBre8_C8DHi_-JbR37KM57MA9lkq5Anw==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:52:28 GMT
age: 2636
etag: "b91c2aea7f2fb26131c8929b254c5596a1bb25ff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5708e132-62b1-4b5b-aa88-fe22e522eb0e.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5708e132-62b1-4b5b-aa88-fe22e522eb0e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b327816bc2c6fd7291c75c693685d54
771070be61d0724b1c90ca86ea34c804bd7e501a
d45188239cacc7b228bc75ccc95afb48914aaa434c418cd5b786533e8b9cb983
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5708e132-62b1-4b5b-aa88-fe22e522eb0e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6838
x-amzn-requestid: 54fc5ae9-d37a-46cf-97e0-d05de1417cfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7QEsCoAMFY1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c514-40de6212468fcd0e78a93708;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:32 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: HKB4N2wyEkDOCHrcPmb2SW-T48udtqtgj-SITdLi1HxcsmUFDxERfA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:52:43 GMT
age: 2621
etag: "771070be61d0724b1c90ca86ea34c804bd7e501a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c8f31c82179856e39ee5fc43d7f0b685
5b37f807a19ffc80c0b9334e6d24d5bb717496ce
c099c91c6f2125a8a89ee6e9dc0e37e2c2c9914adadb2c8b77795063baa62037
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6805
x-amzn-requestid: 9f067f0c-2991-41ae-8dd0-5719a5438abc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_PHwEn4IAMFvFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c564-730d01807c13643373d64897;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:40:52 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: NsPkfWcoYkZE6ynP9nfRlkB-ZVNL2M5QLsL5nng7mUooHvoAUeMYKg==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 22:06:51 GMT
age: 1773
etag: "5b37f807a19ffc80c0b9334e6d24d5bb717496ce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
login.shippingupdate.net/trace?id=154c0d7b3e&msg=Loading%20RealPlayer%20version&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=154c0d7b3e&msg=Loading%20RealPlayer%20version&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=154c0d7b3e&msg=Loading%20RealPlayer%20version&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/d9154c06dd7b3e13?l=65
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 3c223a52-0999-4469-bceb-7c2d2f257bb1
X-Runtime: 0.001831
X-Host-Info: lw-prod-us-i-0420c71664e52123c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=154c0d7b3e&msg=Loading%20Silverlight%20version&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=154c0d7b3e&msg=Loading%20Silverlight%20version&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=154c0d7b3e&msg=Loading%20Silverlight%20version&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/d9154c06dd7b3e13?l=65
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: ccbf2990-ee48-438f-aab4-b231ba436e65
X-Runtime: 0.001957
X-Host-Info: lw-prod-us-i-0a6a908399b74e6df, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=154c0d7b3e&msg=realplayer%20%3D%20unknown&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=154c0d7b3e&msg=realplayer%20%3D%20unknown&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=154c0d7b3e&msg=realplayer%20%3D%20unknown&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/d9154c06dd7b3e13?l=65
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: ecc5bf65-6de3-42c2-8b50-4e1514646526
X-Runtime: 0.002042
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=154c0d7b3e&msg=silverlight%20%3D%20unknown&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=154c0d7b3e&msg=silverlight%20%3D%20unknown&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=154c0d7b3e&msg=silverlight%20%3D%20unknown&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/d9154c06dd7b3e13?l=65
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 0ea5d251-94a2-4959-b60b-1ef859f5b32f
X-Runtime: 0.001384
X-Host-Info: lw-prod-us-i-0a6a908399b74e6df, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=154c0d7b3e&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=154c0d7b3e&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=154c0d7b3e&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/d9154c06dd7b3e13?l=65
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: fd722af6-d8bf-424f-adc5-776217fc5a1f
X-Runtime: 0.001978
X-Host-Info: lw-prod-us-i-05fa15b454c46f1be, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=154c0d7b3e&msg=wmp%20%3D%20unknown&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=154c0d7b3e&msg=wmp%20%3D%20unknown&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=154c0d7b3e&msg=wmp%20%3D%20unknown&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/d9154c06dd7b3e13?l=65
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: d9866c6d-bec2-459f-915a-d74e63780c38
X-Runtime: 0.001875
X-Host-Info: lw-prod-us-i-05fa15b454c46f1be, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=154c0d7b3e&msg=redirecting%20to%20%2Fload_training%3Fguid%3De9154c053d7b3e52%26correlation_id%3Dd322af20-1ce6-4a95-b478-8e75552d36d4&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=154c0d7b3e&msg=redirecting%20to%20%2Fload_training%3Fguid%3De9154c053d7b3e52%26correlation_id%3Dd322af20-1ce6-4a95-b478-8e75552d36d4&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=154c0d7b3e&msg=redirecting%20to%20%2Fload_training%3Fguid%3De9154c053d7b3e52%26correlation_id%3Dd322af20-1ce6-4a95-b478-8e75552d36d4&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/d9154c06dd7b3e13?l=65
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 4018216c-78a7-496b-84a5-78d7e896fefa
X-Runtime: 0.003578
X-Host-Info: lw-prod-us-i-0420c71664e52123c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=154c0d7b3e&msg=BrowserDetect%20-%20browser%20%3D%20Firefox&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=154c0d7b3e&msg=BrowserDetect%20-%20browser%20%3D%20Firefox&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=154c0d7b3e&msg=BrowserDetect%20-%20browser%20%3D%20Firefox&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/d9154c06dd7b3e13?l=65
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 47866863-ac3a-44e0-91fc-1355a902391e
X-Runtime: 0.001787
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=154c0d7b3e&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=154c0d7b3e&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=154c0d7b3e&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/d9154c06dd7b3e13?l=65
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: bf5c63f9-3f5e-49c7-9533-fa0efa4d578b
X-Runtime: 0.002076
X-Host-Info: lw-prod-us-i-0420c71664e52123c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=154c0d7b3e&msg=BrowserDetect%20-%20browser_version%20%3D%20105&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=154c0d7b3e&msg=BrowserDetect%20-%20browser_version%20%3D%20105&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=154c0d7b3e&msg=BrowserDetect%20-%20browser_version%20%3D%20105&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/d9154c06dd7b3e13?l=65
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 437e0a05-27ff-4b03-b38c-991a8fe8849a
X-Runtime: 0.002001
X-Host-Info: lw-prod-us-i-0a6a908399b74e6df, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=154c0d7b3e&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=154c0d7b3e&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=154c0d7b3e&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/d9154c06dd7b3e13?l=65
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: d828719c-4add-4878-b7a9-cd432b83f3d5
X-Runtime: 0.001612
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=154c0d7b3e&msg=browser_post_successful&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=154c0d7b3e&msg=browser_post_successful&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=154c0d7b3e&msg=browser_post_successful&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/d9154c06dd7b3e13?l=65
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:25 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 11383970-d26a-4ae7-b9ee-51f609098d62
X-Runtime: 0.001760
X-Host-Info: lw-prod-us-i-05fa15b454c46f1be, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/favicon.ico
52.2.195.173200 OK 0 B URL HTTP/1.1 login.shippingupdate.net/favicon.ico
IP 52.2.195.173:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/d9154c06dd7b3e13?l=65
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:25 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Last-Modified: Thu, 19 Jan 2023 14:03:29 GMT
ETag: "63c94db1-0"
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
login.shippingupdate.net/load_training?guid=e9154c053d7b3e52&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 1.9 kB URL HTTP/1.1 login.shippingupdate.net/load_training?guid=e9154c053d7b3e52&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (822)
Hash 7c0444d3b7d8f3e0743e912168595959
f0c5f45a1faadf256fbda43ed3db9545fd05e7e5
c04b61c6ece0a19a72d4f111c495c54aeab414bdbee3e7df8e8f9b156c7b5b05
GET /load_training?guid=e9154c053d7b3e52&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/d9154c06dd7b3e13?l=65
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:25 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
ETag: W/"1081760c569f418cc4ac2435fbe131ae"
Cache-Control: max-age=0, private, must-revalidate
X-Request-Id: e89a589d-1aa7-421d-afc8-16242c0887f1
X-Runtime: 0.011138
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/assets/ajax/libs/jquery/1.11.0/jquery.min.js
52.2.195.173200 OK 33 kB URL HTTP/1.1 login.shippingupdate.net/assets/ajax/libs/jquery/1.11.0/jquery.min.js
IP 52.2.195.173:0
File type ASCII text, with very long lines (32341)
Hash 47fef3745452b8af6196adc0e73084f0
482da2d6a2499d3127eb3dc073bc80c530a047fd
416a096f0dce236c69c9376cb7571be669d610767262a9b940d3d34a34ee1058
Analyzer Verdict Alert fortinet Phishing
GET /assets/ajax/libs/jquery/1.11.0/jquery.min.js HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=e9154c053d7b3e52&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:25 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 19 Jan 2023 14:03:29 GMT
Vary: Accept-Encoding
Server: ThreatSim-Web-Server
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/assets/all.js?guid=154c0d7b3e&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 7.2 kB URL HTTP/1.1 login.shippingupdate.net/assets/all.js?guid=154c0d7b3e&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash db7c58fc21f4bbb0900fed3889f61df2
24047c64e0dbdbcc8eef175a42dc1911f7f8a6aa
5a1dcea95a97b018b93cc58089502fd2069d508c02088c0c6a49533fef91afb7
GET /assets/all.js?guid=154c0d7b3e&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=e9154c053d7b3e52&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:25 GMT
Content-Type: application/javascript
Content-Length: 7191
Connection: keep-alive
Last-Modified: Thu, 19 Jan 2023 14:03:29 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Server: ThreatSim-Web-Server
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public
Access-Control-Allow-Origin: *
login.shippingupdate.net/trace?id=undefined&msg=window.tracking_id%20is%20not%20set%2C%20let%27s%20get%20it&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=undefined&msg=window.tracking_id%20is%20not%20set%2C%20let%27s%20get%20it&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=undefined&msg=window.tracking_id%20is%20not%20set%2C%20let%27s%20get%20it&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=e9154c053d7b3e52&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:25 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: b9b71bf6-9d07-4b10-973f-bde581cf7a93
X-Runtime: 0.002030
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=unknown&msg=get-id%20is%20undefined&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=unknown&msg=get-id%20is%20undefined&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=unknown&msg=get-id%20is%20undefined&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=e9154c053d7b3e52&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:25 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 8162de47-14e3-4620-a304-90a019c0a006
X-Runtime: 0.001932
X-Host-Info: lw-prod-us-i-0a6a908399b74e6df, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=unknown&msg=did%20not%20find%20guid%20in%20last%20part%20of%20location&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=unknown&msg=did%20not%20find%20guid%20in%20last%20part%20of%20location&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=unknown&msg=did%20not%20find%20guid%20in%20last%20part%20of%20location&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=e9154c053d7b3e52&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:25 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 9234b7c7-c483-4d22-bc21-a4c8c002b72a
X-Runtime: 0.002016
X-Host-Info: lw-prod-us-i-05fa15b454c46f1be, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=e9154c053d7b3e52&msg=BrowserDetect%20-%20localStorage%20%3D%20true&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=e9154c053d7b3e52&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:25 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 29302b8d-ce10-4d81-9e2a-2bf6437a56bf
X-Runtime: 0.002003
X-Host-Info: lw-prod-us-i-0420c71664e52123c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=e9154c053d7b3e52&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=e9154c053d7b3e52&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:25 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 852c1c6d-6381-42e9-9a52-4fc379ab8512
X-Runtime: 0.001383
X-Host-Info: lw-prod-us-i-0420c71664e52123c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=e9154c053d7b3e52&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=e9154c053d7b3e52&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:25 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: ea04ceb2-b942-43a6-a6a9-1389e16362d4
X-Runtime: 0.001895
X-Host-Info: lw-prod-us-i-05fa15b454c46f1be, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=BrowserDetect%20-%20browser_version%20%3D%20105&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=BrowserDetect%20-%20browser_version%20%3D%20105&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=e9154c053d7b3e52&msg=BrowserDetect%20-%20browser_version%20%3D%20105&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=e9154c053d7b3e52&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:25 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 615f24a5-d49d-45d1-b3bc-aa288287a1be
X-Runtime: 0.001961
X-Host-Info: lw-prod-us-i-0a6a908399b74e6df, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=e9154c053d7b3e52&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=e9154c053d7b3e52&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:25 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 22de4747-64e3-4bf9-86c2-28ce651e16cc
X-Runtime: 0.002587
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=BrowserDetect%20-%20browser%20%3D%20Firefox&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=BrowserDetect%20-%20browser%20%3D%20Firefox&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=e9154c053d7b3e52&msg=BrowserDetect%20-%20browser%20%3D%20Firefox&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=e9154c053d7b3e52&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:25 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 30f39115-76d3-451d-8c77-6bb2ffb9b102
X-Runtime: 0.003066
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=BrowserDetect%20-%20os_version%20%3D%2010&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=BrowserDetect%20-%20os_version%20%3D%2010&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=e9154c053d7b3e52&msg=BrowserDetect%20-%20os_version%20%3D%2010&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=e9154c053d7b3e52&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:25 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 936f217c-820e-41b0-8016-1eb8b92f2a99
X-Runtime: 0.001788
X-Host-Info: lw-prod-us-i-0a6a908399b74e6df, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=e9154c053d7b3e52&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=e9154c053d7b3e52&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:25 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: d95a859d-7eeb-4668-87a5-0f86db162a11
X-Runtime: 0.001788
X-Host-Info: lw-prod-us-i-05fa15b454c46f1be, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=e9154c053d7b3e52&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=e9154c053d7b3e52&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:25 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 0ce5de7e-0a93-4d42-aa8f-d0dc9e5f446d
X-Runtime: 0.002042
X-Host-Info: lw-prod-us-i-0420c71664e52123c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=BrowserDetect%20-%20width%20%3D%201280&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=BrowserDetect%20-%20width%20%3D%201280&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=e9154c053d7b3e52&msg=BrowserDetect%20-%20width%20%3D%201280&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=e9154c053d7b3e52&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:26 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: bfcbb3c4-de49-4b05-bbda-270a65335c90
X-Runtime: 0.001690
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=e9154c053d7b3e52&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=e9154c053d7b3e52&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:26 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 51cf051f-5527-4d50-9ce6-1094299d67fc
X-Runtime: 0.001769
X-Host-Info: lw-prod-us-i-0a6a908399b74e6df, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=BrowserDetect%20-%20height%20%3D%201024&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=BrowserDetect%20-%20height%20%3D%201024&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=e9154c053d7b3e52&msg=BrowserDetect%20-%20height%20%3D%201024&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=e9154c053d7b3e52&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:26 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 66c4d44a-c31b-476d-9eb4-d199c128181b
X-Runtime: 0.006625
X-Host-Info: lw-prod-us-i-05fa15b454c46f1be, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=e9154c053d7b3e52&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=e9154c053d7b3e52&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:26 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 9fa56e54-7337-40e1-bb04-06dea2bc3e31
X-Runtime: 0.001783
X-Host-Info: lw-prod-us-i-05fa15b454c46f1be, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=java_version_jres%20%3D%20unknown&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=java_version_jres%20%3D%20unknown&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=e9154c053d7b3e52&msg=java_version_jres%20%3D%20unknown&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=e9154c053d7b3e52&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:26 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: e18e2477-cc40-4ff4-912a-d7b003525506
X-Runtime: 0.001730
X-Host-Info: lw-prod-us-i-0420c71664e52123c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=java_version%20%3D%20undefined&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=java_version%20%3D%20undefined&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=e9154c053d7b3e52&msg=java_version%20%3D%20undefined&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=e9154c053d7b3e52&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:26 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 9074928a-8fa6-4003-a9c9-2f480eb74993
X-Runtime: 0.001724
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=Loading%20flash%20version&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=Loading%20flash%20version&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=e9154c053d7b3e52&msg=Loading%20flash%20version&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=e9154c053d7b3e52&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:26 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 46325212-8ede-4954-9541-b53360f7de38
X-Runtime: 0.001925
X-Host-Info: lw-prod-us-i-0a6a908399b74e6df, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=flash%20%3D%20unknown&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=flash%20%3D%20unknown&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=e9154c053d7b3e52&msg=flash%20%3D%20unknown&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=e9154c053d7b3e52&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:26 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 00a93bee-c81a-4888-9646-023d9cfc9efd
X-Runtime: 0.001383
X-Host-Info: lw-prod-us-i-0a6a908399b74e6df, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=Loading%20pdf%20version&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=Loading%20pdf%20version&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=e9154c053d7b3e52&msg=Loading%20pdf%20version&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=e9154c053d7b3e52&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:26 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: fca3e376-b6fa-4920-a244-334f50517628
X-Runtime: 0.001760
X-Host-Info: lw-prod-us-i-05fa15b454c46f1be, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=Could%20not%20find%20AdobeReader%20version&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=Could%20not%20find%20AdobeReader%20version&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=e9154c053d7b3e52&msg=Could%20not%20find%20AdobeReader%20version&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=e9154c053d7b3e52&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:26 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 13c1c1b0-325e-4b48-878a-85a3e4c212c3
X-Runtime: 0.001941
X-Host-Info: lw-prod-us-i-0420c71664e52123c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=java_version_pl%20%3D%20unknown&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=java_version_pl%20%3D%20unknown&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=e9154c053d7b3e52&msg=java_version_pl%20%3D%20unknown&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=e9154c053d7b3e52&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:26 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 8d67f7f0-9006-4581-9b21-a45c7f254404
X-Runtime: 0.001687
X-Host-Info: lw-prod-us-i-0420c71664e52123c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=pdf%20%3D%20unknown&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=pdf%20%3D%20unknown&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=e9154c053d7b3e52&msg=pdf%20%3D%20unknown&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=e9154c053d7b3e52&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:26 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 0e8fedd5-e673-43bf-ba95-5196609f3464
X-Runtime: 0.001887
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=quicktime%20%3D%20unknown&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=quicktime%20%3D%20unknown&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=e9154c053d7b3e52&msg=quicktime%20%3D%20unknown&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=e9154c053d7b3e52&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:26 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 942f3b21-70d4-48d4-bf2f-4834eadcc262
X-Runtime: 0.001991
X-Host-Info: lw-prod-us-i-05fa15b454c46f1be, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=Loading%20quicktime%20version&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=Loading%20quicktime%20version&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=e9154c053d7b3e52&msg=Loading%20quicktime%20version&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=e9154c053d7b3e52&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:26 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 575263b2-87f1-4645-b394-e09a60b9feaf
X-Runtime: 0.002202
X-Host-Info: lw-prod-us-i-0a6a908399b74e6df, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=Loading%20RealPlayer%20version&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=Loading%20RealPlayer%20version&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=e9154c053d7b3e52&msg=Loading%20RealPlayer%20version&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=e9154c053d7b3e52&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:26 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 1d5a9e1e-394b-4f4c-871f-37885acd7fc2
X-Runtime: 0.002061
X-Host-Info: lw-prod-us-i-05fa15b454c46f1be, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=realplayer%20%3D%20unknown&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=realplayer%20%3D%20unknown&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=e9154c053d7b3e52&msg=realplayer%20%3D%20unknown&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=e9154c053d7b3e52&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:26 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 75fb4eb6-747d-4aaf-b8f5-fc85ef2713c9
X-Runtime: 0.001714
X-Host-Info: lw-prod-us-i-0420c71664e52123c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=Loading%20Silverlight%20version&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=Loading%20Silverlight%20version&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=e9154c053d7b3e52&msg=Loading%20Silverlight%20version&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=e9154c053d7b3e52&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:26 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: b187c1ab-d0af-42c1-90f5-aec73e14f08f
X-Runtime: 0.001340
X-Host-Info: lw-prod-us-i-0420c71664e52123c, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=e9154c053d7b3e52&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=e9154c053d7b3e52&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:26 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 5cd945e7-a492-4a72-a150-743e028bcd84
X-Runtime: 0.002131
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=silverlight%20%3D%20unknown&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=silverlight%20%3D%20unknown&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=e9154c053d7b3e52&msg=silverlight%20%3D%20unknown&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=e9154c053d7b3e52&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:26 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 8b2a9e15-68ae-46b5-805b-a1618efc7082
X-Runtime: 0.002429
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=wmp%20%3D%20unknown&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=wmp%20%3D%20unknown&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=e9154c053d7b3e52&msg=wmp%20%3D%20unknown&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=e9154c053d7b3e52&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:26 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: 58fdcbe7-029f-446d-ba8f-7a59a0ebd7b0
X-Runtime: 0.002628
X-Host-Info: lw-prod-us-i-0a6a908399b74e6df, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=training_page_no_browser_post&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=training_page_no_browser_post&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=e9154c053d7b3e52&msg=training_page_no_browser_post&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=e9154c053d7b3e52&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:26 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: d0f0ff94-e9b8-46ee-8fd1-a47eb300b652
X-Runtime: 0.001509
X-Host-Info: lw-prod-us-i-05fa15b454c46f1be, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip
login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=redirect_url%20is%20undefined&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
52.2.195.173200 OK 20 B URL HTTP/1.1 login.shippingupdate.net/trace?id=e9154c053d7b3e52&msg=redirect_url%20is%20undefined&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
IP 52.2.195.173:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /trace?id=e9154c053d7b3e52&msg=redirect_url%20is%20undefined&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4 HTTP/1.1
Host: login.shippingupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.shippingupdate.net/load_training?guid=e9154c053d7b3e52&correlation_id=d322af20-1ce6-4a95-b478-8e75552d36d4
Connection: keep-alive
Cookie: EXFILGUID=154c0d7b3e; link_clicked_154c0d7b3e=1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:36:26 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Cache-Control: no-cache
X-Request-Id: cf9cfd94-9760-4316-86b4-783a94b7151d
X-Runtime: 0.004154
X-Host-Info: lw-prod-us-i-04cd420155549cee6, ; e0335f66722ce7989fcd56b2d7c036caf5a60e00
Server: ThreatSim-Web-Server
Access-Control-Allow-Origin: *
Content-Encoding: gzip