pandemiabanrote.hr-communication.com Open in urlscan Pro
100.24.100.138 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://pandemiabanrote.hr-communication.com/informacion/id/2W8LXWO52O9Y/5ca6fc/1260fab5-3885-44a5-aa4c-d7cbd11f9310/
Submission: On March 24 via manual (March 24th 2020, 10:44:01 pm UTC) from MX

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 14 HTTP transactions. The main IP is 100.24.100.138, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is pandemiabanrote.hr-communication.com.

This is the only time pandemiabanrote.hr-communication.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	100.24.100.138 100.24.100.138	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:825::2008	15169 (GOOGLE) (GOOGLE)
2	143.204.15.22 143.204.15.22	16509 (AMAZON-02) (AMAZON-02)
1 2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
14	5

9 100.24.100.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-24-100-138.compute-1.amazonaws.com

pandemiabanrote.hr-communication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.15.22 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-15-22.mxp64.r.cloudfront.net

images.pmeimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	hr-communication.com pandemiabanrote.hr-communication.com	137 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	pmeimg.com images.pmeimg.com	390 KB
1	doubleclick.net stats.g.doubleclick.net	102 B
1	googletagmanager.com www.googletagmanager.com	28 KB
14	5

	Domain	Requested by
9	pandemiabanrote.hr-communication.com	pandemiabanrote.hr-communication.com
2	www.google-analytics.com	1 redirects www.googletagmanager.com
2	images.pmeimg.com	pandemiabanrote.hr-communication.com
1	stats.g.doubleclick.net	pandemiabanrote.hr-communication.com
1	www.googletagmanager.com	pandemiabanrote.hr-communication.com
14	5

This site contains no links.

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://pandemiabanrote.hr-communication.com/informacion/id/2W8LXWO52O9Y/5ca6fc/1260fab5-3885-44a5-aa4c-d7cbd11f9310/
Frame ID: 434A4275BBF260A42B3B21979FC42230
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery-ui.*\.js/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery-ui.*\.js/i

Page Statistics

14
Requests

21 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

573 kB
Transfer

940 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://www.google-analytics.com/r/collect?v=1&_v=j81&aip=1&a=436072754&t=pageview&_s=1&dl=http%3A%2F%2Fpandemiabanrote.hr-communication.com%2Finformacion%2Fid%2F2W8LXWO52O9Y%2F5ca6fc%2F1260fab5-3885-44a5-aa4c-d7cbd11f9310%2F%3F&ul=en-us&de=UTF-8&dt=PhishMe&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1045138094&gjid=688721181&cid=2145562235.1585089825&tid=UA-126808791-4&_gid=2129410220.1585089825&_r=1&gtm=2ou3b2&z=1205117287 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-126808791-4&cid=2145562235.1585089825&jid=1045138094&_gid=2129410220.1585089825&gjid=688721181&_v=j81&z=1205117287

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
pandemiabanrote.hr-communication.com/informacion/id/2W8LXWO52O9Y/5ca6fc/1260fab5-3885-44a5-aa4c-d7cbd11f9310/ 6 KB
3 KB 244ms
224ms Document
text/html 100.24.100.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

http://pandemiabanrote.hr-communication.com/informacion/id/2W8LXWO52O9Y/5ca6fc/1260fab5-3885-44a5-aa4c-d7cbd11f9310/?

Protocol

HTTP/1.1

Server

100.24.100.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-100-24-100-138.compute-1.amazonaws.com

Software

Apache /

Resource Hash

31169e8162ce7fe2d7687d85e0cdefa496d5110ee1fe1f610d4e91f608286f81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Host: pandemiabanrote.hr-communication.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 24 Mar 2020 22:43:45 GMT
Server: Apache
Cache-Control: no-cache, no-store
Referrer-Policy: strict-origin-when-cross-origin
X-Permitted-Cross-Domain-Policies: none
Pragma: no-cache
X-XSS-Protection: 1; mode=block
X-Request-Id: dd98933d-0204-46e7-838d-55120094de00
X-Download-Options: noopen noopen
X-Runtime: 0.028833
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Set-Cookie: _phishme.com_session_id=50eaa4667d13e9e3462421eb9cb93778; path=/; HttpOnly
Status: 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: http://landing.phishme.com
Content-Length: 2162
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 75 KB
28 KB 21ms
16ms Script
application/javascript 2a00:1450:4001:825::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-126808791-4

Requested by

Host: pandemiabanrote.hr-communication.com
URL: http://pandemiabanrote.hr-communication.com/informacion/id/2W8LXWO52O9Y/5ca6fc/1260fab5-3885-44a5-aa4c-d7cbd11f9310/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c8a5fba362ba14dd5fed9a8286b06edb65a40b5ab6f3144690463a176c42f1cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://pandemiabanrote.hr-communication.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 22:43:45 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28656
x-xss-protection: 0
last-modified: Tue, 24 Mar 2020 21:57:01 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 24 Mar 2020 22:43:45 GMT

GET
H/1.1 200
OK jquery-latest.min.js Show response
pandemiabanrote.hr-communication.com/javascripts/ 86 KB
30 KB 111ms
107ms Script
application/javascript 100.24.100.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://pandemiabanrote.hr-communication.com/javascripts/jquery-latest.min.js
Requested by: Host: pandemiabanrote.hr-communication.com
URL: http://pandemiabanrote.hr-communication.com/informacion/id/2W8LXWO52O9Y/5ca6fc/1260fab5-3885-44a5-aa4c-d7cbd11f9310/?
Protocol: HTTP/1.1
Server: 100.24.100.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-24-100-138.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer: http://pandemiabanrote.hr-communication.com/informacion/id/2W8LXWO52O9Y/5ca6fc/1260fab5-3885-44a5-aa4c-d7cbd11f9310/?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 24 Mar 2020 22:43:45 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 Mar 2020 15:06:08 GMT
Server: Apache
ETag: "15851-5a14aa006b800-gzip"
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: http://landing.phishme.com
Cache-Control: max-age=0
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 30677
Expires: Tue, 24 Mar 2020 22:43:45 GMT

GET
H/1.1 200
OK jquery.periodicalupdater.js Show response
pandemiabanrote.hr-communication.com/javascripts/ 7 KB
3 KB 207ms
191ms Script
application/javascript 100.24.100.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://pandemiabanrote.hr-communication.com/javascripts/jquery.periodicalupdater.js
Requested by: Host: pandemiabanrote.hr-communication.com
URL: http://pandemiabanrote.hr-communication.com/informacion/id/2W8LXWO52O9Y/5ca6fc/1260fab5-3885-44a5-aa4c-d7cbd11f9310/?
Protocol: HTTP/1.1
Server: 100.24.100.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-24-100-138.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 850ebab175e20015432217d462b446fd904cc7e90ae8c0339212053481163969

Request headers

Referer: http://pandemiabanrote.hr-communication.com/informacion/id/2W8LXWO52O9Y/5ca6fc/1260fab5-3885-44a5-aa4c-d7cbd11f9310/?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 24 Mar 2020 22:43:45 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 Mar 2020 15:06:08 GMT
Server: Apache
ETag: "1a02-5a14aa006b800-gzip"
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: http://landing.phishme.com
Cache-Control: max-age=0
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2221
Expires: Tue, 24 Mar 2020 22:43:45 GMT

GET
H/1.1 200
OK infografias_seguridad_de_la_informacion-04-06f1406d.png
images.pmeimg.com/public/user_assets/56dae514-fcc8-489a-8453-d64972743043/ 156 KB
157 KB 334ms
310ms Image
image/png 143.204.15.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.pmeimg.com/public/user_assets/56dae514-fcc8-489a-8453-d64972743043/infografias_seguridad_de_la_informacion-04-06f1406d.png
Requested by: Host: pandemiabanrote.hr-communication.com
URL: http://pandemiabanrote.hr-communication.com/informacion/id/2W8LXWO52O9Y/5ca6fc/1260fab5-3885-44a5-aa4c-d7cbd11f9310/?
Protocol: HTTP/1.1
Server: 143.204.15.22 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-15-22.mxp64.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b61c7e50930423702e3123c44d0c88f1823c762240f68bc3a3c9a59f2292cad4

Request headers

Referer: http://pandemiabanrote.hr-communication.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 24 Mar 2020 22:43:46 GMT
Via: 1.1 4b0a29060798a5746cab1da1c9cdac7b.cloudfront.net (CloudFront)
Last-Modified: Thu, 19 Mar 2020 01:06:35 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MXP64-C1
ETag: "308ddf0a47282ab09a63a47638eb0b44"
X-Cache: Miss from cloudfront
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 159893
X-Amz-Cf-Id: YTIwim3s6m36CGTOTh0C_Vt2NwEd7Jwb70QwaMinTO76RKRMAswxBQ==

GET
H/1.1 200
OK banorte_logo4-0b52860d.png
images.pmeimg.com/public/user_assets/56dae514-fcc8-489a-8453-d64972743043/ 233 KB
234 KB 340ms
327ms Image
image/png 143.204.15.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.pmeimg.com/public/user_assets/56dae514-fcc8-489a-8453-d64972743043/banorte_logo4-0b52860d.png
Requested by: Host: pandemiabanrote.hr-communication.com
URL: http://pandemiabanrote.hr-communication.com/informacion/id/2W8LXWO52O9Y/5ca6fc/1260fab5-3885-44a5-aa4c-d7cbd11f9310/?
Protocol: HTTP/1.1
Server: 143.204.15.22 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-15-22.mxp64.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dca7aa404b5042b48f2a869130fd085fa0f9f04e5611dd392635c5c359ac6b2c

Request headers

Referer: http://pandemiabanrote.hr-communication.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 24 Mar 2020 22:43:46 GMT
Via: 1.1 6c3e48e00c5cc82a938a68d74aa420d9.cloudfront.net (CloudFront)
Last-Modified: Wed, 12 Jun 2019 01:05:12 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MXP64-C1
ETag: "b32ccd8936ef76a14b4f0c5d5e33e41c"
X-Cache: Miss from cloudfront
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 238856
X-Amz-Cf-Id: VJoZmS7IDmHJ5Hypqg5R_bm_PV2KQajLdVd3fgSQPGHxo3J7NfBCgA==

GET
H/1.1 200
OK jquery-1.11.1.min.js Show response
pandemiabanrote.hr-communication.com/system/content_files/uploads/f44/eb3/e0-/original/ 94 KB
33 KB 212ms
198ms Script
application/javascript 100.24.100.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://pandemiabanrote.hr-communication.com/system/content_files/uploads/f44/eb3/e0-/original/jquery-1.11.1.min.js
Requested by: Host: pandemiabanrote.hr-communication.com
URL: http://pandemiabanrote.hr-communication.com/informacion/id/2W8LXWO52O9Y/5ca6fc/1260fab5-3885-44a5-aa4c-d7cbd11f9310/?
Protocol: HTTP/1.1
Server: 100.24.100.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-24-100-138.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Referer: http://pandemiabanrote.hr-communication.com/informacion/id/2W8LXWO52O9Y/5ca6fc/1260fab5-3885-44a5-aa4c-d7cbd11f9310/?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 24 Mar 2020 22:43:45 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Sep 2017 18:50:24 GMT
Server: Apache
ETag: "1762a-558253bcedc00-gzip"
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: http://landing.phishme.com
Cache-Control: max-age=0
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 33225
Expires: Tue, 24 Mar 2020 22:43:45 GMT

GET
H/1.1 200
OK jquery-ui.min.js Show response
pandemiabanrote.hr-communication.com/system/content_files/uploads/c1b/ede/dc-/original/ 233 KB
63 KB 112ms
111ms Script
application/javascript 100.24.100.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://pandemiabanrote.hr-communication.com/system/content_files/uploads/c1b/ede/dc-/original/jquery-ui.min.js
Requested by: Host: pandemiabanrote.hr-communication.com
URL: http://pandemiabanrote.hr-communication.com/informacion/id/2W8LXWO52O9Y/5ca6fc/1260fab5-3885-44a5-aa4c-d7cbd11f9310/?
Protocol: HTTP/1.1
Server: 100.24.100.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-24-100-138.compute-1.amazonaws.com
Software: Apache /
Resource Hash: e09639315704980552b92eaae21f66af00a6e8a371f757f76b0b12420c2ed2a7

Request headers

Referer: http://pandemiabanrote.hr-communication.com/informacion/id/2W8LXWO52O9Y/5ca6fc/1260fab5-3885-44a5-aa4c-d7cbd11f9310/?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 24 Mar 2020 22:43:45 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Sep 2017 18:50:24 GMT
Server: Apache
ETag: "3a2ea-558253bcedc00-gzip"
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: http://landing.phishme.com
Cache-Control: max-age=0
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Expires: Tue, 24 Mar 2020 22:43:45 GMT

GET
H/1.1 200
OK education-ui-functions.js Show response
pandemiabanrote.hr-communication.com/system/content_files/uploads/832/179/06-/original/ 6 KB
2 KB 104ms
104ms Script
application/javascript 100.24.100.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://pandemiabanrote.hr-communication.com/system/content_files/uploads/832/179/06-/original/education-ui-functions.js
Requested by: Host: pandemiabanrote.hr-communication.com
URL: http://pandemiabanrote.hr-communication.com/informacion/id/2W8LXWO52O9Y/5ca6fc/1260fab5-3885-44a5-aa4c-d7cbd11f9310/?
Protocol: HTTP/1.1
Server: 100.24.100.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-24-100-138.compute-1.amazonaws.com
Software: Apache /
Resource Hash: d99b0ecdd853d6c11b1146316a31da6d2fb58367877fa74005992fe8ebc227cc

Request headers

Referer: http://pandemiabanrote.hr-communication.com/informacion/id/2W8LXWO52O9Y/5ca6fc/1260fab5-3885-44a5-aa4c-d7cbd11f9310/?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 24 Mar 2020 22:43:45 GMT
Content-Encoding: gzip
Last-Modified: Fri, 15 Dec 2017 15:50:05 GMT
Server: Apache
ETag: "16a0-56062f4486540-gzip"
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: http://landing.phishme.com
Cache-Control: max-age=0
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1650
Expires: Tue, 24 Mar 2020 22:43:45 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-126808791-4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://pandemiabanrote.hr-communication.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 310
date: Tue, 24 Mar 2020 22:38:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 18174
expires: Wed, 25 Mar 2020 00:38:35 GMT

GET
H/1.1 200
OK cross.png
pandemiabanrote.hr-communication.com/system/content_images/uploads/04b/9d1/56-/original/ 1 KB
2 KB 207ms
194ms Image
image/png 100.24.100.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pandemiabanrote.hr-communication.com/system/content_images/uploads/04b/9d1/56-/original/cross.png
Requested by: Host: pandemiabanrote.hr-communication.com
URL: http://pandemiabanrote.hr-communication.com/informacion/id/2W8LXWO52O9Y/5ca6fc/1260fab5-3885-44a5-aa4c-d7cbd11f9310/?
Protocol: HTTP/1.1
Server: 100.24.100.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-24-100-138.compute-1.amazonaws.com
Software: Apache /
Resource Hash: a82ddde29aad91a7d826f11c40533fa0451ae60b620ab831ae89856472c43019

Request headers

Referer: http://pandemiabanrote.hr-communication.com/informacion/id/2W8LXWO52O9Y/5ca6fc/1260fab5-3885-44a5-aa4c-d7cbd11f9310/?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 24 Mar 2020 22:43:45 GMT
Last-Modified: Fri, 01 Sep 2017 18:50:24 GMT
Server: Apache
ETag: "48b-558253bcedc00"
X-Download-Options: noopen
Content-Type: image/png
Access-Control-Allow-Origin: http://landing.phishme.com
Cache-Control: max-age=0
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1163
Expires: Tue, 24 Mar 2020 22:43:45 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&aip=1&a=436072754&t=pageview&_s=1&dl=http%3A%2F%2Fpandemiabanrote.hr-communication.com%2Finformacion%2Fid%2F2W8LXWO52O9Y%2F5ca6fc%2F1260fab5-38...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-126808791-4&cid=2145562235.1585089825&jid=1045138094&_gid=2129410220.1585089825&gjid=688721181&_v=j81&z=1205117287

35 B
102 B

15ms
15ms

Image
image/gif

2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-126808791-4&cid=2145562235.1585089825&jid=1045138094&_gid=2129410220.1585089825&gjid=688721181&_v=j81&z=1205117287

Requested by

Host: pandemiabanrote.hr-communication.com
URL: http://pandemiabanrote.hr-communication.com/informacion/id/2W8LXWO52O9Y/5ca6fc/1260fab5-3885-44a5-aa4c-d7cbd11f9310/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://pandemiabanrote.hr-communication.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Tue, 24 Mar 2020 22:43:45 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 24 Mar 2020 22:43:45 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-126808791-4&cid=2145562235.1585089825&jid=1045138094&_gid=2129410220.1585089825&gjid=688721181&_v=j81&z=1205117287
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 420
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK log_info Show response
pandemiabanrote.hr-communication.com/ 0
648 B 213ms
200ms XHR
text/plain 100.24.100.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

http://pandemiabanrote.hr-communication.com/log_info?tid=1260fab5-3885-44a5-aa4c-d7cbd11f9310&_=1585089825362

Requested by

Host: pandemiabanrote.hr-communication.com
URL: http://pandemiabanrote.hr-communication.com/javascripts/jquery-latest.min.js

Protocol

HTTP/1.1

Server

100.24.100.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-100-24-100-138.compute-1.amazonaws.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: text/plain, */*; q=0.01
Referer: http://pandemiabanrote.hr-communication.com/informacion/id/2W8LXWO52O9Y/5ca6fc/1260fab5-3885-44a5-aa4c-d7cbd11f9310/?
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 24 Mar 2020 22:43:55 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Access-Control-Allow-Origin: http://landing.phishme.com
Status: 200 OK
Connection: Keep-Alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
X-Request-Id: b5dfe936-a5d0-4902-8db3-d422fb51a8a8
X-Runtime: 0.006788
Referrer-Policy: strict-origin-when-cross-origin
Server: Apache
X-Download-Options: noopen, noopen
X-Frame-Options: DENY
Content-Type: text/plain
Pragma: no-cache
Cache-Control: no-cache, no-store
Keep-Alive: timeout=5, max=100
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK log_info Show response
pandemiabanrote.hr-communication.com/ 0
648 B 215ms
202ms XHR
text/plain 100.24.100.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

http://pandemiabanrote.hr-communication.com/log_info?tid=1260fab5-3885-44a5-aa4c-d7cbd11f9310&_=1585089825363

Requested by

Host: pandemiabanrote.hr-communication.com
URL: http://pandemiabanrote.hr-communication.com/javascripts/jquery-latest.min.js

Protocol

HTTP/1.1

Server

100.24.100.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-100-24-100-138.compute-1.amazonaws.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: text/plain, */*; q=0.01
Referer: http://pandemiabanrote.hr-communication.com/informacion/id/2W8LXWO52O9Y/5ca6fc/1260fab5-3885-44a5-aa4c-d7cbd11f9310/?
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 24 Mar 2020 22:43:55 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Access-Control-Allow-Origin: http://landing.phishme.com
Status: 200 OK
Connection: Keep-Alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
X-Request-Id: 3a511063-5594-4544-b111-3ecf194f6d16
X-Runtime: 0.009780
Referrer-Policy: strict-origin-when-cross-origin
Server: Apache
X-Download-Options: noopen, noopen
X-Frame-Options: DENY
Content-Type: text/plain
Pragma: no-cache
Cache-Control: no-cache, no-store
Keep-Alive: timeout=5, max=100
Expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hr-communication.com/	1970-01-19 08:18:09	Name: _gat_gtag_UA_126808791_4 Value: 1
.hr-communication.com/	1970-01-19 08:19:36	Name: _gid Value: GA1.2.2129410220.1585089825
.hr-communication.com/	1970-01-20 01:49:21	Name: _ga Value: GA1.2.2145562235.1585089825
pandemiabanrote.hr-communication.com/	1969-12-31 23:59:59	Name: _phishme.com_session_id Value: 50eaa4667d13e9e3462421eb9cb93778

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

images.pmeimg.com
pandemiabanrote.hr-communication.com
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
100.24.100.138
143.204.15.22
2a00:1450:4001:800::200e
2a00:1450:4001:825::2008
2a00:1450:400c:c0c::9a
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
31169e8162ce7fe2d7687d85e0cdefa496d5110ee1fe1f610d4e91f608286f81
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
850ebab175e20015432217d462b446fd904cc7e90ae8c0339212053481163969
a82ddde29aad91a7d826f11c40533fa0451ae60b620ab831ae89856472c43019
b61c7e50930423702e3123c44d0c88f1823c762240f68bc3a3c9a59f2292cad4
c8a5fba362ba14dd5fed9a8286b06edb65a40b5ab6f3144690463a176c42f1cd
d99b0ecdd853d6c11b1146316a31da6d2fb58367877fa74005992fe8ebc227cc
dca7aa404b5042b48f2a869130fd085fa0f9f04e5611dd392635c5c359ac6b2c
e09639315704980552b92eaae21f66af00a6e8a371f757f76b0b12420c2ed2a7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

pandemiabanrote.hr-communication.com Open in urlscan Pro 100.24.100.138 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

14 Requests

21 %HTTPS

60 %IPv6

5 Domains

5 Subdomains

5 IPs

3 Countries

573 kBTransfer

940 kBSize

4 Cookies

0 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

4 Cookies

Security Headers

Indicators

pandemiabanrote.hr-communication.com Open in urlscan Pro
100.24.100.138 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

21 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

573 kB
Transfer

940 kB
Size

4
Cookies

14 HTTP transactions
0 data transactions