www.varian.com
151.101.38.133

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.hr-internal.co/Compensation/800e9345c0?l=10
Effective URL:
https://www.varian.com/you-have-been-phished-vit
Submission: On June 25 via manual (June 25th 2019, 8:15:27 am UTC) from SG

Summary HTTP 117 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 25 IPs in 5 countries across 24 domains to perform 117 HTTP transactions. The main IP is 151.101.38.133, located in Amsterdam, Netherlands and belongs to FASTLY - Fastly, US. The main domain is www.varian.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on October 2nd 2018. Valid for: a year.

This is the only time www.varian.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
37	52.31.150.82 52.31.150.82	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
8	52.216.17.88 52.216.17.88	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a02:26f0:6c0... 2a02:26f0:6c00:19d::196	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.222.149.202 52.222.149.202	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:825::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
38	151.101.38.133 151.101.38.133	54113 (FASTLY) (FASTLY - Fastly)
2	2606:4700::68... 2606:4700::6813:c597	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
4	2a04:4e42::621 2a04:4e42::621	54113 (FASTLY) (FASTLY - Fastly)
1	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	2a00:1450:400... 2a00:1450:4001:820::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1	52.18.99.155 52.18.99.155	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2606:4700:20:... 2606:4700:20::6819:8a76	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	52.222.157.214 52.222.157.214	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a02:26f0:6c0... 2a02:26f0:6c00:28c::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	18.232.28.189 18.232.28.189	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	34.242.212.186 34.242.212.186	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 3	2a05:f500:11:... 2a05:f500:11:101::b93f:9005	14413 (LINKEDIN) (LINKEDIN - LinkedIn Corporation)
1 1	2a05:f500:11:... 2a05:f500:11:101::b93f:9001	14413 (LINKEDIN) (LINKEDIN - LinkedIn Corporation)
1	52.222.157.132 52.222.157.132	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 2	52.214.119.15 52.214.119.15	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	52.222.157.125 52.222.157.125	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	34.95.92.78 34.95.92.78	15169 (GOOGLE) (GOOGLE - Google LLC)
5	54.76.203.99 54.76.203.99	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	34.194.52.254 34.194.52.254	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	52.222.149.144 52.222.149.144	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	54.72.143.230 54.72.143.230	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
117	25

37 52.31.150.82 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com

www.hr-internal.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dataentry.eu.threatsim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.216.17.88 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1-w.amazonaws.com

tslp.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:19d::196 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

java.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.149.202 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-149-202.fra53.r.cloudfront.net

d2wy8f7a9ursnm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 151.101.38.133 (Amsterdam, Netherlands)

ASN54113 (FASTLY - Fastly, US)

www.varian.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:c597 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:4e42::621 (Ascension Island)

ASN54113 (FASTLY - Fastly, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.19.160 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

ajax.aspnetcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.99.155 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-18-99-155.eu-west-1.compute.amazonaws.com

consent.truste.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::6819:8a76 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

siteimproveanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.157.214 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-157-214.fra53.r.cloudfront.net

scripts.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:28c::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.232.28.189 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: pi0-lba1-6-ue1.aws.pardot.com

pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.242.212.186 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-242-212-186.eu-west-1.compute.amazonaws.com

w.usabilla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a05:f500:11:101::b93f:9005 (Ireland) 2 redirects

ASN14413 (LINKEDIN - LinkedIn Corporation, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:f500:11:101::b93f:9001 (Ireland) 1 redirects

ASN14413 (LINKEDIN - LinkedIn Corporation, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.157.132 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-157-132.fra53.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.214.119.15 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-214-119-15.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.157.125 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-157-125.fra53.r.cloudfront.net

segments.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.92.78 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 78.92.95.34.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.76.203.99 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-76-203-99.eu-west-1.compute.amazonaws.com

consent.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.194.52.254 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-194-52-254.compute-1.amazonaws.com

us2.siteimprove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.149.144 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-149-144.fra53.r.cloudfront.net

d6tizftlrpuof.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.143.230 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-72-143-230.eu-west-1.compute.amazonaws.com

consent-pref.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	varian.com www.varian.com	983 KB
33	threatsim.com dataentry.eu.threatsim.com	563 B
8	amazonaws.com tslp.s3.amazonaws.com	157 KB
6	trustarc.com consent.trustarc.com consent-pref.trustarc.com	23 KB
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com	2 KB
4	jsdelivr.net cdn.jsdelivr.net	50 KB
4	google-analytics.com www.google-analytics.com	18 KB
4	hr-internal.co www.hr-internal.co	10 KB
2	bidr.io 2 redirects match.prod.bidr.io	707 B
2	company-target.com api.company-target.com segments.company-target.com	2 KB
2	pardot.com pi.pardot.com	4 KB
2	cloudflare.com cdnjs.cloudflare.com	18 KB
2	cloudfront.net d2wy8f7a9ursnm.cloudfront.net d6tizftlrpuof.cloudfront.net	6 KB
1	siteimprove.com us2.siteimprove.com	406 B
1	rlcdn.com id.rlcdn.com	40 B
1	usabilla.com w.usabilla.com	10 KB
1	licdn.com snap.licdn.com	5 KB
1	demandbase.com scripts.demandbase.com	15 KB
1	siteimproveanalytics.com siteimproveanalytics.com	8 KB
1	truste.com consent.truste.com	2 KB
1	googletagmanager.com www.googletagmanager.com	25 KB
1	aspnetcdn.com ajax.aspnetcdn.com	32 KB
1	googleapis.com ajax.googleapis.com	33 KB
1	java.com java.com	18 KB
117	24

	Domain	Requested by
38	www.varian.com	www.hr-internal.co www.varian.com ajax.aspnetcdn.com
33	dataentry.eu.threatsim.com	ajax.googleapis.com www.hr-internal.co
8	tslp.s3.amazonaws.com	www.hr-internal.co
5	consent.trustarc.com	consent.truste.com
4	cdn.jsdelivr.net	www.varian.com ajax.aspnetcdn.com
4	www.google-analytics.com	www.hr-internal.co www.varian.com
4	www.hr-internal.co	www.hr-internal.co
3	px.ads.linkedin.com	2 redirects
2	match.prod.bidr.io	2 redirects
2	pi.pardot.com	www.varian.com pi.pardot.com
2	cdnjs.cloudflare.com	www.varian.com
1	consent-pref.trustarc.com	consent.trustarc.com
1	d6tizftlrpuof.cloudfront.net	www.varian.com
1	us2.siteimprove.com
1	id.rlcdn.com
1	segments.company-target.com
1	api.company-target.com	scripts.demandbase.com
1	www.linkedin.com	1 redirects
1	w.usabilla.com	www.varian.com
1	snap.licdn.com	www.varian.com
1	scripts.demandbase.com	www.varian.com
1	siteimproveanalytics.com	www.varian.com
1	consent.truste.com	www.varian.com
1	www.googletagmanager.com	www.varian.com
1	ajax.aspnetcdn.com	www.varian.com
1	ajax.googleapis.com	www.hr-internal.co
1	d2wy8f7a9ursnm.cloudfront.net	www.hr-internal.co
1	java.com	www.hr-internal.co
117	28

This site contains links to these domains. Also see Links.

Domain
www.myvarian.com
patient.varian.com
investors.varian.com
medicalaffairs.varian.com
newsroom.varian.com
www.linkedin.com
twitter.com
www.facebook.com
teamup.varian.com
www.wssfn-congress.org

Subject Issuer	Validity	Valid
	`1970-01-01` - `1970-01-01`	a few seconds	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2018-11-07` - `2020-02-07`	a year	crt.sh
www.java.com DigiCert ECC Extended Validation Server CA	`2018-02-21` - `2020-02-21`	2 years	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-06-11` - `2019-09-03`	3 months	crt.sh
*.eu.threatsim.com COMODO RSA Domain Validation Secure Server CA	`2018-01-07` - `2020-01-07`	2 years	crt.sh
varian.com DigiCert SHA2 Secure Server CA	`2018-10-02` - `2019-10-03`	a year	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-03-02` - `2019-09-08`	6 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-05-29` - `2020-04-23`	a year	crt.sh
*.vo.msecnd.net Microsoft IT TLS CA 2	`2018-03-30` - `2020-03-30`	2 years	crt.sh
*.truste.com Go Daddy Secure Certificate Authority - G2	`2018-01-26` - `2021-03-06`	3 years	crt.sh
ssl379359.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-05-27` - `2019-12-03`	6 months	crt.sh
*.demandbase.com Go Daddy Secure Certificate Authority - G2	`2018-09-20` - `2020-11-19`	2 years	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
*.pardot.com DigiCert SHA2 Secure Server CA	`2019-01-21` - `2020-01-22`	a year	crt.sh
w.usabilla.com Amazon	`2019-05-08` - `2020-06-08`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2019-05-29` - `2021-06-29`	2 years	crt.sh
*.company-target.com Go Daddy Secure Certificate Authority - G2	`2017-08-18` - `2019-08-18`	2 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-04-24` - `2020-04-23`	a year	crt.sh
*.trustarc.com Go Daddy Secure Certificate Authority - G2	`2017-07-18` - `2020-07-17`	3 years	crt.sh
*.siteimprove.com DigiCert SHA2 Secure Server CA	`2018-01-03` - `2020-03-11`	2 years	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2018-10-08` - `2019-10-09`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.varian.com/you-have-been-phished-vit
Frame ID: 15623CAF13FBAA19B31BB8491FCF9A11
Requests: 114 HTTP requests in this frame

Frame: https://w.usabilla.com/43d051c3eef2.js?lv=1
Frame ID: 49ACA40C5A0BC470B70F268E7AADAA5C
Requests: 1 HTTP requests in this frame

Frame: https://d6tizftlrpuof.cloudfront.net/themes/production/varian-medical-systems-button-3714f7c9eb6a13e2258af0815eeb493a.png
Frame ID: ED80C8D11E00527D0E23FED25A659DEE
Requests: 1 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/?type=varian&site=varian.com&action=notice&country=de&locale=en&behavior=expressed&layout=default_eu&from=https://consent.trustarc.com/
Frame ID: F5B6D5DF2C729D6AF47D1AAC47F30B3C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.hr-internal.co/Compensation/800e9345c0?l=10 Page URL
https://www.varian.com/you-have-been-phished-vit Page URL

Detected technologies

Drupal (CMS) Expand

Overall confidence: 100%
Detected patterns

script /drupal\.js/i
meta generator /^Drupal(?:\s([\d.]+))?/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

script /drupal\.js/i
meta generator /^Drupal(?:\s([\d.]+))?/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Apache Traffic Server (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /ATS\/?([\d.]+)?/i

Lightbox (JavaScript Libraries) Expand

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

117
Requests

95 %
HTTPS

37 %
IPv6

24
Domains

28
Subdomains

25
IPs

5
Countries

1418 kB
Transfer

2757 kB
Size

0
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://www.myvarian.com/s/webinars
Title: Webinars

Search URL Search Domain Scan URL

URL: https://patient.varian.com/
Title: For Patients

Search URL Search Domain Scan URL

URL: http://investors.varian.com/
Title: Investors

Search URL Search Domain Scan URL

URL: http://investors.varian.com/index.php?s=120
Title: Annual Reports

Search URL Search Domain Scan URL

URL: http://investors.varian.com/index.php?s=122
Title: Stock Information

Search URL Search Domain Scan URL

URL: http://investors.varian.com/presentations
Title: Presentations

Search URL Search Domain Scan URL

URL: http://investors.varian.com/index.php?s=19
Title: News & Events

Search URL Search Domain Scan URL

URL: http://investors.varian.com/index.php?s=64
Title: Corporate Governance

Search URL Search Domain Scan URL

URL: http://investors.varian.com/ShareholderServices
Title: Shareholder Services

Search URL Search Domain Scan URL

URL: http://investors.varian.com/index.php?s=11
Title: Investor Contacts

Search URL Search Domain Scan URL

URL: http://medicalaffairs.varian.com/
Title: Medical Affairs

Search URL Search Domain Scan URL

URL: http://newsroom.varian.com/pressreleases
Title: Press Releases

Search URL Search Domain Scan URL

URL: http://newsroom.varian.com/index.php?s=31899
Title: Image Gallery

Search URL Search Domain Scan URL

URL: https://www.myvarian.com/
Title: MyVarian

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?title=You%20have%20been%20phished%20by%20VIT!%20Varian%20Medical%20Systems&url=https://www.varian.com/you-have-been-phished-vit

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=You%20have%20been%20phished%20by%20VIT!%20Varian%20Medical%20Systems%20https://www.varian.com/you-have-been-phished-vit

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.varian.com/you-have-been-phished-vit&p[title]=You%20have%20been%20phished%20by%20VIT!%20Varian%20Medical%20Systems&display=popup

Search URL Search Domain Scan URL

URL: https://teamup.varian.com/sites/forms/SitePages/Security%20Incident.aspx
Title: Report Information Incident

Search URL Search Domain Scan URL

URL: https://www.wssfn-congress.org/2019/Pages/default.aspx
Title: 18th Biennial Meeting of the World Society for Stereotactic & Functional Surgery

Search URL Search Domain Scan URL

URL: https://www.facebook.com/VarianMedicalSystems

Search URL Search Domain Scan URL

URL: https://twitter.com/VarianMedSys

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/company/varian-medical-systems

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.hr-internal.co/Compensation/800e9345c0?l=10 Page URL
https://www.varian.com/you-have-been-phished-vit Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 48

http://www.google-analytics.com/r/collect?v=1&_v=j76&a=1291335536&t=pageview&_s=1&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2F800e9345c0%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1217687453&gjid=2094604528&cid=909832172.1561450529&tid=UA-83403-17&_gid=1122588473.1561450529&_r=1&z=1923579710 HTTP 307
https://www.google-analytics.com/r/collect?v=1&_v=j76&a=1291335536&t=pageview&_s=1&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2F800e9345c0%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1217687453&gjid=2094604528&cid=909832172.1561450529&tid=UA-83403-17&_gid=1122588473.1561450529&_r=1&z=1923579710

Request Chain 49

http://www.google-analytics.com/collect?v=1&_v=j76&a=1291335536&t=pageview&_s=2&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2F800e9345c0%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=&gjid=&cid=909832172.1561450529&uid=800e9345c0&tid=UA-83403-17&_gid=1122588473.1561450529&z=1000928449 HTTP 307
https://www.google-analytics.com/collect?v=1&_v=j76&a=1291335536&t=pageview&_s=2&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2F800e9345c0%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=&gjid=&cid=909832172.1561450529&uid=800e9345c0&tid=UA-83403-17&_gid=1122588473.1561450529&z=1000928449

Request Chain 103

https://px.ads.linkedin.com/collect/?time=1561450532158&pid=942233&url=https%3A%2F%2Fwww.varian.com%2Fyou-have-been-phished-vit&fmt=js&s=1 HTTP 302
https://px.ads.linkedin.com/collect/?time=1561450532158&pid=942233&url=https%3A%2F%2Fwww.varian.com%2Fyou-have-been-phished-vit&fmt=js&s=1&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%2F%3Ftime%3D1561450532158%26pid%3D942233%26url%3Dhttps%253A%252F%252Fwww.varian.com%252Fyou-have-been-phished-vit%26fmt%3Djs%26s%3D1%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect/?time=1561450532158&pid=942233&url=https%3A%2F%2Fwww.varian.com%2Fyou-have-been-phished-vit&fmt=js&s=1&cookiesTest=true&liSync=true

Request Chain 105

https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
https://segments.company-target.com/log?vendor=choca&user_id=AACnAE66I7AAABdZKq7YAg

117 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set 800e9345c0 Show response
www.hr-internal.co/Compensation/ 4 KB
2 KB 96ms
43ms Document
text/html 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

http://www.hr-internal.co/Compensation/800e9345c0?l=10

Protocol

HTTP/1.1

Server

52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-31-150-82.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

83d9d25db58445a39ce1bcc25bc76238d134d4dbe32df02af66dea9942794712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: www.hr-internal.co
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 25 Jun 2019 08:15:27 GMT
ETag: W/"56bc86fa7a03eb57f0bcbbee050d57f4"
Server: ThreatSim-Web-Server
Set-Cookie: EXFILGUID=800e9345c0; path=/ link_clicked_800e9345c0=1; path=/
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Host-Info: lw-prd-eu-i-0e94783aa8879f99b ; b5f9df22b132fa3c0285bdf01cdd13effa33f984
X-Request-Id: 81aa96ed-e1f3-4c3b-bedb-320f5d0ef756
X-Runtime: 0.009238
X-XSS-Protection: 1; mode=block
Content-Length: 950
Connection: keep-alive

GET
H/1.1 200
OK alt_pixel_click_800e9345c0.gif
www.hr-internal.co/ 0
652 B 75ms
38ms Image
image/gif 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.hr-internal.co:49152/alt_pixel_click_800e9345c0.gif?correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08

Requested by

Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10

Protocol

HTTP/1.1

Security

, ,

Server

52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-31-150-82.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime: 0.008306
Date: Tue, 25 Jun 2019 08:15:28 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-eu-i-073776b9e669c622a, ; b5f9df22b132fa3c0285bdf01cdd13effa33f984
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 20
X-XSS-Protection: 1; mode=block
X-Request-Id: fd315a51-ccc7-4565-b992-11b10b942b77

GET
H/1.1 200
OK plugin_detect.js Show response
tslp.s3.amazonaws.com/detect/ 49 KB
49 KB 425ms
110ms Script
text/javascript 52.216.17.88
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/plugin_detect.js?guid=800e9345c0&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.17.88 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4bab432979d731f8264bcd9d40422ca7dfcfcb0e0e703288db78bbfa555f853a

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 25 Jun 2019 08:15:29 GMT
Last-Modified: Wed, 15 Feb 2017 17:56:07 GMT
Server: AmazonS3
x-amz-request-id: CFE4317BF8C80FC4
ETag: "00a513f07603df01e3b99be00f370754"
Content-Type: text/javascript
Content-Length: 50085
Accept-Ranges: bytes
x-amz-version-id: null
x-amz-id-2: hc7N6eetZDe0ui7J5vVeWe3xQDVdvlEadKIY89Np4hsXRxaUAyq0mePibG62B1wfMefWstIuaq8=

GET
H/1.1 200
OK java.js Show response
tslp.s3.amazonaws.com/detect/ 50 KB
50 KB 426ms
111ms Script
text/javascript 52.216.17.88
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/java.js?guid=800e9345c0&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.17.88 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4805fc6abdad8075af2165e241b781c3073d4769ae725e4004bf79064acb5f24

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 25 Jun 2019 08:15:29 GMT
Last-Modified: Wed, 15 Feb 2017 14:38:28 GMT
Server: AmazonS3
x-amz-request-id: 1E6FF6AB97AC16A9
ETag: "2bec0061039dc3fb25fc20aaf611d5b9"
Content-Type: text/javascript
Content-Length: 50717
Accept-Ranges: bytes
x-amz-version-id: null
x-amz-id-2: jvBpYbTsNbt52xtO/iNrI2c5B1OR8GsXpu5rKoJRUN3byvyC6espDz+StQtyDp/AOqlqeF7KqLY=

GET
H2 200 deployJava.js Show response
java.com/js/ 18 KB
18 KB 99ms
13ms Script
application/javascript 2a02:26f0:6c00:19d::196
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://java.com/js/deployJava.js

Requested by

Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:19d::196 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Oracle-HTTP-Server /

Resource Hash

358bb442f5d81ddc8e393d922458a9d84010efee2c346763ae87a45be92224d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:28 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename=deployJava.js;filename*=UTF-8''deployJava.js
server-timing: cdn-cache; desc=HIT, edge; dur=0
content-length: 18444
x-xss-protection: 1
mdt-type: abinary;charset=UTF-8
last-modified: Fri, 07 Jul 2017 23:29:07 GMT
server: Oracle-HTTP-Server
x-frame-options: SAMEORIGIN
x-oracle-dms-ecid: 005Kza_yrKd9Tcw70Fm3UF0003QU009rYR
content-type: application/javascript
expires: Wed, 26 Jun 2019 08:15:28 GMT
cache-control: max-age=86400
x-oracle-dms-rid: 0:1

GET
H/1.1 200
OK flash.js Show response
tslp.s3.amazonaws.com/detect/ 7 KB
7 KB 431ms
116ms Script
text/javascript 52.216.17.88
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/flash.js?guid=800e9345c0&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.17.88 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: a26d01d5912459798481786640dc44fd7605d09f2f9e6dd24720205efcab6861

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 25 Jun 2019 08:15:29 GMT
Last-Modified: Wed, 15 Feb 2017 03:54:01 GMT
Server: AmazonS3
x-amz-request-id: ED819856FF73529E
ETag: "f9ad9a096894ba248e4a1f73e7eba1be"
Content-Type: text/javascript
Content-Length: 6680
Accept-Ranges: bytes
x-amz-version-id: null
x-amz-id-2: PaheYXDKv3VRsJTmnYLppzhJXoPfVrqIOyISCfyI2oDewdlJpwISWEKhuxlGzqosDhkw+j4ZS3w=

GET
H/1.1 200
OK pdf.js Show response
tslp.s3.amazonaws.com/detect/ 22 KB
23 KB 431ms
113ms Script
text/javascript 52.216.17.88
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/pdf.js?guid=800e9345c0&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.17.88 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d9b7c6163477008469af64b211e2dbd4f4171b85b51e3714f11c99f9ba2c32f9

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 25 Jun 2019 08:15:29 GMT
Last-Modified: Wed, 15 Feb 2017 14:39:34 GMT
Server: AmazonS3
x-amz-request-id: 67C8C156B8F9C582
ETag: "0d5882d41c8b6e40059c8d9acbcf1518"
Content-Type: text/javascript
Content-Length: 22855
Accept-Ranges: bytes
x-amz-version-id: null
x-amz-id-2: LGCLaV9DVEkFnWqTrFV5a0ABq0CRndCFG1ZA+NZJ5sktzrIbC5N+dCVS8fEUk46ua7fCHc7GznE=

GET
H/1.1 200
OK quicktime.js Show response
tslp.s3.amazonaws.com/detect/ 7 KB
7 KB 433ms
115ms Script
text/javascript 52.216.17.88
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/quicktime.js?guid=800e9345c0&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.17.88 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6ae53963f41133561c78b4332b564c01f551c471cd91d980436a9f5dacdd8f19

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 25 Jun 2019 08:15:29 GMT
Last-Modified: Wed, 15 Feb 2017 14:41:05 GMT
Server: AmazonS3
x-amz-request-id: 0E5CE51CEB7DD7B7
ETag: "ee73f2f47d51116dc40b85a6b57eaf20"
Content-Type: text/javascript
Content-Length: 6999
Accept-Ranges: bytes
x-amz-version-id: null
x-amz-id-2: at4ArWicDk1QFQpVmXx45J/3dvtgS+g2KfkySHsCZaCl4JFDzC8KfPaTwbIq4YnW9ZTc0/iosqk=

GET
H/1.1 200
OK realplayer.js Show response
tslp.s3.amazonaws.com/detect/ 10 KB
10 KB 434ms
115ms Script
text/javascript 52.216.17.88
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/realplayer.js?guid=800e9345c0&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.17.88 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 88be902cc76b5ec1ec932b6ae93457b6b0ca69d7a36bfadefc2f24db225dc238

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 25 Jun 2019 08:15:29 GMT
Last-Modified: Wed, 15 Feb 2017 14:45:02 GMT
Server: AmazonS3
x-amz-request-id: 623FAAD297377521
ETag: "3d7be656672c16a34806c13388410325"
Content-Type: text/javascript
Content-Length: 9775
Accept-Ranges: bytes
x-amz-version-id: null
x-amz-id-2: rDzS86nxWxwvDNtepl/yBDA/2yK0XBY8AFtnJXX0N8tYushtV/1mcZ3tb49DFPY2hf+7oVhI+kc=

GET
H/1.1 200
OK silverlight.js Show response
tslp.s3.amazonaws.com/detect/ 4 KB
5 KB 108ms
99ms Script
text/javascript 52.216.17.88
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/silverlight.js?guid=800e9345c0&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.17.88 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0730a7e6770925fa4232096e4d9874514985ec791a63fe873f0e4e3cd7722381

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 25 Jun 2019 08:15:29 GMT
Last-Modified: Wed, 15 Feb 2017 18:00:03 GMT
Server: AmazonS3
x-amz-request-id: 36C1F92A387F76C3
ETag: "e6dd596d2bc204ea573b868b92028c26"
Content-Type: text/javascript
Content-Length: 4234
Accept-Ranges: bytes
x-amz-version-id: null
x-amz-id-2: Fnd/4MNePZ0o8kcp4IccudA1U1+ckM7XbrH56RDI7agFwytOtNYIll5uolbKJY1eH7dUQbUpGZg=

GET
H/1.1 200
OK wmp.js Show response
tslp.s3.amazonaws.com/detect/ 6 KB
6 KB 112ms
104ms Script
text/javascript 52.216.17.88
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://tslp.s3.amazonaws.com/detect/wmp.js?guid=800e9345c0&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.17.88 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: cdb16ca3ddd3cead71121799751fa80d3033375abcdbc5fc84d35fb82c7fc9de

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 25 Jun 2019 08:15:29 GMT
Last-Modified: Wed, 15 Feb 2017 15:07:14 GMT
Server: AmazonS3
x-amz-request-id: 52C66EA7266823C8
ETag: "ffd2cc77bb64d40beeb5d561fffe1f79"
Content-Type: text/javascript
Content-Length: 5941
Accept-Ranges: bytes
x-amz-version-id: null
x-amz-id-2: q+Hl6lXQ/dHl76pk7R7eb173/5R8HOoLUkp6qPchIyS7zAlXvlyYTz6Vs0gAZPqKQ5hA3ouu1CE=

GET
H/1.1 200
OK bugsnag-2.min.js Show response
d2wy8f7a9ursnm.cloudfront.net/ 6 KB
3 KB 86ms
7ms Script
application/javascript 52.222.149.202
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: , ,
Server: 52.222.149.202 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-149-202.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 02 Jun 2019 00:52:04 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Aug 2016 00:30:49 GMT
Server: AmazonS3
Age: 199185
ETag: "6103bb5e4ec6141e19e1100caafc780c"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 59574f77a7cf2d23d64904db278e5711.cloudfront.net (CloudFront)
Cache-Control: public, max-age=604800
X-Amz-Cf-Pop: FRA53
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2962
X-Amz-Cf-Id: A5P3DgfjYOPzjfKApsEo2c-xRDM1VXyQ_aUHOhcFNf3-zjUxmZBTmw==

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ 90 KB
33 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:825::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

Requested by

Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10

Protocol

HTTP/1.1

Security

, ,

Server

2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 19 Jun 2019 18:27:49 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
Server: sffe
Age: 481659
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 33018
X-XSS-Protection: 0
Expires: Thu, 18 Jun 2020 18:27:49 GMT

GET
H/1.1 200
OK google-tracking.js Show response
www.hr-internal.co/assets/ 455 B
707 B 35ms
30ms Script
application/javascript 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://www.hr-internal.co/assets/google-tracking.js?g=800e9345c0
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: , ,
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: fce517e48a56b76d45fd456264b90c82aa6e9ddb578f9f36d844ace5816d9841

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 25 Jun 2019 08:15:28 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 May 2019 16:12:27 GMT
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Content-Length: 316
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK all.js Show response
www.hr-internal.co/assets/ 28 KB
7 KB 73ms
34ms Script
application/javascript 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://www.hr-internal.co/assets/all.js?g=800e9345c0
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: , ,
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: fc3a60612727fc66e47e47d4de4b1d4e5d46021f8d779ee1e9880a1ebf508359

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 25 Jun 2019 08:15:28 GMT
Content-Encoding: gzip
Last-Modified: Fri, 10 May 2019 14:17:35 GMT
Server: ThreatSim-Web-Server
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Content-Length: 7152
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

43 KB
17 KB

6ms
6ms

Script
text/javascript

2a00:1450:4001:809::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 21 May 2019 23:53:44 GMT
server: Golfe2
age: 5302
date: Tue, 25 Jun 2019 06:47:07 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 17595
expires: Tue, 25 Jun 2019 08:47:07 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

POST
H/1.1 200
OK browser_post Show response
dataentry.eu.threatsim.com/secure/ 0
563 B 220ms
38ms XHR
image/gif 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://dataentry.eu.threatsim.com/secure/browser_post

Requested by

Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-31-150-82.eu-west-1.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Origin: http://www.hr-internal.co
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

X-Runtime: 0.006455
Date: Tue, 25 Jun 2019 08:15:29 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ThreatSim-Web-Server
X-Host-Info: lw-prd-eu-i-0e94783aa8879f99b, ; b5f9df22b132fa3c0285bdf01cdd13effa33f984
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 20
X-XSS-Protection: 1; mode=block
X-Request-Id: 9c7838f5-5eea-4135-81d3-1440b22cadd6

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 183ms
32ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=BrowserDetect%20-%20localStorage%20%3D%20false&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 192ms
43ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 193ms
38ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 195ms
39ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=BrowserDetect%20-%20browser%20%3D%20Chrome&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 245ms
45ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=BrowserDetect%20-%20browser_version%20%3D%2074&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 39ms
37ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 44ms
41ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=BrowserDetect%20-%20os_version%20%3D%2010.14.5&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 41ms
38ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 34ms
31ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 70ms
30ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=BrowserDetect%20-%20width%20%3D%201600&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 45ms
36ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=BrowserDetect%20-%20height%20%3D%201200&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 39ms
32ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=Chrome%20browser%2C%20using%20more%20detailed%20version&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 36ms
30ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 39ms
33ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=java_version_pl%20%3D%20unknown&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 56ms
31ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 32ms
30ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=java_version_jres%20%3D%20unknown&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 42ms
38ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=java_version%20%3D%20undefined&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 34ms
31ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=Loading%20flash%20version&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 38ms
36ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=flash%20%3D%20unknown&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 37ms
35ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=Loading%20pdf%20version&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 33ms
32ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=Could%20not%20find%20AdobeReader%20version&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 38ms
32ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=pdf%20%3D%20unknown&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 43ms
40ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=Loading%20quicktime%20version&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 36ms
34ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=quicktime%20%3D%20unknown&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 36ms
33ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=Loading%20RealPlayer%20version&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 37ms
34ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=realplayer%20%3D%20unknown&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 52ms
51ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=Loading%20Silverlight%20version&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 43ms
35ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=silverlight%20%3D%20unknown&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 59ms
31ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 67ms
40ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=wmp%20%3D%20unknown&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 68ms
41ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=redirecting%20to%20https%3A%2F%2Fwww.varian.com%2Fyou-have-been-phished-vit&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H2

200

collect
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/collect?v=1&_v=j76&a=1291335536&t=pageview&_s=1&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2F800e9345c0%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp...
https://www.google-analytics.com/r/collect?v=1&_v=j76&a=1291335536&t=pageview&_s=1&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2F800e9345c0%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&v...

35 B
111 B

16ms
15ms

Image
image/gif

2a00:1450:4001:809::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j76&a=1291335536&t=pageview&_s=1&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2F800e9345c0%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1217687453&gjid=2094604528&cid=909832172.1561450529&tid=UA-83403-17&_gid=1122588473.1561450529&_r=1&z=1923579710

Requested by

Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jun 2019 08:15:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/collect?v=1&_v=j76&a=1291335536&t=pageview&_s=1&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2F800e9345c0%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1217687453&gjid=2094604528&cid=909832172.1561450529&tid=UA-83403-17&_gid=1122588473.1561450529&_r=1&z=1923579710
Non-Authoritative-Reason: HSTS

GET
H2

200

collect
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/collect?v=1&_v=j76&a=1291335536&t=pageview&_s=2&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2F800e9345c0%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1...
https://www.google-analytics.com/collect?v=1&_v=j76&a=1291335536&t=pageview&_s=2&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2F800e9345c0%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=...

35 B
108 B

6ms
6ms

Image
image/gif

2a00:1450:4001:809::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j76&a=1291335536&t=pageview&_s=2&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2F800e9345c0%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=&gjid=&cid=909832172.1561450529&uid=800e9345c0&tid=UA-83403-17&_gid=1122588473.1561450529&z=1000928449

Requested by

Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jun 2019 00:00:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 980126
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/collect?v=1&_v=j76&a=1291335536&t=pageview&_s=2&dl=http%3A%2F%2Fwww.hr-internal.co%2FCompensation%2F800e9345c0%3Fl%3D10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=&gjid=&cid=909832172.1561450529&uid=800e9345c0&tid=UA-83403-17&_gid=1122588473.1561450529&z=1000928449
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK trace
dataentry.eu.threatsim.com/ 0
0 43ms
42ms Image
text/plain 52.31.150.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dataentry.eu.threatsim.com/trace?id=800e9345c0&msg=browser_post_successful&correlation_id=23c6d9ec-7c6b-4d28-8733-4977cb679a08
Requested by: Host: www.hr-internal.co
URL: http://www.hr-internal.co/Compensation/800e9345c0?l=10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.150.82 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-150-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

GET
H2 200 Primary Request you-have-been-phished-vit Show response
www.varian.com/ 91 KB
15 KB 171ms
96ms Document
text/html 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/you-have-been-phished-vit

Requested by

Host: www.hr-internal.co
URL: http://www.hr-internal.co/assets/all.js?g=800e9345c0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

ecdc18734af595c6a1ef67d15cf3f83ee490025a0bc25e60217f4f0edf6f3d8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=900
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.varian.com
:scheme: https
:path: /you-have-been-phished-vit
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.hr-internal.co/Compensation/800e9345c0?l=10

Response headers

status: 200
cache-control: public, max-age=10800
content-encoding: gzip
content-language: en
content-type: text/html; charset=utf-8
etag: "1561442727-1"
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Tue, 25 Jun 2019 06:05:27 GMT
link: <https://www.varian.com/you-have-been-phished-vit>; rel="canonical",<https://www.varian.com/node/71371>; rel="shortlink"
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-drupal-cache: HIT
x-frame-options: SAMEORIGIN
x-generator: Drupal 7 (https://www.drupal.org)
x-platform-server: i-05e86949aa238c1c7
x-request-id: xbg76istkjnv2tyiggfdwbdu
via: 1.1 varnish 1.1 varnish
accept-ranges: bytes
date: Tue, 25 Jun 2019 08:15:30 GMT
age: 7637
x-served-by: cache-iad2137-IAD, cache-ams21030-AMS
x-cache: HIT, HIT
x-cache-hits: 6, 1
vary: Cookie, Accept-Encoding
strict-transport-security: max-age=900
content-length: 15120

GET
H2 200 css_lQaZfjVpwP_oGNqdtWCSpJT1EMqXdMiU84ekLLxQnc4.css
www.varian.com/sites/default/files/css/ 3 KB
1 KB 29ms
27ms Stylesheet
text/css 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/default/files/css/css_lQaZfjVpwP_oGNqdtWCSpJT1EMqXdMiU84ekLLxQnc4.css

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

9506997e3569c0ffe818da9db56092a494f510ca9774c894f387a42cbc509dce

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
content-encoding: gzip
x-platform-server: i-0a340618b900f1e59
age: 1159657
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 3
strict-transport-security: max-age=900
content-length: 1046
x-request-id: ykmwxcedppbvmoqoazcbnpu3
x-served-by: cache-iad2128-IAD, cache-ams21030-AMS
last-modified: Tue, 14 May 2019 08:05:03 GMT
etag: "5cda76af-416"
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=1209600
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Thu, 30 May 2019 09:49:03 GMT

GET
H2 200 css_agZGe2JJulOVesmAwsRiWw4h7p0nQU4coTnkS_WQtRA.css
www.varian.com/sites/default/files/css/ 18 KB
4 KB 28ms
27ms Stylesheet
text/css 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/default/files/css/css_agZGe2JJulOVesmAwsRiWw4h7p0nQU4coTnkS_WQtRA.css

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

6a06467b6249ba53957ac980c2c4625b0e21ee9d27414e1ca139e44bf590b510

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
content-encoding: gzip
x-platform-server: i-0a340618b900f1e59
age: 1111094
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 2
strict-transport-security: max-age=900
content-length: 3996
x-request-id: gjq2pkg5gvcxkuck3lz33xyo
x-served-by: cache-iad2141-IAD, cache-ams21030-AMS
last-modified: Tue, 14 May 2019 08:05:03 GMT
etag: "5cda76af-f9c"
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=1209600
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Wed, 12 Jun 2019 11:37:05 GMT

GET
H2 200 css_5-ZSonHe8e0CRCx-HUUuCfzkovcWJdGFxPtiOU5-83I.css
www.varian.com/sites/default/files/css/ 5 KB
2 KB 27ms
26ms Stylesheet
text/css 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/default/files/css/css_5-ZSonHe8e0CRCx-HUUuCfzkovcWJdGFxPtiOU5-83I.css

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

e7e652a271def1ed02442c7e1d452e09fce4a2f71625d185c4fb62394e7ef372

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
content-encoding: gzip
x-platform-server: i-0a340618b900f1e59
age: 407368
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 2
strict-transport-security: max-age=900
content-length: 1508
x-request-id: wojzw5gi44u42w4zenmezl7w
x-served-by: cache-iad2131-IAD, cache-ams21030-AMS
last-modified: Thu, 13 Jun 2019 08:38:38 GMT
etag: "5d020b8e-5e4"
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=1209600
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Thu, 04 Jul 2019 15:06:01 GMT

GET
H2 200 jquery.qtip.min.css
cdnjs.cloudflare.com/ajax/libs/qtip2/2.2.1/ 9 KB
2 KB 25ms
22ms Stylesheet
text/css 2606:4700::6813:c597
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/qtip2/2.2.1/jquery.qtip.min.css

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c597 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1132573cc6851509b093bbc0ae558a50adcfaffb3ce09df37e25c2f373e2db18

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
content-encoding: br
cf-cache-status: HIT
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:25:16 GMT
server: cloudflare
etag: W/"5afd4a7c-240a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Sun, 14 Jun 2020 08:15:30 GMT
cache-control: public, max-age=30672000
cf-ray: 4ec57e7609b796ce-FRA
served-in-seconds: 0.035

GET
H2 200 css_LqzqgCscQm_7Ncub_pT57LHyUKa_IBGUCayp2f3XkVI.css
www.varian.com/sites/default/files/css/ 687 B
521 B 26ms
24ms Stylesheet
text/css 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/default/files/css/css_LqzqgCscQm_7Ncub_pT57LHyUKa_IBGUCayp2f3XkVI.css

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

2eacea802b1c426ffb35cb9bfe94f9ecb1f250a6bf20119409aca9d9fdd79152

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
content-encoding: gzip
x-platform-server: i-05e86949aa238c1c7
age: 407368
x-cache: HIT, HIT
status: 200
x-cache-hits: 6, 702
strict-transport-security: max-age=900
content-length: 324
x-request-id: yz4wukdes353e4sx4a6yfg7f
x-served-by: cache-iad2145-IAD, cache-ams21030-AMS
last-modified: Thu, 13 Jun 2019 08:38:38 GMT
etag: "5d020b8e-144"
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=1209600
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Thu, 04 Jul 2019 15:06:01 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/bootstrap/3.3.7/css/ 118 KB
19 KB 8ms
5ms Stylesheet
text/css 2a04:4e42::621
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
status: 200
date: Tue, 25 Jun 2019 08:15:30 GMT
content-length: 19740
x-served-by: cache-ams21036-AMS, cache-fra19154-FRA
etag: W/"1d970-ZSfYvz4ek2i6uMe2D1a8Afo6/Wg"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 drupal-bootstrap.min.css
cdn.jsdelivr.net/npm/@unicorn-fail/drupal-bootstrap-styles@0.0.2/dist/3.3.1/7.x-3.x/ 13 KB
3 KB 21ms
19ms Stylesheet
text/css 2a04:4e42::621
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@unicorn-fail/drupal-bootstrap-styles@0.0.2/dist/3.3.1/7.x-3.x/drupal-bootstrap.min.css

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

8df03bcf9f789b2985e22d3126245b64ea863898d6f45a9454fbb7a606773ab2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
status: 200
date: Tue, 25 Jun 2019 08:15:30 GMT
content-length: 3216
x-served-by: cache-ams21041-AMS, cache-fra19154-FRA
etag: W/"33c6-cJMaJha/fM38xNtzJuDgevbSnmI"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 css_4kxM8qSR0jRYY6en88u43RKWBhxGB4UH4FRe304plSs.css
www.varian.com/sites/default/files/css/ 675 KB
112 KB 28ms
24ms Stylesheet
text/css 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/default/files/css/css_4kxM8qSR0jRYY6en88u43RKWBhxGB4UH4FRe304plSs.css

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

e24c4cf2a491d2345863a7a7f3cbb8dd1296061c46078507e0545edf4e29952b

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
content-encoding: gzip
x-platform-server: i-05e86949aa238c1c7
age: 598486
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 2
strict-transport-security: max-age=900
content-length: 114267
x-request-id: usgcv7ari2qvwlw34htcyj4u
x-served-by: cache-iad2132-IAD, cache-ams21030-AMS
last-modified: Mon, 17 Jun 2019 15:44:00 GMT
etag: "5d07b540-1be5b"
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=1209600
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Tue, 02 Jul 2019 10:00:45 GMT

GET
H2 200 jquery-1.10.2.min.js Show response
ajax.aspnetcdn.com/ajax/jQuery/ 91 KB
32 KB 167ms
3ms Script
application/javascript 152.199.19.160
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.10.2.min.js

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.19.160 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECAcc (frc/8F47) /

Resource Hash

0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 32915
x-xss-protection: 1; mode=block
last-modified: Mon, 31 Oct 2016 23:10:49 GMT
server: ECAcc (frc/8F47)
etag: "80228f4cc33d21:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery-extend-3.4.0.js Show response
www.varian.com/misc/ 3 KB
2 KB 43ms
13ms Script
application/javascript 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/misc/jquery-extend-3.4.0.js?v=1.10.2

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

c54103ba57ee210ca55c052e70415402707548a4e6a68dd6efb3895019bee392

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
content-encoding: gzip
x-platform-server: i-0a340618b900f1e59
age: 149
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 2
strict-transport-security: max-age=900
content-length: 1416
x-request-id: uqkjyukueoiticskqexw3min
x-served-by: cache-iad2148-IAD, cache-ams21030-AMS
last-modified: Mon, 17 Jun 2019 15:43:02 GMT
etag: W/"5d07b506-d57"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Tue, 25 Jun 2019 01:45:09 GMT

GET
H2 200 jquery.once.js Show response
www.varian.com/misc/ 3 KB
1 KB 44ms
14ms Script
application/javascript 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/misc/jquery.once.js?v=1.2

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

1430f42c0d760ba8e05bb3762480502e541f654fec5739ee40625ab22dc38c4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
content-encoding: gzip
x-platform-server: i-05e86949aa238c1c7
age: 149
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 2
strict-transport-security: max-age=900
content-length: 1135
x-request-id: evvve7sgbkz5wl5iinkeieqi
x-served-by: cache-iad2120-IAD, cache-ams21030-AMS
last-modified: Mon, 17 Jun 2019 15:43:02 GMT
etag: W/"5d07b506-b9e"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Thu, 20 Jun 2019 22:36:27 GMT

GET
H2 200 drupal.js Show response
www.varian.com/misc/ 20 KB
8 KB 45ms
16ms Script
application/javascript 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/misc/drupal.js?ptn4wd

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

5968e6fd2bb447f04cfccd4629a337a9668e8ca1731bf03eefd2ed9840d9a43d

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
content-encoding: gzip
x-platform-server: i-0a340618b900f1e59
age: 240
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 2
strict-transport-security: max-age=900
content-length: 7891
x-request-id: x3oj4d7tcnd2zbs74yw3lmjx
x-served-by: cache-iad2128-IAD, cache-ams21030-AMS
last-modified: Mon, 17 Jun 2019 15:43:02 GMT
etag: W/"5d07b506-4efb"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Tue, 25 Jun 2019 06:10:05 GMT

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/bootstrap/3.3.7/js/ 36 KB
10 KB 39ms
4ms Script
application/javascript 2a04:4e42::621
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-cache: MISS, HIT
status: 200
date: Tue, 25 Jun 2019 08:15:30 GMT
content-length: 9832
x-served-by: cache-ams21048-AMS, cache-fra19154-FRA
etag: W/"90b5-QwpEPXSDD+m+Ju/KQx9EjBs3QPk"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 fancyfiledelete.js Show response
www.varian.com/sites/all/modules/contrib/fancy_file_delete/js/ 265 B
326 B 50ms
15ms Script
application/javascript 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/all/modules/contrib/fancy_file_delete/js/fancyfiledelete.js?ptn4wd

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

4690e8b7c7c1d07d0f3b8fd2e00231ac8ac67a7a821a0cde1cdee8fba89b870b

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
content-encoding: gzip
x-platform-server: i-05e86949aa238c1c7
age: 240
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 2
strict-transport-security: max-age=900
content-length: 193
x-request-id: jwjmhl6htxykopoic7ao47b4
x-served-by: cache-iad2131-IAD, cache-ams21030-AMS
last-modified: Mon, 17 Jun 2019 15:43:03 GMT
etag: W/"5d07b507-109"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Tue, 25 Jun 2019 06:10:07 GMT

GET
H2 200 fancybox.js Show response
www.varian.com/sites/all/modules/contrib/fancybox/ 1 KB
528 B 48ms
14ms Script
application/javascript 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/all/modules/contrib/fancybox/fancybox.js?ptn4wd

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

62baaba65b3849ef119a1a63b9ffa5cb188c99bc72a9c585650dfe00c6677160

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
content-encoding: gzip
x-platform-server: i-0a340618b900f1e59
age: 240
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 2
strict-transport-security: max-age=900
content-length: 403
x-request-id: 5ppp6xu5sp6jwmmvr73zwmwu
x-served-by: cache-iad2128-IAD, cache-ams21030-AMS
last-modified: Mon, 17 Jun 2019 15:43:03 GMT
etag: W/"5d07b507-454"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Tue, 25 Jun 2019 06:10:07 GMT

GET
H2 200 jquery.fancybox.pack.js Show response
www.varian.com/sites/all/libraries/fancybox/source/ 23 KB
10 KB 50ms
16ms Script
application/javascript 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/all/libraries/fancybox/source/jquery.fancybox.pack.js?ptn4wd

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
content-encoding: gzip
x-platform-server: i-05e86949aa238c1c7
age: 240
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 2
strict-transport-security: max-age=900
content-length: 9692
x-request-id: sa2im642tiacuoj4vhaez4er
x-served-by: cache-iad2133-IAD, cache-ams21030-AMS
last-modified: Mon, 17 Jun 2019 15:43:03 GMT
etag: W/"5d07b507-5a5f"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Tue, 25 Jun 2019 06:10:09 GMT

GET
H2 200 jquery.mousewheel-3.0.6.pack.js Show response
www.varian.com/sites/all/libraries/fancybox/lib/ 1 KB
882 B 48ms
15ms Script
application/javascript 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/all/libraries/fancybox/lib/jquery.mousewheel-3.0.6.pack.js?ptn4wd

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

687be205607d7985c36d90cacc8d60ef919a61bfc72c630cda50e90467b75879

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
content-encoding: gzip
x-platform-server: i-05e86949aa238c1c7
age: 240
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 2
strict-transport-security: max-age=900
content-length: 724
x-request-id: vnqwlzcxle75n6iank2pzusc
x-served-by: cache-iad2126-IAD, cache-ams21030-AMS
last-modified: Mon, 17 Jun 2019 15:43:03 GMT
etag: W/"5d07b507-568"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Tue, 25 Jun 2019 06:10:09 GMT

GET
H2 200 jquery.qtip.min.js Show response
cdnjs.cloudflare.com/ajax/libs/qtip2/2.2.1/ 43 KB
16 KB 110ms
77ms Script
application/javascript 2606:4700::6813:c597
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/qtip2/2.2.1/jquery.qtip.min.js

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c597 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

322afd5c4ad9ff1122d7eac8414a69ee716764bb097d44b7db9894bc70d4a726

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
content-encoding: br
cf-cache-status: HIT
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:25:16 GMT
server: cloudflare
etag: W/"5afd4a7c-ad08"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sun, 14 Jun 2020 08:15:30 GMT
cache-control: public, max-age=30672000
cf-ray: 4ec57e764a0996ce-FRA
served-in-seconds: 0.022

GET
H2 200 views-bootstrap-carousel.js Show response
www.varian.com/sites/all/modules/contrib/views_bootstrap/js/ 842 B
517 B 56ms
23ms Script
application/javascript 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/all/modules/contrib/views_bootstrap/js/views-bootstrap-carousel.js?ptn4wd

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

e5b51901312c47d085a0ec9880e52b73cd8cb8b1c2f0103bf66405a1325dbdd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
content-encoding: gzip
x-platform-server: i-0a340618b900f1e59
age: 240
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 2
strict-transport-security: max-age=900
content-length: 351
x-request-id: l4r6xquzjlv6vtx2itv6cdzt
x-served-by: cache-iad2147-IAD, cache-ams21030-AMS
last-modified: Mon, 17 Jun 2019 15:43:04 GMT
etag: W/"5d07b508-34a"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Tue, 25 Jun 2019 06:10:09 GMT

GET
H2 200 googleanalytics.js Show response
www.varian.com/sites/all/modules/contrib/google_analytics/ 6 KB
2 KB 53ms
20ms Script
application/javascript 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/all/modules/contrib/google_analytics/googleanalytics.js?ptn4wd

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

312d73c2d350568c141e8b4eb5b3a2eca40d64b56ecf50eb80e37a1f70e1fc2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
content-encoding: gzip
x-platform-server: i-05e86949aa238c1c7
age: 240
x-cache: MISS, HIT
status: 200
x-cache-hits: 0, 2
strict-transport-security: max-age=900
content-length: 2052
x-request-id: mrc24q5vjwhtc5m4zihjvok3
x-served-by: cache-iad2140-IAD, cache-ams21030-AMS
last-modified: Mon, 17 Jun 2019 15:43:03 GMT
etag: W/"5d07b507-1874"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Tue, 25 Jun 2019 07:49:23 GMT

GET
H2 200 qtip.js Show response
www.varian.com/sites/all/modules/contrib/qtip/js/ 2 KB
1007 B 53ms
20ms Script
application/javascript 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/all/modules/contrib/qtip/js/qtip.js?ptn4wd

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

2a6a8d7c39d6c358f0b98b7572a56dd1c37ce00a2f906d016aa1468e522f408a

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
content-encoding: gzip
x-platform-server: i-0a340618b900f1e59
age: 240
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 2
strict-transport-security: max-age=900
content-length: 863
x-request-id: 7qiarx562fb4pci63fswywdl
x-served-by: cache-iad2132-IAD, cache-ams21030-AMS
last-modified: Mon, 17 Jun 2019 15:43:03 GMT
etag: W/"5d07b507-8ce"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Tue, 25 Jun 2019 06:10:09 GMT

GET
H2 200 jquery.hoverIntent.js Show response
www.varian.com/sites/all/themes/varian_bootstrap/js/build/ 1 KB
789 B 62ms
30ms Script
application/javascript 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/all/themes/varian_bootstrap/js/build/jquery.hoverIntent.js?ptn4wd

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

d7a65482b04e0c1cec1e03112dc893864ad730fd473b37ce424f259193425fdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
content-encoding: gzip
x-platform-server: i-05e86949aa238c1c7
age: 240
x-cache: HIT, HIT
status: 200
x-cache-hits: 3, 2
strict-transport-security: max-age=900
content-length: 591
x-request-id: o2bgdsuygcc2fjnkdmftljln
x-served-by: cache-iad2139-IAD, cache-ams21030-AMS
last-modified: Mon, 17 Jun 2019 15:43:04 GMT
etag: W/"5d07b508-567"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Tue, 25 Jun 2019 06:10:09 GMT

GET
H2 200 jquery.lazyload.js Show response
www.varian.com/sites/all/themes/varian_bootstrap/js/build/ 3 KB
1 KB 62ms
30ms Script
application/javascript 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/all/themes/varian_bootstrap/js/build/jquery.lazyload.js?ptn4wd

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

9f3c3c551c86975bab0c70f0d3fe75d14b6496198636b6004423e0a1b5cef28a

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
content-encoding: gzip
x-platform-server: i-0a340618b900f1e59
age: 240
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 2
strict-transport-security: max-age=900
content-length: 1294
x-request-id: 6idan4zmwaudie3nhbsd7v2g
x-served-by: cache-iad2127-IAD, cache-ams21030-AMS
last-modified: Mon, 17 Jun 2019 15:43:04 GMT
etag: W/"5d07b508-cf8"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Tue, 25 Jun 2019 06:10:09 GMT

GET
H2 200 jquery.isonscreen.min.js Show response
www.varian.com/sites/all/themes/varian_bootstrap/js/build/ 451 B
448 B 62ms
31ms Script
application/javascript 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/all/themes/varian_bootstrap/js/build/jquery.isonscreen.min.js?ptn4wd

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

bd94d3ffc2629e2f302dcb3ca1aec5ea0e9a1d86cb2d2b2599712d89f065af0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
content-encoding: gzip
x-platform-server: i-0a340618b900f1e59
age: 240
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 2
strict-transport-security: max-age=900
content-length: 283
x-request-id: xbzcfq2csze4hxcskm54u5qc
x-served-by: cache-iad2151-IAD, cache-ams21030-AMS
last-modified: Mon, 17 Jun 2019 15:43:04 GMT
etag: W/"5d07b508-1c3"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Tue, 25 Jun 2019 06:10:09 GMT

GET
H2 200 ekko-lightbox.min.js Show response
www.varian.com/sites/all/themes/varian_bootstrap/js/build/ 14 KB
5 KB 55ms
24ms Script
application/javascript 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/all/themes/varian_bootstrap/js/build/ekko-lightbox.min.js?ptn4wd

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

5d644f1a2d803750758d828a83ac7418c1753001cd446e4fa39aee33f6d26483

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
content-encoding: gzip
x-platform-server: i-052edb9d6808215c1
age: 240
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 2
strict-transport-security: max-age=900
content-length: 4889
x-request-id: 5l3qwozyesxpfwvjilb2neih
x-served-by: cache-iad2150-IAD, cache-ams21030-AMS
last-modified: Mon, 17 Jun 2019 15:43:04 GMT
etag: W/"5d07b508-3934"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Tue, 25 Jun 2019 06:10:09 GMT

GET
H2 200 varian.js Show response
www.varian.com/sites/all/themes/varian_bootstrap/js/build/ 44 KB
13 KB 62ms
31ms Script
application/javascript 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/all/themes/varian_bootstrap/js/build/varian.js?ptn4wd

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

e388c79096e39a793cdf1dc4a442b29884ae1665e79970950f44744c6c674608

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
content-encoding: gzip
x-platform-server: i-05e86949aa238c1c7
age: 240
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 2
strict-transport-security: max-age=900
content-length: 13009
x-request-id: derrudmdv32cxgd6v2d6zm2q
x-served-by: cache-iad2129-IAD, cache-ams21030-AMS
last-modified: Mon, 17 Jun 2019 15:43:04 GMT
etag: W/"5d07b508-af0a"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Tue, 25 Jun 2019 06:10:09 GMT

GET
H2 200 logoWhiteSmall.png
www.varian.com/sites/all/themes/varian_bootstrap/images/ 20 KB
20 KB 60ms
30ms Image
image/png 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.varian.com/sites/all/themes/varian_bootstrap/images/logoWhiteSmall.png

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

393c82aadf1d1b263a352cd66d8385de31e711b745d01be8b0ab4e3aed30aafd

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
via: 1.1 varnish, 1.1 varnish
x-platform-server: i-0a340618b900f1e59
age: 281
x-cache: HIT, HIT
status: 200
content-length: 20386
x-request-id: czaoxwbxxnsorjytb3npvh22
x-served-by: cache-iad2130-IAD, cache-ams21030-AMS
last-modified: Mon, 17 Jun 2019 15:43:04 GMT
etag: "5d07b508-4fa2"
strict-transport-security: max-age=900
content-type: image/png
expires: Fri, 21 Jun 2019 22:26:58 GMT
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-cache-hits: 1, 2

GET
H2 200 lazy.gif
www.varian.com/sites/all/themes/varian_bootstrap/images/ 42 B
200 B 113ms
100ms Image
image/gif 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.varian.com/sites/all/themes/varian_bootstrap/images/lazy.gif

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
via: 1.1 varnish, 1.1 varnish
x-platform-server: i-052edb9d6808215c1
age: 271
x-cache: HIT, HIT
status: 200
content-length: 42
x-request-id: cjxsr4ps324hd24wifjrnkyq
x-served-by: cache-iad2124-IAD, cache-ams21030-AMS
last-modified: Mon, 17 Jun 2019 15:43:04 GMT
etag: "5d07b508-2a"
strict-transport-security: max-age=900
content-type: image/gif
expires: Sun, 23 Jun 2019 17:20:09 GMT
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-cache-hits: 1, 2

GET
H2 200 phishing_small.jpg
www.varian.com/sites/default/files/ 58 KB
58 KB 31ms
13ms Image
image/jpeg 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.varian.com/sites/default/files/phishing_small.jpg

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

6b03344710b3004beecb8645a7679bb057d65bf1faf1cb41f542ba74a09eb76f

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
via: 1.1 varnish, 1.1 varnish
x-platform-server: i-05e86949aa238c1c7
age: 169
x-cache: HIT, HIT
status: 200
content-length: 59440
x-request-id: o7xsji4lunyxa4y7d3wdl4yl
x-served-by: cache-iad2142-IAD, cache-ams21030-AMS
last-modified: Mon, 27 Aug 2018 17:04:46 GMT
etag: "5b842f2e-e830"
strict-transport-security: max-age=900
content-type: image/jpeg
expires: Tue, 25 Jun 2019 06:08:08 GMT
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-cache-hits: 1, 2

GET
H2 200 phish_circle.jpg
www.varian.com/sites/default/files/ 16 KB
16 KB 17ms
15ms Image
image/jpeg 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.varian.com/sites/default/files/phish_circle.jpg

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

e6b29b31a54468f48b1d9afca085ff9519528225005003fe6c61d7d9b5e98606

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
via: 1.1 varnish, 1.1 varnish
x-platform-server: i-05e86949aa238c1c7
age: 169
x-cache: HIT, HIT
status: 200
content-length: 16665
x-request-id: eaawfjynz5czdyy6z3o666sy
x-served-by: cache-iad2147-IAD, cache-ams21030-AMS
last-modified: Mon, 27 Aug 2018 17:05:19 GMT
etag: "5b842f4f-4119"
strict-transport-security: max-age=900
content-type: image/jpeg
expires: Tue, 25 Jun 2019 06:08:08 GMT
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-cache-hits: 1, 2

GET
H2 200 logoFooter.png
www.varian.com/sites/all/themes/varian_bootstrap/images/ 23 KB
24 KB 14ms
13ms Image
image/png 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.varian.com/sites/all/themes/varian_bootstrap/images/logoFooter.png

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

a6c60b251a29da5144ea1a00e54507aea9d39280482c2810f3539b2786b60b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
via: 1.1 varnish, 1.1 varnish
x-platform-server: i-0a340618b900f1e59
age: 271
x-cache: HIT, HIT
status: 200
content-length: 24014
x-request-id: iw7jgusigmepmeygegf4font
x-served-by: cache-iad2124-IAD, cache-ams21030-AMS
last-modified: Mon, 17 Jun 2019 15:43:04 GMT
etag: "5d07b508-5dce"
strict-transport-security: max-age=900
content-type: image/png
expires: Sun, 23 Jun 2019 22:06:43 GMT
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-cache-hits: 1, 70

GET
H2 200 bootstrap.js Show response
www.varian.com/sites/all/themes/bootstrap/js/ 10 KB
3 KB 32ms
12ms Script
application/javascript 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.varian.com/sites/all/themes/bootstrap/js/bootstrap.js?ptn4wd

Requested by

Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

0c8a4fa988b7615aa50d5322931e3031ca3d79fdbda4fe47d5dd2eeed05a3d72

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Referer: https://www.varian.com/you-have-been-phished-vit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Jun 2019 08:15:30 GMT
content-encoding: gzip
x-platform-server: i-052edb9d6808215c1
age: 240
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 2
strict-transport-security: max-age=900
content-length: 3142
x-request-id: emflakzwr5wq75uaw56ahj66
x-served-by: cache-iad2137-IAD, cache-ams21030-AMS
last-modified: Mon, 17 Jun 2019 15:43:04 GMT
etag: W/"5d07b508-26bb"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
x-debug-info: eyJyZXRyaWVzIjowfQ==
expires: Tue, 25 Jun 2019 06:10:09 GMT

GET
H2 200 analytics.js Show response
www.varian.com/sites/default/files/googleanalytics/ 43 KB
17 KB 27ms
26ms Script
application/javascript 151.101.38.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://www.varian.com/sites/default/files/googleanalytics/analytics.js?ptn4wd
Requested by: Host: www.varian.com
URL: https://www.varian.com/you-have-been-phished-vit
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.38.133 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Res

www.varian.com Open in urlscan Pro 151.101.38.133

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

117 Requests

95 %HTTPS

37 %IPv6

24 Domains

28 Subdomains

25 IPs

5 Countries

1418 kBTransfer

2757 kBSize

0 Cookies

22 Outgoing links

Page URL History

Redirected requests

117 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.varian.com
151.101.38.133

Screenshot
Live screenshot

Full Image

117
Requests

95 %
HTTPS

37 %
IPv6

24
Domains

28
Subdomains

25
IPs

5
Countries

1418 kB
Transfer

2757 kB
Size

0
Cookies

117 HTTP transactions
0 data transactions